Hi,
I am looking for some assistance with my daughter's computer. I did a scan with Malwarebytes and pasted below. What brought this to our attention was that the bank locked her out of her account and said that there may be a possible hack or something. Not knowing how it would relate to a bug in her computer, my daughter asked me to scan it. I want to make sure that Malwarebytes got it all and if there is any other scanning programs we can use or are we good as is? As i type, there is a major lag, so not sure if that's a part of this issue or not. I appreciate any advice Thank you
<?xml version="1.0" encoding="UTF-16"?>
<mbam-log>
<header><date>2016/05/16 16:26:16 -0700
</date><logfile>mbam-log-2016-05-16 (16-26-03).xml
</logfile><isadmin>yes
</isadmin></header><engine><version>2.2.1.1043</version><malware-database>v2016.05.16.05</malware-database><rootkit-database>v2016.05.06.01</rootkit-database><license>trial</license><file-protection>enabled</file-protection><web-protection>enabled</web-protection><self-protection>disabled</self-protection></engine><system><hostname>RICHELLE</hostname><ip>192.168.1.77</ip><osversion>Windows 10</osversion><arch>x64</arch><username>Richelle</username><filesys>NTFS</filesys></system><summary><type>threat</type><result>completed</result><objects>340663</objects>
<time>3147</time><processes>1</processes><modules>0</modules><keys>9</keys><values>10</values><datas>0</datas><folders>4</folders><files>30</files><sectors>0</sectors></summary><options><memory>enabled</memory><startup>enabled</startup><filesystem>enabled</filesystem><archives>enabled</archives><rootkits>disabled</rootkits><deeprootkit>disabled</deeprootkit><heuristics>enabled</heuristics><pup>enabled</pup><pum>enabled</pum></options><items><process><path>C:\Users\Richelle\AppData\Local\Search Extensions\Client.exe</path><vendor>PUP.Optional.RocketTab</vendor><action>delete-on-reboot</action><pid>8344</pid><hash>f2a332a42c6d8ea8014e13374ab67090</hash></process><key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BrowserSafeguard</path><vendor>PUP.Optional.IBryte</vendor><action>success</action><hash>227380560a8f6dc94fa2ec35629f54ac</hash></key><key><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RocketTab</path><vendor>Trojan.Dropper.MSIL</vendor><action>success</action><hash>9cf9696d2b6e42f489e1cc4f0df7b54b</hash></key><key><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RocketTab</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></key><key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\GPUpdateCheck</path><vendor>PUP.Optional.GetPrivate</vendor><action>delete-on-reboot</action><hash>7a1bb91da1f8280ec7c0daa361a2758b</hash></key><key><path>HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>672e84526f2a13230ac5d2a1c93a7090</hash></key><key><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\RocketTabInstalled</path><vendor>PUP.Optional.RocketTab.PrxySvrRST</vendor><action>success</action><hash>fb9a7561603987af2183615cf70bf20e</hash></key><key><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\Wajam</path><vendor>PUP.Optional.Wajam</vendor><action>success</action><hash>049185515643ed491fac395bdb28ae52</hash></key><key><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\WajIEnhance</path><vendor>PUP.Optional.Wajam</vendor><action>success</action><hash>474e01d514856cca4588385c5aa936ca</hash></key><key><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9C9E6584-F5F0-11E4-8263-9CD21EC1C6B4}</path><vendor>PUP.Optional.HomePageHelper</vendor><action>success</action><hash>910496406732b87e0014c8b79d66619f</hash></key><value><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path><valuename>RocketTab</valuename><vendor>PUP.Optional.RocketTab</vendor><action>success</action><valuedata>"C:\Users\Richelle\AppData\Local\Search Extensions\Client.exe"</valuedata><hash>f2a332a42c6d8ea8014e13374ab67090</hash></value><value><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path><valuename>BrowserSafeguard Update Task</valuename><vendor>PUP.Optional.IBryte</vendor><action>success</action><valuedata>"C:\Program Files (x86)\BrowserSafeguard\uninstall.BrowserSafeguard.exe" /CheckUpdate=true</valuedata><hash>227380560a8f6dc94fa2ec35629f54ac</hash></value><value><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path><valuename>RocketTab Update Task</valuename><vendor>Trojan.Dropper.MSIL</vendor><action>success</action><valuedata>"C:\Users\Richelle\AppData\Local\Search Extensions\uninstall.exe" /CheckUpdate=true</valuedata><hash>9cf9696d2b6e42f489e1cc4f0df7b54b</hash></value><value><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path><valuename>RocketTab Update Task</valuename><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><valuedata>"C:\Users\Richelle\AppData\Local\Search Extensions\uninstall.exe" /CheckUpdate=true</valuedata><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></value><value><path>HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD</path><valuename>sourceid</valuename><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><valuedata>browsersafeguard-rockettab-spigot</valuedata><hash>672e84526f2a13230ac5d2a1c93a7090</hash></value><value><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path><valuename>BrowserSafeguard</valuename><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><valuedata>"C:\Program Files (x86)\BrowserSafeguard\BrowserSafeguard.exe"</valuedata><hash>55408155bcddc373389abcb712f108f8</hash></value><value><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9C9E6584-F5F0-11E4-8263-9CD21EC1C6B4}</path><valuename>FaviconURL</valuename><vendor>PUP.Optional.HomePageHelper</vendor><action>success</action><valuedata>http://homepage-web.com/favicon.ico</valuedata><hash>910496406732b87e0014c8b79d66619f</hash></value><value><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9C9E6584-F5F0-11E4-8263-9CD21EC1C6B4}</path><valuename>FaviconURLFallback</valuename><vendor>PUP.Optional.HomePageHelper</vendor><action>success</action><valuedata>http://homepage-web.com/favicon.ico</valuedata><hash>b7dedcfa08912e082ee6dfa0cd36e21e</hash></value><value><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9C9E6584-F5F0-11E4-8263-9CD21EC1C6B4}</path><valuename>TopResultURL</valuename><vendor>PUP.Optional.HomePageHelper</vendor><action>success</action><valuedata>http://search.homepa...q={searchTerms}</valuedata><hash>7d18c80e2475df579a7a5728e61deb15</hash></value><value><path>HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9C9E6584-F5F0-11E4-8263-9CD21EC1C6B4}</path><valuename>URL</valuename><vendor>PUP.Optional.HomePageHelper</vendor><action>success</action><valuedata>http://search.homepa...q={searchTerms}</valuedata><hash>0d881db94e4b81b559bbe59a2bd89c64</hash></value><folder><path>C:\Users\Richelle\AppData\Local\Search Extensions</path><vendor>PUP.Optional.SearchExtensions</vendor><action>delete-on-reboot</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></folder><folder><path>C:\Users\Richelle\AppData\Local\Search Extensions\Resources</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></folder><folder><path>C:\Program Files (x86)\BrowserSafeguard</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>9cf93e989dfc979f11965b2970923bc5</hash></folder><folder><path>C:\Program Files (x86)\BrowserSafeguard\Resources</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>9cf93e989dfc979f11965b2970923bc5</hash></folder><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\Client.exe</path><vendor>PUP.Optional.RocketTab</vendor><action>delete-on-reboot</action><hash>f2a332a42c6d8ea8014e13374ab67090</hash></file><file><path>C:\Program Files (x86)\BrowserSafeguard\uninstall.BrowserSafeguard.exe</path><vendor>PUP.Optional.IBryte</vendor><action>success</action><hash>227380560a8f6dc94fa2ec35629f54ac</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\uninstall.exe</path><vendor>Trojan.Dropper.MSIL</vendor><action>success</action><hash>9cf9696d2b6e42f489e1cc4f0df7b54b</hash></file><file><path>C:\Users\Richelle\AppData\Local\Temp\rt-update.exe</path><vendor>Adware.IBryte</vendor><action>success</action><hash>7d1809cd1e7b1e180526ea3e36ceb24e</hash></file><file><path>C:\Users\Richelle\AppData\Local\Temp\gb-installer-core.exe</path><vendor>Trojan.Dropper.MSIL</vendor><action>success</action><hash>2a6bb91d07928aac32383be0c34159a7</hash></file><file><path>C:\Users\Richelle\AppData\Local\50fc6166-b018-4bfc-9e3b-f40b2691eb10\sysad.exe</path><vendor>PUP.Optional.IBryte</vendor><action>success</action><hash>029353838910c47224cbf42d9d6410f0</hash></file><file><path>C:\Windows\System32\Tasks\GPUpdateCheck</path><vendor>PUP.Optional.GetPrivate</vendor><action>success</action><hash>1184a432891077bf3f4582fbdf243cc4</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\uninstall.exe</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\certmanager.exe</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\gbdata.txt</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\makecert.exe</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\TrustedRoot.cer</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\Resources\certutil.exe</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\Resources\libnspr4.dll</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\Resources\libplc4.dll</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\Resources\libplds4.dll</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\Resources\nss3.dll</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\Resources\smime3.dll</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></file><file><path>C:\Users\Richelle\AppData\Local\Search