Jump to content

93runner

Members
 View Profile  See their activity

  • Posts

    7

  • Joined

  • Last visited

Reputation

0 Neutral
  1. 93runner
    Thanks!!! Worked Perfectly!
  2. 93runner
    So far so good, have accessed all my accounts and not seen anything suspicious.
  3. 93runner
    Yes
  4. 93runner
    After logging back into google chrome i re-scanned with AdwCleaner and got nothing, however when i opened google the main page was protectedio.com so i knew i had to have something, scanned with Malwarebytes and got 30 threats... log i s attached MalwarebytesScan10-2-15.txt
  5. 93runner
    No problems so far, however i havent tried logging back into my google account thats typically when all the bad stuff returns
  6. 93runner
    Ok, downloaded AdwCleaner, scanned, restarted, and attached text file that opened on restart. AdwCleanerC2.txt
  7. 93runner
    Hi i cant seem to get rid of this virus, i believe it could be related to my google account as it somehow made its way to my new computer, i synced my google account, steam, and i believe my itunes over the internet. I left everything else other than what i listed on my old computer. Anyways i downloaded Farbar as the sticky requested here are the FRST.txt and Addition.txt. Thanks in advance!!! FRST.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01Ran by Roy (administrator) on ROYS-PC (29-09-2015 23:18:56)Running from C:\Users\Roy\DownloadsLoaded Profiles: Roy (Available Profiles: Roy)Platform: Windows 10 Home (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1509.5010.0_x64__8wekyb3d8bbwe\Time.exe() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.922.11070.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe(Apple Inc.) C:\Program Files\iTunes\iTunes.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-26] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)HKLM-x32\...\Run: [sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)HKLM-x32\...\Run: [updReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-07-27] ()HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exeHKU\S-1-5-21-3497494466-3614754699-1898788468-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)HKU\S-1-5-21-3497494466-3614754699-1898788468-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)HKU\S-1-5-21-3497494466-3614754699-1898788468-1001\...\MountPoints2: {2db72303-4ad8-11e5-827c-18cf5ec734b4} - "G:\TL-Bootstrap.exe" ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-08-13] (Acer Incorporated)ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-08-13] (Acer Incorporated)ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-08-13] (Acer Incorporated) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [s-1-5-21-3497494466-3614754699-1898788468-1001] => Proxy is enabled.Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75Tcpip\..\Interfaces\{76c4c311-0bf4-4202-8fcf-e7fe5d6c29ad}: [DhcpNameServer] 68.87.66.234 162.150.8.16Tcpip\..\Interfaces\{e2759215-6d89-477d-9f98-6cb00346a78c}: [DhcpNameServer] 75.75.76.76 75.75.75.75 Internet Explorer:==================HKU\S-1-5-21-3497494466-3614754699-1898788468-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.protectedio.com/?u=15b556f79839da634db414c116928c7b&c=p1&src=hp&inst=1443414353HKU\S-1-5-21-3497494466-3614754699-1898788468-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJBSearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=15b556f79839da634db414c116928c7b&c=p1&src=srch&inst=1443414353SearchScopes: HKLM-x32 -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=15b556f79839da634db414c116928c7b&c=p1&src=srch&inst=1443414353SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3497494466-3614754699-1898788468-1001 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=15b556f79839da634db414c116928c7b&c=p1&src=srch&inst=1443414353SearchScopes: HKU\S-1-5-21-3497494466-3614754699-1898788468-1001 -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=15b556f79839da634db414c116928c7b&c=p1&src=srch&inst=1443414353SearchScopes: HKU\S-1-5-21-3497494466-3614754699-1898788468-1001 -> {CC1FA17D-583B-4808-9F7A-2AB95D9C7B8D} URL = BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-06] (Oracle Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-06] (Oracle Corporation) FireFox:========FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-15] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-15] (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-06] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-06] (Oracle Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) Chrome: =======CHR HomePage: Default -> hxxps://www.google.com/?gws_rd=sslCHR StartupUrls: Default -> "hxxps://search.protectedio.com/?u=25c56607a849ea4f66deb5ba16928c7b&c=p1&src=hp&inst=1443414353"CHR DefaultSearchURL: Default -> hxxps://search.protectedio.com/search.php/?q={searchTerms}&u=25c56607a849ea4f66deb5ba16928c7b&c=p1&src=srch&inst=1443414353CHR DefaultSearchKeyword: Default -> psearchsrchCHR Profile: C:\Users\Roy\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-05]CHR Extension: (Google Docs) - C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-05]CHR Extension: (Google Drive) - C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-05]CHR Extension: (YouTube) - C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-05]CHR Extension: (Adblock Plus) - C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-05]CHR Extension: (Google Search) - C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-05]CHR Extension: (Tampermonkey) - C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-05-05]CHR Extension: (Google Sheets) - C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-05]CHR Extension: (Google Docs Offline) - C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]CHR Extension: (Chrome Web Store Payments) - C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-05]CHR Extension: (Gmail) - C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-05]CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found> ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated)S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-09-25] (Creative Labs) [File not signed]S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-09-25] (Creative Labs) [File not signed]R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-26] (NVIDIA Corporation)R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-15] (Intel Corporation)S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-26] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-26] (NVIDIA Corporation)R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-14] (acer)R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\Windows\System32\drivers\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.)R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation)S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-29] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-15] (Intel Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-26] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-29 23:18 - 2015-09-29 23:19 - 00019446 _____ C:\Users\Roy\Downloads\FRST.txt2015-09-29 23:18 - 2015-09-29 23:18 - 02192384 _____ (Farbar) C:\Users\Roy\Downloads\FRST64.exe2015-09-29 23:18 - 2015-09-29 23:18 - 00000000 ____D C:\FRST2015-09-29 22:23 - 2015-09-29 22:23 - 00016148 _____ C:\WINDOWS\system32\ROYS-PC_Roy_HistoryPrediction.bin2015-09-27 23:06 - 2015-09-27 23:08 - 00000000 ____D C:\TDSSKiller_Quarantine2015-09-27 13:44 - 2015-09-28 02:16 - 00000000 ____D C:\Program Files (x86)\Softcomp Software2015-09-26 23:41 - 2015-09-26 23:41 - 00001573 _____ C:\Users\Roy\Downloads\_Submod_Radious_Raze_barbaric.pack2015-09-26 23:41 - 2015-09-26 23:41 - 00001573 _____ C:\Users\Roy\Downloads\_Submod_Radious_Raze_barbaric (1).pack2015-09-18 21:11 - 2015-09-18 21:11 - 00000000 ____D C:\Users\Roy\AppData\Roaming\GeoGebra 5.02015-09-16 17:21 - 2015-09-16 17:21 - 00001826 _____ C:\Users\Public\Desktop\iTunes.lnk2015-09-16 17:21 - 2015-09-16 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2015-09-16 17:21 - 2015-09-16 17:21 - 00000000 ____D C:\Program Files\iTunes2015-09-16 17:21 - 2015-09-16 17:21 - 00000000 ____D C:\Program Files\iPod2015-09-16 17:21 - 2015-09-16 17:21 - 00000000 ____D C:\Program Files\Bonjour2015-09-16 17:21 - 2015-09-16 17:21 - 00000000 ____D C:\Program Files (x86)\iTunes2015-09-16 17:21 - 2015-09-16 17:21 - 00000000 ____D C:\Program Files (x86)\Bonjour2015-09-16 17:20 - 2015-09-16 17:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple2015-09-16 17:20 - 2015-09-16 17:20 - 00000000 ____D C:\Program Files (x86)\Apple Software Update2015-09-16 08:01 - 2015-09-16 08:01 - 00000000 ___RD C:\Users\Roy\3D Objects2015-09-11 09:09 - 2015-09-11 09:09 - 00015508 _____ C:\Users\Roy\Downloads\Madden_NFL_16_Player_Likeness_Update.xlsx2015-09-08 22:56 - 2015-09-01 20:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll2015-09-08 22:56 - 2015-09-01 19:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys2015-09-08 22:56 - 2015-09-01 19:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys2015-09-08 22:56 - 2015-08-27 01:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2015-09-08 22:56 - 2015-08-27 01:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe2015-09-08 22:56 - 2015-08-27 01:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll2015-09-08 22:56 - 2015-08-27 00:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2015-09-08 22:56 - 2015-08-27 00:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2015-09-08 22:56 - 2015-08-27 00:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe2015-09-08 22:56 - 2015-08-27 00:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll2015-09-08 22:56 - 2015-08-27 00:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll2015-09-08 22:56 - 2015-08-27 00:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll2015-09-08 22:56 - 2015-08-27 00:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll2015-09-08 22:56 - 2015-08-27 00:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2015-09-08 22:56 - 2015-08-27 00:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll2015-09-08 22:56 - 2015-08-27 00:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll2015-09-08 22:56 - 2015-08-27 00:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll2015-09-08 22:56 - 2015-08-27 00:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe2015-09-08 22:56 - 2015-08-27 00:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll2015-09-08 22:56 - 2015-08-27 00:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll2015-09-08 22:56 - 2015-08-27 00:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll2015-09-08 22:56 - 2015-08-27 00:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2015-09-08 22:56 - 2015-08-27 00:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll2015-09-08 22:56 - 2015-08-27 00:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll2015-09-08 22:56 - 2015-08-27 00:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll2015-09-08 22:56 - 2015-08-27 00:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll2015-09-08 22:56 - 2015-08-27 00:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll2015-09-08 22:56 - 2015-08-27 00:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll2015-09-08 22:56 - 2015-08-27 00:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll2015-09-08 22:56 - 2015-08-27 00:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll2015-09-08 22:56 - 2015-08-27 00:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2015-09-08 22:56 - 2015-08-27 00:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll2015-08-31 21:54 - 2015-08-25 09:18 - 00574072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe2015-08-31 21:53 - 2015-08-25 13:38 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll2015-08-31 21:53 - 2015-08-25 13:38 - 37819184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll2015-08-31 21:53 - 2015-08-25 13:38 - 22559352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll2015-08-31 21:53 - 2015-08-25 13:38 - 18569336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll2015-08-31 21:53 - 2015-08-25 13:38 - 16646624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll2015-08-31 21:53 - 2015-08-25 13:38 - 14945552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll2015-08-31 21:53 - 2015-08-25 13:38 - 13667032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll2015-08-31 21:53 - 2015-08-25 13:38 - 12192048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll2015-08-31 21:53 - 2015-08-25 13:38 - 02354808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll2015-08-31 21:53 - 2015-08-25 13:38 - 02105976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll2015-08-31 21:53 - 2015-08-25 13:38 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435582.dll2015-08-31 21:53 - 2015-08-25 13:38 - 01558648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435582.dll2015-08-31 21:53 - 2015-08-25 13:38 - 01178576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll2015-08-31 21:53 - 2015-08-25 13:38 - 01075320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll2015-08-31 21:53 - 2015-08-25 13:38 - 01064752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll2015-08-31 21:53 - 2015-08-25 13:38 - 