Extensions\Resources\softokn3.dll</path><vendor>PUP.Optional.SearchExtensions</vendor><action>success</action><hash>6d28dff7524764d2bf5cd2bb0003ca36</hash></file><file><path>C:\Program Files (x86)\BrowserSafeguard\BrowserSafeguard.exe</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>55408155bcddc373389abcb712f108f8</hash></file><file><path>C:\Program Files (x86)\BrowserSafeguard\config.dat</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>9cf93e989dfc979f11965b2970923bc5</hash></file><file><path>C:\Program Files (x86)\BrowserSafeguard\makecert.exe</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>9cf93e989dfc979f11965b2970923bc5</hash></file><file><path>C:\Program Files (x86)\BrowserSafeguard\TrustedRoot.cer</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>9cf93e989dfc979f11965b2970923bc5</hash></file><file><path>C:\Program Files (x86)\BrowserSafeguard\Resources\certutil.exe</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>9cf93e989dfc979f11965b2970923bc5</hash></file><file><path>C:\Program Files (x86)\BrowserSafeguard\Resources\libnspr4.dll</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>9cf93e989dfc979f11965b2970923bc5</hash></file><file><path>C:\Program Files (x86)\BrowserSafeguard\Resources\libplc4.dll</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>9cf93e989dfc979f11965b2970923bc5</hash></file><file><path>C:\Program Files (x86)\BrowserSafeguard\Resources\libplds4.dll</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>9cf93e989dfc979f11965b2970923bc5</hash></file><file><path>C:\Program Files (x86)\BrowserSafeguard\Resources\nss3.dll</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>9cf93e989dfc979f11965b2970923bc5</hash></file><file><path>C:\Program Files (x86)\BrowserSafeguard\Resources\smime3.dll</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>9cf93e989dfc979f11965b2970923bc5</hash></file><file><path>C:\Program Files (x86)\BrowserSafeguard\Resources\softokn3.dll</path><vendor>PUP.Optional.BrowserSafeGuard</vendor><action>success</action><hash>9cf93e989dfc979f11965b2970923bc5</hash></file></items>
</mbam-log>
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-05-2016
Ran by Richelle (administrator) on RICHELLE (16-05-2016 18:42:34)
Running from C:\Users\Richelle\Downloads
Loaded Profiles: Richelle (Available Profiles: Richelle)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
(Intel® Corporation) C:\Program Files\Intel Corporation\Intel® Technology Access\LegacyCsLoaderService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel® Corporation) C:\Program Files\Intel Corporation\Intel® Technology Access\IntelTechnologyAccessService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Pokki) C:\Users\Richelle\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Richelle\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Pokki) C:\Users\Richelle\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
() C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.168_none_76587b40265ca57e\TiWorker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Farbar) C:\Users\Richelle\Downloads\FRST64 (2).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2033792 2016-04-12] (Hola Networks Ltd.) <===== ATTENTION
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440 2016-04-20] (Acer)
HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53760128 2015-07-18] (Skype Technologies S.A.)
HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\...\Run: [Spotify Web Helper] => C:\Users\Richelle\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-09-12] (Spotify Ltd)
HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\...\RunOnce: [Uninstall C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\...\RunOnce: [Uninstall C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\FileSyncShell64.dll [2016-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\FileSyncShell64.dll [2016-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\FileSyncShell64.dll [2016-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncShell.dll [2016-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncShell.dll [2016-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncShell.dll [2016-04-21] (Microsoft Corporation)
Startup: C:\Users\Richelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-02-24]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.171.114
Tcpip\..\Interfaces\{85aa3eeb-cbc8-47b8-9ffa-75161188b6fb}: [DhcpNameServer] 192.168.1.254 75.153.171.114
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ca/?pc=UE01&ocid=UE01DHP
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://ca.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://ca.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4087628617-3366404376-2614799664-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://ca.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4087628617-3366404376-2614799664-1001 -> {B3B326B4-8585-4271-9E50-4A40CCF20088} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-21] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-27] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-27] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-4087628617-3366404376-2614799664-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Richelle\AppData\Roaming\Mozilla\Firefox\Profiles\9lystlbs.default-1457927501802
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-19] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-12-11] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-06-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-12-11] (Adobe Systems)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Richelle\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-04-06] ()
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Richelle\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-04-06] (Hola)
Chrome:
=======
CHR HomePage: Default -> hxxp://google.ca/
CHR StartupUrls: Default -> "hxxp://google.ca/"
CHR Profile: C:\Users\Richelle\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Richelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-17]
CHR Extension: (Google Docs) - C:\Users\Richelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-17]
CHR Extension: (Google Drive) - C:\Users\Richelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Richelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Richelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Sheets) - C:\Users\Richelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-17]
CHR Extension: (Google Docs Offline) - C:\Users\Richelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Richelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-05-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-21]
CHR Extension: (Gmail) - C:\Users\Richelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-17]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [5491328 2016-04-12] (Hola Networks Ltd.) <==== ATTENTION
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8126592 2015-11-09] (Hola Networks Ltd.) <==== ATTENTION
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328624 2015-10-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
S3 Intel® TA SAM; C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18064 2015-04-18] ()
R2 Intel® Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel® Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel® Corporation)
R2 Intel® TechnologyAccessService; C:\Program Files\Intel Corporation\Intel® Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel® Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-16] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2014-06-10] (Apple Inc.) [File not signed]
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-16 18:42 - 2016-05-16 18:42 - 02382336 _____ (Farbar) C:\Users\Richelle\Downloads\FRST64 (2).exe
2016-05-16 18:41 - 2016-05-16 18:42 - 02382336 _____ (Farbar) C:\Users\Richelle\Downloads\FRST64 (1).exe
2016-05-16 18:38 - 2016-05-16 18:38 - 00000000 ___HD C:\OneDriveTemp
2016-05-16 18:36 - 2016-05-16 18:36 - 00000000 ____D C:\WINDOWS\LastGood
2016-05-16 16:25 - 2016-05-16 18:33 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-16 16:24 - 2016-05-16 16:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-16 16:24 - 2016-05-16 16:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-16 16:24 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-16 16:24 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-16 16:24 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-16 16:22 - 2016-05-16 16:23 - 22851472 _____ (Malwarebytes ) C:\Users\Richelle\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-16 15:57 - 2016-05-16 16:00 - 00053659 _____ C:\Users\Richelle\Downloads\Addition.txt
2016-05-16 15:54 - 2016-05-16 18:42 - 00026566 _____ C:\Users\Richelle\Downloads\FRST.txt
2016-05-16 15:52 - 2016-05-16 18:42 - 00000000 ____D C:\FRST
2016-05-16 15:51 - 2016-05-16 15:52 - 02382336 _____ (Farbar) C:\Users\Richelle\Downloads\FRST64.exe