01001440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00986232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00945272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00408368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00387536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00364152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00339576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00316120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll2015-08-31 21:53 - 2015-08-25 13:38 - 00040280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll2015-08-31 16:27 - 2015-08-10 23:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-29 23:18 - 2015-07-10 07:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log2015-09-29 23:14 - 2015-05-05 20:22 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2015-09-29 23:10 - 2015-05-15 02:14 - 00000000 ____D C:\Users\Roy\AppData\Roaming\Skype2015-09-29 23:09 - 2015-06-06 15:19 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2015-09-29 22:38 - 2015-05-31 11:38 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job2015-09-29 22:28 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\sru2015-09-29 20:26 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness2015-09-29 18:14 - 2015-05-05 20:22 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2015-09-28 02:16 - 2015-08-24 22:20 - 00000000 ___RD C:\Program Files (x86)\Skype2015-09-28 02:16 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\registration2015-09-28 02:16 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep2015-09-28 02:16 - 2015-05-15 02:14 - 00000000 ____D C:\ProgramData\Skype2015-09-28 01:03 - 2015-05-05 20:25 - 00000000 ____D C:\Program Files (x86)\Steam2015-09-27 23:57 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp2015-09-27 23:27 - 2015-07-31 04:54 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI2015-09-27 23:21 - 2015-08-28 04:48 - 00000000 ____D C:\Users\Roy\AppData\Local\HTC MediaHub2015-09-27 23:21 - 2015-07-31 04:47 - 00000000 ____D C:\Users\Roy2015-09-27 23:20 - 2015-07-31 04:46 - 00000000 ____D C:\ProgramData\NVIDIA2015-09-27 23:20 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT2015-09-27 23:07 - 2015-07-31 04:45 - 00043314 _____ C:\WINDOWS\PFRO.log2015-09-27 13:44 - 2015-05-06 20:13 - 00000000 ____D C:\Users\Roy\AppData\Local\CrashDumps2015-09-18 19:29 - 2015-07-10 04:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI2015-09-18 07:26 - 2015-05-30 00:21 - 00003400 _____ C:\WINDOWS\System32\Tasks\Softcomp Software Schedualer2015-09-16 17:21 - 2015-05-06 01:01 - 00000000 ____D C:\Program Files\Common Files\Apple2015-09-16 17:20 - 2015-05-06 01:01 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk2015-09-16 05:56 - 2015-05-05 20:07 - 00000000 ____D C:\Users\Roy\AppData\Local\Packages2015-09-15 18:09 - 2015-05-05 20:22 - 00003980 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2015-09-15 18:09 - 2015-05-05 20:22 - 00003748 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2015-09-15 16:33 - 2015-07-31 04:59 - 00002373 _____ C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk2015-09-15 16:33 - 2015-05-05 20:10 - 00000000 ___RD C:\Users\Roy\OneDrive2015-09-15 11:12 - 2015-07-10 06:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2015-09-15 11:12 - 2015-07-10 06:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl2015-09-13 12:41 - 2015-05-05 20:22 - 00000000 ____D C:\Users\Roy\AppData\Local\Google2015-09-10 07:30 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\System2015-09-10 07:16 - 2015-07-10 07:20 - 00210952 _____ C:\WINDOWS\system32\FNTCACHE.DAT2015-09-10 07:15 - 2015-07-10 08:14 - 00000000 ____D C:\Program Files\Windows Journal2015-09-10 07:15 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\appraiser2015-09-09 19:59 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports2015-09-08 23:34 - 2015-05-08 07:37 - 00000000 ____D C:\WINDOWS\system32\MRT2015-08-31 21:54 - 2015-07-31 04:46 - 00000000 ____D C:\ProgramData\NVIDIA Corporation2015-08-31 21:54 - 2015-07-10 07:20 - 00022274 _____ C:\WINDOWS\setupact.log2015-08-31 21:54 - 2015-05-12 07:51 - 00000000 ____D C:\Temp2015-08-31 16:28 - 2015-05-06 00:55 - 00001458 _____ C:\Users\Public\Desktop\GeForce Experience.lnk2015-08-30 17:47 - 2015-07-23 05:02 - 11188880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys ==================== Files in the root of some directories ======= 2015-05-30 00:20 - 2015-05-30 00:20 - 0000000 _____ () C:\Users\Roy\AppData\Roaming\E374.tmp Some files in