2016-05-10 22:28 - 2016-04-22 21:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-10 22:28 - 2016-04-22 21:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-10 22:28 - 2016-04-22 21:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-10 22:28 - 2016-04-22 21:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-10 22:28 - 2016-04-22 21:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-10 22:28 - 2016-04-22 21:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-10 22:28 - 2016-04-22 21:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-10 22:28 - 2016-04-22 21:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-10 22:28 - 2016-04-22 21:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-10 22:28 - 2016-04-22 21:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-10 22:28 - 2016-04-22 21:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-10 22:27 - 2016-04-29 23:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-10 22:27 - 2016-04-22 23:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-10 22:27 - 2016-04-22 23:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-10 22:27 - 2016-04-22 23:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-10 22:27 - 2016-04-22 22:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-10 22:27 - 2016-04-22 22:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-10 22:27 - 2016-04-22 22:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-10 22:27 - 2016-04-22 22:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-10 22:27 - 2016-04-22 22:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-10 22:27 - 2016-04-22 22:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-10 22:27 - 2016-04-22 22:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-10 22:27 - 2016-04-22 22:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-10 22:27 - 2016-04-22 22:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-10 22:27 - 2016-04-22 22:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-10 22:27 - 2016-04-22 22:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-10 22:27 - 2016-04-22 22:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-10 22:27 - 2016-04-22 21:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-10 22:27 - 2016-04-22 21:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-10 22:27 - 2016-04-22 21:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-10 22:27 - 2016-04-22 21:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-10 22:27 - 2016-04-22 21:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-10 22:27 - 2016-04-22 21:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-10 22:27 - 2016-04-22 21:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-10 22:27 - 2016-04-22 21:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-10 22:27 - 2016-04-22 21:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-10 22:27 - 2016-04-22 21:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-10 22:27 - 2016-04-22 21:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-10 22:27 - 2016-04-22 21:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-10 22:27 - 2016-04-22 21:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-10 22:27 - 2016-04-22 21:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-10 22:27 - 2016-04-22 21:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-10 22:27 - 2016-04-22 21:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-10 22:27 - 2016-04-22 21:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-10 22:27 - 2016-04-22 21:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-10 22:27 - 2016-04-22 21:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-10 22:27 - 2016-04-22 21:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-10 22:27 - 2016-04-22 21:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-10 22:27 - 2016-04-22 21:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-10 22:27 - 2016-04-22 21:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-10 22:27 - 2016-04-22 21:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-10 22:27 - 2016-04-22 21:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-10 22:27 - 2016-04-22 21:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-10 22:27 - 2016-04-22 21:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-10 22:27 - 2016-04-22 21:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-10 22:26 - 2016-05-05 21:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-10 22:26 - 2016-05-05 21:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-10 22:26 - 2016-05-05 21:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-10 22:26 - 2016-05-05 20:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-10 22:26 - 2016-05-05 20:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-10 22:26 - 2016-05-05 20:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-10 22:26 - 2016-05-05 20:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-10 22:26 - 2016-05-05 20:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-10 22:26 - 2016-04-29 23:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-10 22:26 - 2016-04-22 23:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-10 22:26 - 2016-04-22 23:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-10 22:26 - 2016-04-22 23:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-10 22:26 - 2016-04-22 23:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-10 22:26 - 2016-04-22 23:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-10 22:26 - 2016-04-22 22:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-10 22:26 - 2016-04-22 22:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-10 22:26 - 2016-04-22 22:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-10 22:26 - 2016-04-22 22:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-10 22:26 - 2016-04-22 22:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-10 22:26 - 2016-04-22 22:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-10 22:26 - 2016-04-22 22:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-10 22:26 - 2016-04-22 22:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-10 22:26 - 2016-04-22 22:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-10 22:26 - 2016-04-22 22:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-10 22:26 - 2016-04-22 22:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-10 22:26 - 2016-04-22 22:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-10 22:26 - 2016-04-22 22:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-10 22:26 - 2016-04-22 22:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-10 22:26 - 2016-04-22 22:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-10 22:26 - 2016-04-22 22:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-10 22:26 - 2016-04-22 22:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-10 22:26 - 2016-04-22 22:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-10 22:26 - 2016-04-22 22:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-10 22:26 - 2016-04-22 22:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-10 22:26 - 2016-04-22 22:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-10 22:26 - 2016-04-22 22:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-10 22:26 - 2016-04-22 22:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-10 22:26 - 2016-04-22 22:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-10 22:26 - 2016-04-22 22:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-10 22:26 - 2016-04-22 22:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-10 22:26 - 2016-04-22 22:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-10 22:26 - 2016-04-22 22:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-10 22:26 - 2016-04-22 22:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-10 22:26 - 2016-04-22 22:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-10 22:26 - 2016-04-22 22:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-10 22:26 - 2016-04-22 22:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-10 22:26 - 2016-04-22 22:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-10 22:26 - 2016-04-22 22:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-10 22:26 - 2016-04-22 22:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-10 22:26 - 2016-04-22 22:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-10 22:26 - 2016-04-22 22:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-10 22:26 - 2016-04-22 22:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-10 22:26 - 2016-04-22 22:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-10 22:26 - 2016-04-22 22:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-10 22:26 - 2016-04-22 22:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-10 22:26 - 2016-04-22 22:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-10 22:26 - 2016-04-22 22:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-10 22:26 - 2016-04-22 22:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-10 22:26 - 2016-04-22 22:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-10 22:26 - 2016-04-22 22:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-10 22:26 - 2016-04-22 22:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-10 22:26 - 2016-04-22 22:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-10 22:26 - 2016-04-22 22:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-10 22:26 - 2016-04-22 22:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-10 22:26 - 2016-04-22 21:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-10 22:26 - 2016-04-22 21:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-10 22:26 - 2016-04-22 21:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-10 22:26 - 2016-04-22 21:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-10 22:26 - 2016-04-22 21:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-10 22:26 - 2016-04-22 21:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-10 22:26 - 2016-04-22 21:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-10 22:26 - 2016-04-22 21:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-10 22:26 - 2016-04-22 21:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-10 22:26 - 2016-04-22 21:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-10 22:26 - 2016-04-22 21:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-10 22:26 - 2016-04-22 21:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-10 22:26 - 2016-04-22 21:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-10 22:26 - 2016-04-22 21:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-10 22:26 - 2016-04-22 21:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-10 22:26 - 2016-04-22 21:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-10 22:26 - 2016-04-22 21:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-10 22:26 - 2016-04-22 21:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-10 22:26 - 2016-04-22 21:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-10 22:26 - 2016-04-22 21:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-10 22:26 - 2016-04-22 21:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-10 22:26 - 2016-04-22 21:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-10 22:26 - 2016-04-22 21:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-10 22:26 - 2016-04-22 21:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-10 22:26 - 2016-04-22 21:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-10 22:26 - 2016-04-22 21:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-10 22:26 - 2016-04-22 21:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-10 22:26 - 2016-04-22 21:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-10 22:26 - 2016-04-22 21:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-10 22:26 - 2016-04-22 21:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-10 22:26 - 2016-04-22 21:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-10 22:26 - 2016-04-22 21:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-10 22:26 - 2016-04-22 21:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-10 22:26 - 2016-04-22 21:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-10 22:26 - 2016-04-22 21:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-10 22:26 - 2016-04-22 21:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-10 22:26 - 2016-04-22 21:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-10 22:26 - 2016-04-22 21:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-10 22:26 - 2016-04-22 21:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-10 22:26 - 2016-04-22 21:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-10 22:26 - 2016-04-22 21:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-10 22:26 - 2016-04-22 21:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-10 22:26 - 2016-04-22 21:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-10 22:26 - 2016-04-22 21:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-10 22:26 - 2016-04-22 21:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-10 22:26 - 2016-04-22 21:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-10 22:26 - 2016-04-22 21:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-10 22:26 - 2016-04-22 21:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-10 22:26 - 2016-04-22 21:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-10 22:26 - 2016-04-22 21:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-10 22:26 - 2016-04-22 21:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-10 22:26 - 2016-04-22 21:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-10 22:26 - 2016-04-22 21:18 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-05-10 22:26 - 2016-04-22 21:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-10 22:26 - 2016-04-22 21:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-10 22:26 - 2016-04-22 21:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-10 22:26 - 2016-04-22 21:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-10 22:26 - 2016-04-22 21:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-10 22:26 - 2016-04-22 21:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-10 22:26 - 2016-04-22 21:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-10 22:26 - 2016-04-22 21:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-10 22:26 - 2016-04-22 21:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-10 22:26 - 2016-04-22 21:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-10 22:26 - 2016-04-22 21:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-10 22:26 - 2016-04-22 21:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-10 22:26 - 2016-04-22 21:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-10 22:26 - 2016-04-22 21:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-10 22:26 - 2016-04-22 21:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-10 22:26 - 2016-04-22 21:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-10 22:26 - 2016-04-22 21:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-10 22:26 - 2016-04-22 21:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-10 22:26 - 2016-04-22 21:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-10 22:26 - 2016-04-22 21:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-10 22:26 - 2016-04-22 21:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-10 22:26 - 2016-04-22 21:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-10 22:26 - 2016-04-22 21:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-10 22:26 - 2016-04-22 21:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-10 22:26 - 2016-04-22 21:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-10 22:26 - 2016-04-22 21:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-10 22:26 - 2016-04-22 21:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-10 22:26 - 2016-04-22 21:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-10 22:26 - 2016-04-22 21:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-10 22:26 - 2016-04-22 21:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-10 22:26 - 2016-04-22 21:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-10 22:26 - 2016-04-22 21:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-10 22:26 - 2016-04-22 21:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-10 22:26 - 2016-04-22 21:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-10 22:26 - 2016-04-22 21:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-10 22:26 - 2016-04-22 21:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-10 22:26 - 2016-04-22 21:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-10 22:26 - 2016-04-22 21:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-10 22:26 - 2016-04-22 21:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-10 22:26 - 2016-04-22 21:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-10 22:26 - 2016-04-22 21:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-10 22:26 - 2016-04-22 21:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-10 22:26 - 2016-04-22 21:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-10 22:26 - 2016-04-22 21:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-10 22:26 - 2016-04-22 21:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-10 22:26 - 2016-04-22 21:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-10 22:26 - 2016-04-22 21:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-10 22:26 - 2016-04-22 20:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-10 22:26 - 2016-04-22 19:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-10 22:25 - 2016-04-22 21:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-10 22:25 - 2016-04-22 21:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-10 22:25 - 2016-04-22 21:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-10 22:25 - 2016-04-22 21:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-05-10 22:25 - 2016-04-22 21:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-10 22:25 - 2016-04-22 21:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-10 22:25 - 2016-04-22 21:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-10 22:25 - 2016-04-22 21:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-10 22:25 - 2016-04-22 21:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-10 22:25 - 2016-04-22 21:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-10 22:25 - 2016-04-22 21:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-05-10 22:25 - 2016-04-22 21:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-10 22:25 - 2016-04-22 19:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-10 22:25 - 2016-04-18 15:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-10 00:52 - 2016-05-10 00:52 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-05-10 00:52 - 2016-05-10 00:52 - 00002085 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2016-04-30 16:32 - 2016-04-30 16:32 - 00000000 ____D C:\Users\Richelle\Downloads\Photos
2016-04-30 16:29 - 2016-04-30 16:30 - 14231258 _____ C:\Users\Richelle\Downloads\Photos.zip
2016-04-29 22:44 - 2016-04-30 16:34 - 00000000 ____D C:\Users\Richelle\Downloads\for ze vlog
2016-04-29 00:23 - 2016-04-29 00:23 - 00002058 _____ C:\Users\Public\Desktop\abMusic.lnk
2016-04-26 22:06 - 2016-04-26 22:45 - 3706459309 _____ C:\Users\Richelle\Downloads\for ze vlog.zip
2016-04-26 21:59 - 2016-04-26 21:59 - 00002062 _____ C:\Users\Public\Desktop\abPhoto.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-21 06:36 - 2014-03-11 14:31 - 00000852 _____ C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 00:34 - 2014-03-11 14:31 - 00000712 _____ C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2016-05-16 18:39 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-16 18:38 - 2014-05-22 13:06 - 00000000 __RDO C:\Users\Richelle\SkyDrive
2016-05-16 18:37 - 2015-01-29 23:43 - 00000000 ____D C:\Users\Richelle\AppData\Roaming\Skype
2016-05-16 18:37 - 2014-05-22 13:05 - 00000000 ____D C:\Users\Richelle\AppData\Local\clear.fi
2016-05-16 18:36 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-16 18:33 - 2015-12-05 20:03 - 00000000 __SHD C:\Users\Richelle\IntelGraphicsProfiles
2016-05-16 18:33 - 2015-12-04 19:01 - 00000000 ____D C:\Users\Richelle
2016-05-16 18:33 - 2015-05-17 14:09 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-16 18:33 - 2014-05-22 12:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-16 17:57 - 2015-12-04 19:26 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-16 17:51 - 2015-12-04 19:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-16 17:49 - 2015-10-29 23:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-16 17:47 - 2015-10-30 02:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-16 17:47 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-16 17:47 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-16 17:47 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-16 17:47 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-16 17:46 - 2015-10-30 00:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-16 17:40 - 2015-01-12 20:54 - 00000000 ____D C:\Users\Richelle\AppData\Local\50fc6166-b018-4bfc-9e3b-f40b2691eb10
2016-05-16 17:37 - 2014-05-22 13:00 - 00000000 ____D C:\Users\Richelle\AppData\Local\SweetLabs App Platform
2016-05-16 16:21 - 2014-08-15 20:34 - 00003496 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2016-05-16 15:18 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-16 15:18 - 2014-05-22 13:02 - 00000000 ____D C:\Users\Richelle\AppData\Local\Packages
2016-05-16 15:17 - 2014-05-22 13:21 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{12996909-D0BD-4C17-81FB-BAEA99C8D4F4}
2016-05-16 15:14 - 2014-06-04 11:37 - 00000000 ____D C:\ProgramData\TEMP
2016-05-16 03:40 - 2014-06-04 11:38 - 00000000 ____D C:\Program Files (x86)\Gem Shop
2016-05-16 02:00 - 2015-08-10 14:35 - 00000000 ____D C:\Users\Richelle\AppData\Local\Adobe
2016-05-16 01:50 - 2014-07-03 10:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-15 01:14 - 2014-07-03 10:47 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-13 01:36 - 2015-05-17 14:10 - 00002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 01:36 - 2015-05-17 14:10 - 00002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-13 01:30 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-12 01:51 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-12 01:39 - 2015-08-10 14:38 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-12 01:38 - 2015-08-10 14:37 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-12 01:23 - 2014-06-12 03:08 - 00000000 ____D C:\Users\Richelle\AppData\Local\CrashDumps
2016-05-11 12:57 - 2015-10-30 00:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 12:57 - 2015-10-30 00:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-10 22:05 - 2015-05-17 14:09 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-10 22:05 - 2015-05-17 14:09 - 00003750 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 22:05 - 2015-05-17 14:09 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-10 00:52 - 2013-11-27 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-05-10 00:52 - 2013-11-27 20:09 - 00000000 ____D C:\Program Files (x86)\Acer
2016-05-04 00:10 - 2015-05-17 14:09 - 00000000 ____D C:\Users\Richelle\AppData\Local\Google
2016-05-04 00:06 - 2015-10-30 00:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-04 00:05 - 2014-06-10 13:18 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-02 18:42 - 2015-08-12 12:52 - 00000000 ____D C:\Users\Richelle\AppData\LocalLow\Adobe
2016-05-02 18:41 - 2015-10-30 00:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-04-30 22:30 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-26 21:59 - 2015-07-27 02:31 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-04-26 21:58 - 2013-11-27 19:28 - 00000000 ___HD C:\OEM
2016-04-25 00:35 - 2014-01-22 07:52 - 00221824 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2016-04-25 00:35 - 2014-01-22 07:52 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2016-04-22 00:57 - 2015-01-12 20:43 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-21 23:08 - 2014-05-23 04:43 - 00002472 _____ C:\Users\Richelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2016-04-21 23:07 - 2015-12-05 20:30 - 00003396 _____ C:\WINDOWS\System32\Tasks\SweetLabs App Platform
2016-04-21 22:36 - 2015-12-05 20:21 - 00002380 _____ C:\Users\Richelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-21 22:27 - 2015-12-04 18:51 - 05131904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-21 22:23 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-21 22:23 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
==================== Files in the root of some directories =======
2015-12-04 18:55 - 2015-12-04 18:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Program Files\Hola\app\hola.exe
Some files in TEMP:
====================
C:\Users\Richelle\AppData\Local\Temp\oct210.tmp.exe
C:\Users\Richelle\AppData\Local\Temp\oct7829.tmp.exe
C:\Users\Richelle\AppData\Local\Temp\octA34D.tmp.exe
C:\Users\Richelle\AppData\Local\Temp\octA606.tmp.exe
C:\Users\Richelle\AppData\Local\Temp\octB6E1.tmp.exe
C:\Users\Richelle\AppData\Local\Temp\octD628.tmp.exe
C:\Users\Richelle\AppData\Local\Temp\System.Data.SQLite20099.dll
C:\Users\Richelle\AppData\Local\Temp\System.Data.SQLite23677.dll
C:\Users\Richelle\AppData\Local\Temp\System.Data.SQLite35131.dll
C:\Users\Richelle\AppData\Local\Temp\System.Data.SQLite35551.dll
C:\Users\Richelle\AppData\Local\Temp\System.Data.SQLite36519.dll
C:\Users\Richelle\AppData\Local\Temp\System.Data.SQLite41357.dll
C:\Users\Richelle\AppData\Local\Temp\System.Data.SQLite45000.dll
C:\Users\Richelle\AppData\Local\Temp\System.Data.SQLite70233.dll
C:\Users\Richelle\AppData\Local\Temp\System.Data.SQLite76292.dll
C:\Users\Richelle\AppData\Local\Temp\System.Data.SQLite82899.dll
C:\Users\Richelle\AppData\Local\Temp\System.Data.SQLite90235.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-09 16:33
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-05-2016
Ran by Richelle (2016-05-16 18:45:37)
Running from C:\Users\Richelle\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-06 03:01:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4087628617-3366404376-2614799664-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4087628617-3366404376-2614799664-503 - Limited - Disabled)
Guest (S-1-5-21-4087628617-3366404376-2614799664-501 - Limited - Disabled)
Richelle (S-1-5-21-4087628617-3366404376-2614799664-1001 - Administrator - Enabled) => C:\Users\Richelle
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.00.2004.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.07.2001.5 - Acer Incorporated)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer)
Acer Games (HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.10.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8101 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.2.187 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon) <==== ATTENTION
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.17.2002.1 - Acer Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Parables: The Exiled Prince (HKLM-x32\...\BFG-Dark Parables - The Exiled Prince) (Version: - )
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
EPSON NX430 Series Printer Uninstall (HKLM\...\EPSON NX430 Series) (Version: - SEIKO EPSON Corporation)
EPSON XP-300 Series Printer Uninstall (HKLM\...\EPSON XP-300 Series) (Version: - SEIKO EPSON Corporation)
Fear for Sale: The House on Black River Collector's Edition (HKLM-x32\...\BFG-Fear for Sale - The House on Black River Collectors Edition) (Version: - )
Gem Shop (HKLM-x32\...\BFG-Gem Shop) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Grimm's Hatchery (HKLM-x32\...\BFG-Grimm's Hatchery) (Version: - )
Hola™ 1.13.72 - Better Internet (HKLM\...\Hola) (Version: 1.13.72 - Hola Networks Ltd.) <==== ATTENTION
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Insaniquarium! Deluxe (HKLM-x32\...\BFG-Insaniquarium! Deluxe) (Version: - )
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel® Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.5.0.0 - Lightworks)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B9C4E09D-2687-43BF-A937-B2F79E3A3C7F}) (Version: 7.0.1.27 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
MAGIX Video easy HD (HKLM-x32\...\MX.{4BC36B30-0E04-429C-ADBF-D0D96E31B332}) (Version: 5.0.3.106 - MAGIX Software GmbH)