TEMP:====================C:\Users\Roy\AppData\Local\Temp\GPUpd55CD49020.exeC:\Users\Roy\AppData\Local\Temp\GPUpd55E4C1610.exeC:\Users\Roy\AppData\Local\Temp\GPUpd55E7645F0.exeC:\Users\Roy\AppData\Local\Temp\GPUpd55EA4D640.exeC:\Users\Roy\AppData\Local\Temp\GPUpd55EE01EC0.exeC:\Users\Roy\AppData\Local\Temp\GPUpd55EF76F10.exeC:\Users\Roy\AppData\Local\Temp\GPUpd560077C50.exeC:\Users\Roy\AppData\Local\Temp\GPUpd560313E00.exeC:\Users\Roy\AppData\Local\Temp\gp_up_324832.exeC:\Users\Roy\AppData\Local\Temp\javagiac0.007598897973854157.dllC:\Users\Roy\AppData\Local\Temp\javagiac0.6281772742293931.dllC:\Users\Roy\AppData\Local\Temp\jre-8u60-windows-au.exeC:\Users\Roy\AppData\Local\Temp\nvSCPAPI.dllC:\Users\Roy\AppData\Local\Temp\nvSCPAPI64.dllC:\Users\Roy\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signedC:\WINDOWS\system32\wininit.exe => File is digitally signedC:\WINDOWS\explorer.exe => File is digitally signedC:\WINDOWS\SysWOW64\explorer.exe => File is digitally signedC:\WINDOWS\system32\svchost.exe => File is digitally signedC:\WINDOWS\SysWOW64\svchost.exe => File is digitally signedC:\WINDOWS\system32\services.exe => File is digitally signedC:\WINDOWS\system32\User32.dll => File is digitally signedC:\WINDOWS\SysWOW64\User32.dll => File is digitally signedC:\WINDOWS\system32\userinit.exe => File is digitally signedC:\WINDOWS\SysWOW64\userinit.exe => File is digitally signedC:\WINDOWS\system32\rpcss.dll => File is digitally signedC:\WINDOWS\system32\dnsapi.dll => File is digitally signedC:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signedC:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-09-22 10:25 ==================== End of FRST.txt ============================ Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-09-2015 01Ran by Roy (2015-09-29 23:19:11)Running from C:\Users\Roy\DownloadsWindows 10 Home (X64) (2015-07-31 09:54:31)Boot Mode: Normal========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3497494466-3614754699-1898788468-500 - Administrator - Disabled)DefaultAccount (S-1-5-21-3497494466-3614754699-1898788468-503 - Limited - Disabled)Guest (S-1-5-21-3497494466-3614754699-1898788468-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-3497494466-3614754699-1898788468-1003 - Limited - Enabled)Roy (S-1-5-21-3497494466-3614754699-1898788468-1001 - Administrator - Enabled) => C:\Users\Roy ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.08.2003 - Acer Incorporated)abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.04.2004.0 - Acer Incorporated)Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.07.2004 - Acer Incorporated)Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.09.2004.0 - Acer Incorporated)Apple Application Support (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)Apple Application Support (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5320 - CyberLink Corp.)CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)Empire: Total War (HKLM-x32\...\Steam App 10500) (Version: - The Creative Assembly)Exanima (HKLM-x32\...\Steam App 362490) (Version: - )Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios)Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)FreeMouseAutoClicker 3.6 (HKLM-x32\...\{292F00C5-25EF-4FBE-9873-13EF1F69DEED}_is1) (Version: - Advanced Mouse Auto Clicker ltd.)GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.137.0 - International GeoGebra Institute)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) HiddenHotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8104 - Acer Incorporated)HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)Intel® Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)Life is Feudal: Your Own (HKLM-x32\...\Steam App 290080) (Version: - Bitbox Ltd.)Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version: - The Creative Assembly)Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)NVIDIA 3D Vision Driver 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)NVIDIA Graphics Driver 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.25 - Qualcomm Atheros)Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30166 - Realtek Semiconductor Corp.)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)Rise of Nations: Extended Edition (HKLM-x32\...\Steam App 287450) (Version: - SkyBox Labs)Rome: Total War (HKLM-x32\...\Steam App 4760) (Version: - The Creative Assembly)SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) HiddenSHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) HiddenSid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)Sound Blaster Cinema (HKLM-x32\...