MAGIX Video easy HD (Version: 5.0.3.106 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4815.1002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki (HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\...\SweetLabs_AP) (Version: 0.269.7.927 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.27041 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zuma Deluxe (HKLM-x32\...\BFG-Zuma Deluxe) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4087628617-3366404376-2614799664-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-D0C9024AF507}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-4087628617-3366404376-2614799664-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4087628617-3366404376-2614799664-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4087628617-3366404376-2614799664-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00EF55C9-B3EB-48E2-B018-47C4D12826C2} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {1440C6A4-44B1-46DD-BE2F-7946BEEC21F4} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-04-20] (Acer)
Task: {147F92C4-BAC8-4A56-B47D-655E1ABB4816} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {14D9C68A-5A9D-4BC2-B118-78174B7CBEDA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1670A8A7-9FBA-4B46-98EF-DFB8875E6FF7} - System32\Tasks\GPUpdate => C:\Program Files (x86)\GetPrivate\gpup.exe <==== ATTENTION
Task: {2153B608-F68D-42C2-97CB-5B37C52592E4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-15] (Microsoft Corporation)
Task: {241AF77C-B9E9-4E95-BF01-3F5C68911A17} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2709E286-F515-4300-B3C2-7C91CC6DB34D} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-02] (Acer Incorporate)
Task: {2CE22CD6-6F5A-4FBC-B927-717D12C5AB4A} - System32\Tasks\SweetLabs App Platform => C:\Users\Richelle\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2016-04-14] (Pokki)
Task: {41018DCF-EC30-4446-B11D-C0DD67A010B5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {429D4683-CB38-4324-80E2-C63284EC7734} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {487ADF2E-9B54-43BE-9C2E-6F99EF27058F} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-04-18] ()
Task: {48FE323B-25E4-4889-B95D-81E97931934F} - \GPUpdateCheck -> No File <==== ATTENTION
Task: {4A4D0958-387A-4D0B-A5DF-76CDD247AFEB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4CF6675D-2563-4F02-A04D-B0628E9D7453} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {502D78BD-DBE0-4789-84D9-EBFA0232A3ED} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {559DF083-C176-41C5-8548-EE6E26B66713} - System32\Tasks\
[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {59F6B9D9-1004-4FD6-8C8A-6C389706ED3F} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-12-01] (Apple Inc.)
Task: {62483C08-BCC4-4500-A69C-48C8897D91B7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {695637B1-E683-482E-B846-48E204DA500C} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {7282670D-1725-41A2-A4D1-1AC9726DB498} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-04-18] ()
Task: {7577F674-67CE-46B9-A081-49CC30076E0D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17] (Google Inc.)
Task: {7C449912-EF3F-4891-847F-40ACC1DF99A1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {84F3DB1F-3496-419D-B14C-3C60080B8EDA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {925B0DAF-2F59-43AC-A31C-8DD755E7C5BE} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate)
Task: {92F367FA-17A7-43CF-810A-DAFEB4C7C2EF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {95394F0F-A688-43B7-AC39-7CAD928DC9A8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9A12B535-7F63-4467-9C82-6B24D588118C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A396C37C-D287-44AE-B78D-F284B05561A2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {A619EA75-1121-402A-A53E-DF9C83A7B082} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {A624094B-2D45-4736-95FF-54D4FDB37805} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17] (Google Inc.)
Task: {C0ABF582-1FF4-43CA-AC72-F6A5027AC40D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-04-18] (Acer Incorporated)
Task: {C5BD190B-8B65-486F-954C-CE98F7F15148} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-09-12] (Acer Incorporated)
Task: {E3EFDAB6-5D97-4E47-AB65-3DA8918D15E5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FD949045-EE3B-43B7-8FE3-52448196E2B8} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Public\Desktop\PRIVATE WiFi.lnk -> C:\Program Files\PRIVATE WiFi\StartURL.exe () -> hxxp://www.privatewifi.com/partner/clicks.php?pid=928649&bid=76&campaign=default
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 00:17 - 2015-10-30 00:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 00:18 - 2015-10-30 00:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2011-06-17 07:49 - 2011-06-17 07:49 - 00034304 _____ () C:\WINDOWS\System32\ssp8ml6.dll
2014-06-12 03:15 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 06:45 - 2015-10-13 06:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-29 13:48 - 2015-07-29 13:48 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel® Technology Access\libglog.dll
2015-07-31 09:55 - 2015-07-31 09:55 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel® Technology Access\JsonCpp.dll
2015-07-31 09:55 - 2015-07-31 09:55 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel® Technology Access\cpprest120_1_4.dll
2016-04-13 15:35 - 2016-03-29 03:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 15:35 - 2016-03-29 03:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-14 05:23 - 2015-11-14 05:23 - 00553120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-04-21 22:36 - 2016-04-21 22:36 - 00959176 _____ () C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2015-10-27 20:51 - 2015-09-01 09:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-12-17 18:47 - 2015-12-06 21:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 22:25 - 2016-04-22 21:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-10 22:27 - 2016-04-22 21:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-10 22:27 - 2016-04-22 20:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-10 22:27 - 2016-04-22 20:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-10 22:27 - 2016-04-22 21:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-14 05:22 - 2015-11-14 05:22 - 31401120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-04-24 23:16 - 2016-04-24 23:17 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-04-18 01:55 - 2015-04-18 01:55 - 00018064 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 06:45 - 2015-10-13 06:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-10-13 06:46 - 2015-10-13 06:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-04-21 22:35 - 2016-04-21 22:35 - 00679624 _____ () C:\Users\Richelle\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2016-02-27 22:27 - 2016-02-27 22:27 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-11-16 18:43 - 2015-11-16 18:43 - 40523440 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-11-16 18:43 - 2015-11-16 18:43 - 01365680 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-11-16 18:43 - 2015-11-16 18:43 - 00219312 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
2015-12-03 05:37 - 2015-12-03 05:37 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2015-12-03 05:37 - 2015-12-03 05:37 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2015-12-03 05:37 - 2015-12-03 05:37 - 00121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2015-12-03 05:37 - 2015-12-03 05:37 - 00129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2015-12-07 02:04 - 2015-12-07 02:04 - 00158384 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\native\ProxyResolverWin.dll
2015-12-03 05:37 - 2015-12-03 05:37 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-04-22 11:56 - 2016-04-22 11:56 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-04-22 11:57 - 2016-04-22 11:57 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-04-26 21:59 - 2016-04-26 21:59 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-04-18 16:13 - 2016-04-18 16:13 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-04-18 16:11 - 2016-04-18 16:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-04-24 23:16 - 2016-04-24 23:17 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-24 23:16 - 2016-04-24 23:17 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-13 01:36 - 2016-05-11 04:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 01:36 - 2016-05-11 04:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2015-09-25 23:48 - 2015-09-25 23:48 - 00043656 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32api.pyd
2015-09-25 23:47 - 2015-09-25 23:47 - 00061576 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\pywintypes27.dll
2015-09-25 23:47 - 2015-09-25 23:47 - 00127624 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\pythoncom27.dll
2015-09-25 23:48 - 2015-09-25 23:48 - 00024200 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\_multiprocessing.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00046728 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\_ctypes.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00027784 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32service.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00024712 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\servicemanager.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00031368 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\_socket.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00445064 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\_ssl.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00288904 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\_hashlib.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00019080 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\select.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00022152 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32pipe.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00046728 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32file.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00019592 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32event.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00372360 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\_bsddb.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00026248 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32process.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00022152 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32ts.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00020616 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32profile.pyd
2015-09-25 23:48 - 2015-09-25 23:48 - 00044680 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32security.pyd
2015-04-18 01:57 - 2015-04-18 01:57 - 00043456 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\win32api.pyd
2015-04-18 01:56 - 2015-04-18 01:56 - 00061128 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\pywintypes27.dll
2015-04-18 01:55 - 2015-04-18 01:55 - 00121280 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\pythoncom27.dll
2015-04-18 01:58 - 2015-04-18 01:58 - 00024208 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\_multiprocessing.pyd
2015-04-18 01:58 - 2015-04-18 01:58 - 00029896 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\_socket.pyd
2015-04-18 01:58 - 2015-04-18 01:58 - 00443592 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\_ssl.pyd
2015-04-18 01:56 - 2015-04-18 01:56 - 00017608 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\select.pyd
2015-04-18 01:56 - 2015-04-18 01:56 - 00025208 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\servicemanager.pyd
2015-04-18 01:57 - 2015-04-18 01:57 - 00026824 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\win32service.pyd
2015-04-18 01:58 - 2015-04-18 01:58 - 00288376 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\_hashlib.pyd
2015-04-18 01:58 - 2015-04-18 01:58 - 00045256 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\_ctypes.pyd
2015-04-18 01:57 - 2015-04-18 01:57 - 00021704 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\win32pipe.pyd
2015-04-18 01:57 - 2015-04-18 01:57 - 00044688 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\win32file.pyd
2015-04-18 01:57 - 2015-04-18 01:57 - 00019656 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\win32event.pyd
2015-04-18 01:57 - 2015-04-18 01:57 - 00025536 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\win32process.pyd
2015-04-18 01:57 - 2015-04-18 01:57 - 00022648 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\win32ts.pyd
2015-04-18 01:57 - 2015-04-18 01:57 - 00020168 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\win32profile.pyd
2015-04-18 01:57 - 2015-04-18 01:57 - 00045712 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\win32security.pyd
2015-04-18 01:58 - 2015-04-18 01:58 - 00371648 _____ () C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\_bsddb.pyd
2016-02-27 22:31 - 2016-02-27 22:31 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2016-02-27 22:27 - 2016-02-27 22:27 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2016-05-13 01:36 - 2016-05-11 04:48 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:7E532047 [122]
AlternateDataStreams: C:\ProgramData\TEMP:A1D3FEF0 [392]
AlternateDataStreams: C:\ProgramData\TEMP:A3750BE5 [221]
AlternateDataStreams: C:\ProgramData\TEMP:D6D084A5 [231]
AlternateDataStreams: C:\ProgramData\TEMP:E9495818 [225]
AlternateDataStreams: C:\ProgramData\TEMP:FACB65E7 [212]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\...\hola.org -> hxxp://hola.org
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4087628617-3366404376-2614799664-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Richelle\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254 - 75.153.171.114
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{358B23C3-F2F3-482C-91FA-9CEA7D05CA2D}C:\users\richelle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\richelle\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0E406A05-AA17-437F-97EF-FDF3A9B5716E}C:\users\richelle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\richelle\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D90C3D6F-1D23-4DB5-A4DA-0265514EB6F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E4E149F-AE27-4A7A-8E98-DE3F07C379A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{C34CC886-B005-4EFC-9135-85CCFA11FD04}C:\users\richelle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\richelle\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C5D37A72-9CC9-4717-A8F0-D9664E84E0F8}C:\users\richelle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\richelle\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D35CB78A-BF63-492F-88CE-AB8ACA771390}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{DC766DA6-8166-45D6-9C3B-2E2BD6FB9720}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1E30CFEA-7BC7-4449-BDE4-80F135B2F3B6}] => (Allow) C:\Users\Richelle\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe
FirewallRules: [{ADBE9B29-2F1F-43C3-A48C-53478A173A9A}] => (Allow) C:\Users\Richelle\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe
FirewallRules: [{BA9075F0-EE7B-4284-BB2C-17EC5F95059E}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
FirewallRules: [{B69B9D17-A36A-458E-AED0-3236347BBADF}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
FirewallRules: [{3EA4E625-3096-4098-BE10-E9ADF6DD844C}] => (Allow) C:\Windows\System32\config\systemprofile\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe
FirewallRules: [{20B4E997-EFA9-4F7A-A85E-C0B294306B2B}] => (Allow) C:\Windows\System32\config\systemprofile\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe
FirewallRules: [{E6DDB6E8-7E68-4D74-BA42-A65E6C5F4F02}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{17844FCF-3485-4084-93B3-3ED1457F3A23}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{674A4E07-E2C5-4726-8C92-C616C55FA6F1}] => (Allow) LPort=1900
FirewallRules: [{218799CA-4A94-46F1-99B9-7636D176DE95}] => (Allow) LPort=2869
FirewallRules: [{F9E3E0F6-5AF7-4FF4-AB5F-3317AA4E60A8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8A8CB765-0830-457E-BC72-1CD676D8A6C0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D1FCE92A-9EF3-42DB-9ED7-CEC79AB2B214}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{28B11259-E16D-4484-904A-F43B32270645}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B1FEF0F6-7A7E-4283-A46B-DF3FAB6582D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3A94FC58-52F7-4F0B-9ED7-C2AA472147D3}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{CE9E2B6C-D456-441F-B7EA-B278AFEA1ECB}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{32A88D38-2C73-42A2-99CC-4745F510DED5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{11CF3DD9-D31F-4603-AF44-02F44F101361}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FE64C980-837E-4D32-BAB8-62BB7F3ED552}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8F41934E-811E-452A-BF53-F6E5958BEB05}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5E6E1ACE-08BB-4B11-B2E1-B4299CCDD914}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{BEB32C53-E178-45D2-9DA7-0D1B0FF2CD47}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{B6CF07FF-4F0A-4296-B378-AD2B6EAC5AD9}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4F2C5A4F-4C77-49BE-A708-66E35504D113}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{0761B777-A30F-4184-8BE5-A949CD202474}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{7D4005B0-0E5D-47C6-AB0A-9CCC39FCF179}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{DD202903-CE20-4BB5-BE25-4C0FA2E87DCD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{6A580EB0-F4EE-4F1F-9E32-A397940FEB26}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{14D2A2D7-11A8-4D60-B167-109ECC6C3904}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{C092BABD-6B35-460C-BA01-023E7A070F81}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{E9F17E86-CFEC-4312-8B19-0CD436DDCD3D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{22E26255-6C13-4B29-9901-BA96BD5895BB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{5C06816D-2A31-4ACB-8A38-B7B1E9C4947A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{E82E45B9-83A9-47EE-9CE5-479E56A3559B}] => (Allow) C:\Users\Richelle\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{6A374BD1-0758-4CF7-96B6-6AB605C35547}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3121764E-3455-4D8C-98CF-C1126EBE2C74}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{ECECFCA7-D9FE-4607-A7B6-78CAC1CE08ED}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{1980D65C-DDB6-403A-8AF9-C53869E02BEE}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{98C046C9-57A3-4E68-AF7C-7DE1D7447742}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{61A5909D-A852-4DF8-A335-6E4B34EF5EF0}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{1B5618E7-5E