\{AF2E323C-1E8A-4CE6-BE9E-B29296BF7FAE}) (Version: 1.00.03 - Creative Technology Limited)Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment)Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)The Elder Scrolls IV: Oblivion (HKLM-x32\...\Steam App 22330) (Version: - Bethesda Game Studios)The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version: - Creative Assembly)Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly)VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) HiddenWinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)WModem Driver Installer (HKLM-x32\...\HTC_WModemDriver) (Version: 3.0.14.0 - HTC) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 08-09-2015 23:32:35 Windows Update16-09-2015 10:30:58 Scheduled Checkpoint24-09-2015 03:50:00 Windows Update27-09-2015 23:57:16 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0C189C66-239D-45F0-86C4-E9DAD964D49E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTIONTask: {0EF3AA17-1141-449B-BC4E-AC176362E700} - System32\Tasks\Personal Computer Updater Schedualer => C:\Program Files (x86)\Personal Computer Updater\Personal ComputerUpdater.exe [2015-08-16] (Secure Updater)Task: {298F609A-1B6A-4508-9E8D-05317C589569} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)Task: {327A7C79-4B3C-49B0-8B3F-C8E19A1A5FD4} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)Task: {39A19251-1822-40FE-ACD1-5606CFC969D8} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-08-13] (Acer)Task: {3A9F3566-2149-4EA7-A4D8-A60E750D319A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)Task: {458BF04F-4727-4323-BB00-CC02AC89FF53} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2014-03-03] (Acer Incorporated)Task: {6231AE0D-723C-4572-86BA-91FE9507020A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTIONTask: {7FB415BF-DFA1-4EA1-83BE-731C59E81AD7} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-07-23] (Acer Incorporated)Task: {8268C5A8-DAD6-46D9-9ADF-074FFA5279A4} - System32\Tasks\Fenix Menager => C:\Users\Roy\AppData\Roaming\Fenix Menager\Fenix Menager.exe [2015-08-11] ()Task: {84AAE54A-53B7-4536-953F-AB413A9361B5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTIONTask: {90774DC7-9BDE-46FC-ADD7-5A4EECC84B51} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()Task: {95884F8A-BF75-408C-89E6-7D354F76C34A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)Task: {9A28EC98-43F0-41B9-9E78-FED9132DD0E2} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)Task: {9AAEC182-4435-4999-AC4A-A288EBD4EC0F} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()Task: {9CF1525B-555F-43AF-B3A7-821DCC5801F1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTIONTask: {A3507708-8473-4759-BC79-8FA26A310328} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTIONTask: {B5A5FC9B-7940-4B14-8D84-4E96AA04CAFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-05] (Google Inc.)Task: {BD042E0E-4484-49BC-8CD2-D6139196069A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTIONTask: {BEE54058-55AA-47B8-B60E-014BE8F0A6EE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-05] (Google Inc.)Task: {D8381A93-530A-4D83-9871-35DE4B151CDF} - System32\Tasks\Security Updater => C:\Users\Roy\AppData\Roaming\Updater\winupd.exe <==== ATTENTIONTask: {DD0CCEB1-E97B-48DF-8775-5DC6EB31584F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTIONTask: {E4D722CF-EC50-40CB-9C70-72F747064DC4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTIONTask: {E5FE1374-FC53-4C58-80D6-08847E3E573C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTIONTask: {E8022B3B-F523-4796-B545-B11AD4D5381B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTIONTask: {F0E3A119-6211-475E-8B10-60F2444A3F36} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTIONTask: {F30583AF-BBCC-4E93-B803-2AB2B46A8AD1} - System32\Tasks\Softcomp Software Schedualer => C:\Program Files (x86)\Softcomp Software\swjob.exeTask: {F867124D-B9D3-42F6-9760-FAD39C24FF31} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)Task: {FF4A7437-F9ED-4923-86DE-D2A143C68970} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-07-31 04:58 - 2015-07-14 21:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll2015-07-31 04:46 - 2015-08-25 10:57 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe2015-08-19 22:03 - 2015-08-11 04:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll2015-03-20 19:12 - 2015-03-20 19:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll2014-09-25 08:25 - 2012-04-24 05:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe2015-08-29 