62-4F63-969D-A3B3A30C930B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{A21902E6-CF73-4B5F-BFDD-588F58A6C458}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{063FED9B-02A8-4334-B95D-D5F2B2AF19F2}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{1FF857C7-D6B0-4F01-8971-AB85934DEB88}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{117BD703-2DB7-4008-89F3-627CFFCC0112}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{5023F97F-FA3E-4868-9715-2AF2CBBCC7D7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{48728923-D752-4E23-AF7F-6FB43FE62A3C}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{53AC7C60-C5B2-4F9D-8A97-1285E7D0AF3E}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{2FFA05BC-1230-4896-9964-6F5E13DEA569}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{C95C75CD-DFD4-43B8-8BFE-C45DA4D1990A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{F66635D2-2ED0-44D8-AB6B-A3BF3896E19B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{58572824-9E0E-49E7-AADD-A2802B005160}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{551A7C2C-2E08-44B9-8E56-789222B79B18}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{859D969C-BF26-481D-8A0E-1456A5D11FA2}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{66C3E657-884F-49A6-BB0D-C941F506E10C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{49DA17FD-57BA-496D-9AFA-F918524BED8A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{4EC76033-E2A8-4461-91F3-37E0ADCFA8C8}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{1D51AF0A-47DA-4DA5-88AA-65725FA24A2C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{9ED0B6E7-9858-4348-81CC-D6B8274D24FB}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{9C6F8B75-6DC2-4602-A409-AF41FD60C703}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{63D3B4AC-133A-427A-B7B2-C9B3A2E24CA2}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{8BB1E7B7-8CD5-44E2-940F-FCBFFBCA697D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{3C7BF91D-CC56-4D56-BAC6-4F0B613D1067}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{FF15DE47-456B-4CE8-B87B-DF2425A77355}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{F0BC6F1C-05B5-44A7-BBC4-4C7037466F09}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{874C01DC-BD90-4FB0-B932-5877A9917EA5}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{A40D2CB2-7CCA-4412-8FA1-E704DDAE6466}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{4CE79594-02E6-4D2B-BCD0-4A9682BA0B37}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{4FC5EA0B-09FB-4680-BCB4-0D1465C94EF7}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{E045EFCF-2E4B-4CA5-B8C5-9B5F6DF75882}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{45A300E1-FA83-4637-A823-C36BD5CED9A5}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{A3E77AE0-CABE-4204-85D6-AA173E79B08B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{0403CC8A-46D3-4F4A-AF93-A8B676BF67FB}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{07B06EB0-87CA-4AF8-94E3-D098B4FBCA6C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{9D7C9C39-7771-4F5F-9719-BA384B1ACB3C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{185C09FD-32F3-4EE4-AF07-EAC25E7AE9A2}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{DB1BEB6B-9F35-4FBC-8CF2-BDE605D85A14}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{75F6C636-55EF-47BC-B93B-74AF51791A88}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{2E225AC4-59DF-4729-8908-EA34B798E761}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{7EF696AC-E379-4CA3-BBD3-CC7C80957B7A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{9E9A4767-B29A-403E-AD5F-85CF0F68D31A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{872BE05D-742C-467B-BD4D-4063EB74F700}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{F2263B8D-40B9-40A8-8932-7CE6F9162B84}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{4057927B-3EC5-44CF-911C-A7DAAF94BB18}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{6C1716EC-49D3-4DFD-887F-3A6F5BEBF707}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{DF15CF2A-765D-4B7E-81D8-95C453C67BAD}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{14AE2C16-A63E-431B-8754-359D19A1D539}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{517240BD-A622-4896-8542-4DD05B6243DF}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{91F439CD-4C73-43AC-9B59-EBFAFBFAC611}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{EC06E149-1BE7-4E21-9F27-9DCE55607417}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{0104E7EF-836C-4077-9D7F-568C4D60F6C3}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{DFA80E8D-4DA6-412A-B619-F05B7371C8D7}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{76140424-2885-4639-9BD6-C0E3B41769A2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{280D6A1F-8192-48CB-9B2C-7EAA6A12A7E5}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{9002B4AA-6174-4CF6-BC71-A4FE05D6E0C6}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{120BEF27-BAB5-4749-BE59-2BC0F91F6192}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{1887A3AE-EC7E-4F74-8B19-9FD0EEB10EDB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{758EBE16-66DD-4BC2-9C14-E5BAB2A50CF1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{C01F6CD7-F237-45AA-B719-C6336B1F1299}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{79CB2087-F36E-49B7-B024-36826D29FD46}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D6B18B6A-F930-43BD-A116-DF3CC5439764}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0AC54C28-EB56-4D82-8D88-2EE3BB97D6C1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{533E221D-8A41-46C2-8346-FD2E5BF4C8EF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7AFC7BB8-6A65-4515-AC20-3E9F86D692CD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{0EB76DE8-0562-4B58-AE16-589D31803B1C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{999C7EC7-FA5B-4D10-A4AE-B4E59A9EFFB3}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{64614722-5823-4522-85C7-CE8C838C97F4}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{15929268-5694-420D-B1C8-F84152441F2A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
14-04-2016 01:28:13 Windows Update
21-04-2016 22:30:06 Intel® Technology Access
09-05-2016 16:18:27 Intel® Technology Access
15-05-2016 01:13:46 Windows Update
16-05-2016 18:32:45 Intel® Technology Access
16-05-2016 18:35:00 Intel® Technology Access
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/16/2016 06:35:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (05/16/2016 06:32:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (05/16/2016 06:06:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4407
Error: (05/16/2016 06:06:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4407
Error: (05/16/2016 06:06:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/16/2016 06:06:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3328
Error: (05/16/2016 06:06:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3328
Error: (05/16/2016 06:06:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/16/2016 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2219
Error: (05/16/2016 06:06:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2219
System errors:
=============
Error: (05/16/2016 06:36:46 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/16/2016 05:43:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_76bc2 service to connect.
Error: (05/16/2016 05:43:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_76bc2 service to connect.
Error: (05/16/2016 05:43:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_76bc2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (05/16/2016 05:43:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_76bc2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (05/16/2016 05:43:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_76bc2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (05/16/2016 05:43:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_76bc2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (05/16/2016 05:43:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (05/16/2016 05:38:58 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/16/2016 05:31:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
CodeIntegrity:
===================================
Date: 2016-05-16 17:52:32.660
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-29 00:13:19.027
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-21 22:29:32.892
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-14 23:22:40.557
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-06 12:56:22.291
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-29 11:30:02.175
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-16 00:45:12.088
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-14 22:54:18.226
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-14 02:56:35.752
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-11 22:17:18.443
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Celeron® CPU N2920 @ 1.86GHz
Percentage of memory in use: 72%
Total physical RAM: 3979.34 MB
Available physical RAM: 1113.44 MB
Total Virtual: 7691.34 MB
Available Virtual: 4484.86 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:448.69 GB) (Free:285.04 GB) NTFS
Drive d: () (Removable) (Total:3.74 GB) (Free:3.02 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Edited by krzyk4, 16 May 2016 - 09:07 PM.