07:53 - 2015-08-18 02:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll2015-08-29 07:53 - 2015-08-18 02:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll2015-07-10 05:59 - 2015-07-10 05:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll2015-07-14 15:37 - 2015-07-14 15:37 - 00821240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe2014-09-25 08:12 - 2012-11-01 13:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL2015-07-27 18:46 - 2015-07-27 18:46 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe2015-07-27 18:46 - 2015-07-27 18:46 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe2014-08-01 06:12 - 2014-07-01 16:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll2015-09-27 23:24 - 2015-09-27 23:24 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.922.11070.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe2015-09-27 23:24 - 2015-09-27 23:24 - 10807296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.922.11070.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll2015-09-18 06:56 - 2015-09-18 06:56 - 03495936 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe2015-09-15 14:25 - 2015-09-15 14:25 - 00306960 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll2015-08-11 22:21 - 2015-08-02 20:11 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll2015-07-10 06:00 - 2015-07-10 08:14 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll2015-08-19 22:03 - 2015-08-11 03:58 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll2015-08-11 22:21 - 2015-08-02 20:09 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll2015-07-10 06:00 - 2015-07-10 08:14 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll2015-07-14 15:35 - 2015-07-14 15:35 - 00030720 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll2015-07-14 15:35 - 2015-07-14 15:35 - 00607016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll2015-07-14 15:36 - 2015-07-14 15:36 - 00059392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll2015-07-14 15:35 - 2015-07-14 15:35 - 00035864 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll2015-07-14 15:36 - 2015-07-14 15:36 - 00079888 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll2015-07-14 15:37 - 2015-07-14 15:37 - 00129016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll2015-07-14 15:39 - 2015-07-14 15:39 - 00223240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll2015-07-27 21:55 - 2015-07-23 03:18 - 00062304 _____ () C:\Program Files (x86)\Acer\AOP Framework\acer\inteldll.dll2015-05-06 00:55 - 2015-08-26 19:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll2015-05-05 20:26 - 2015-07-03 11:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll2015-05-05 20:26 - 2015-07-03 11:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll2015-05-05 20:26 - 2015-08-19 15:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll2015-05-05 20:26 - 2014-12-01 16:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll2015-05-05 20:26 - 2014-12-01 16:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll2015-05-05 20:26 - 2014-12-01 16:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll2015-05-05 20:26 - 2014-12-01 16:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll2015-05-05 20:26 - 2014-12-01 16:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll2015-05-05 20:26 - 2015-07-03 11:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll2015-05-05 20:26 - 2015-07-03 11:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll2015-05-05 20:26 - 2015-08-19 15:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL2015-07-22 21:58 - 2015-07-26 20:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll2015-05-05 20:26 - 2015-07-03 11:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll2015-07-27 18:47 - 2015-07-27 18:47 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll2014-09-25 08:04 - 2013-09-15 23:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll2015-08-05 19:48 - 2015-08-05 19:48 - 00201568 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll2015-08-05 19:48 - 2015-08-05 19:48 - 00653112 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll2015-08-05 19:48 - 2015-08-05 19:48 - 00640352 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll2015-08-05 19:48 - 2015-08-05 19:48 - 00118112 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll2015-07-31 04:47 - 2015-07-31 04:47 - 00014176 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll2015-07-23 17:08 - 2015-07-23 17:08 - 00012128 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll2015-07-23 16:56 - 2015-07-23 16:56 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll2015-03-20 19:12 - 2015-03-20 19:12 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2015-09-15 14:25 - 2015-09-15 14:25 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2014-08-01 06:12 - 2014-07-01 16:13 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll2015-09-29 02:14 - 2015-09-23 21:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll2015-09-29 02:14 - 2015-09-23 21:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Roy\OneDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3497494466-3614754699-1898788468-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roy\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpgDNS Servers: 75.75.76.76 - 75.75.75.75HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139FirewallRules: [{25BC58C7-C94E-4E4B-A171-269CCD978182}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{ECE2A216-FD03-4867-A95F-44B9038C211E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{072D883D-4A07-485E-9094-B860DA7AED40}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{01F5B061-8AA4-4B6B-A2B4-F08A19021236}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{2363B7C4-5A14-45AB-951F-01FD0B9C2630}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{6FFAF0EE-40D6-42E5-AAB5-D4EF7A0E4398}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{097662F0-7A94-40BE-B4B0-5C6255E9416B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{4212C6F5-6D86-4900-9CD0-E3D57736898F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{36116C37-ABEF-467E-90FE-34C81D21D194}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exeFirewallRules: [{1BDE5F32-827F-4F7A-BD94-5F356F81F94F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exeFirewallRules: [uDP Query User{DA986548-2A05-4A8F-AEC0-22AD063C9BCE}C:\program files (x86)\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exeFirewallRules: [TCP Query User{A07C0E44-27C4-4199-B000-E6E22761A0DF}C:\program files (x86)\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exeFirewallRules: [{90FD6234-201C-46FC-8306-FE66E87E9B6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exeFirewallRules: [{EE8B9AE0-F7BA-4141-BD84-0A9585EDC5E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exeFirewallRules: [{40F565FE-4E37-4659-BA77-28049F00F54D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exeFirewallRules: [{505BFD5D-5A4C-49F5-9F8D-4D2412426366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exeFirewallRules: [uDP Query User{F5FE8A2A-2775-4045-BE86-4B26B94E3730}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exeFirewallRules: [TCP Query User{D3AC65D8-4A70-4AA4-8B51-2EAA978E55B4}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exeFirewallRules: [{D36E1B29-85C4-4E30-8175-E8551EEE92D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oblivion\OblivionLauncher.exeFirewallRules: [{9F3BE466-E576-4070-A15B-CEB606DD8AAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oblivion\OblivionLauncher.exeFirewallRules: [{65046BC3-AA81-4C6A-9B1F-A10AAF105F16}] => (Allow) C:\Users\Roy\AppData\Roaming\uTorrent\uTorrent.exeFirewallRules: [{08140E36-B334-451B-9B52-BA4D85D9DB49}] => (Allow) C:\Users\Roy\AppData\Roaming\uTorrent\uTorrent.exeFirewallRules: [uDP Query User{FE65F200-5D77-4E9E-9043-7ABB99660F44}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [TCP Query User{A2EC509C-CB91-40C6-A386-D66FFBA20AC0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [uDP Query User{03A729CD-3BC2-4AA5-97AE-253A93252082}C:\users\roy\appdata\local\temp\i1431990800\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\roy\appdata\local\temp\i1431990800\windows\resource\jre\bin\javaw.exeFirewallRules: [TCP Query User{9D260571-9308-48B3-80C3-F352821A9AD5}C:\users\roy\appdata\local\temp\i1431990800\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\roy\appdata\local\temp\i1431990800\windows\resource\jre\bin\javaw.exeFirewallRules: [{1614C3F4-C975-4386-9309-95338BBA40FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Exanima\Exanima.exeFirewallRules: [{149B73AD-5793-44A0-BDBA-845B83DD3B05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Exanima\Exanima.exeFirewallRules: [uDP Query User{4F0F2BE5-258F-49D8-BC48-B9FBFCA81AF4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [TCP Query User{1000947C-09C6-4780-93DB-1619319314A3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [{890AFC35-F532-43BA-A40C-3CF3AFD32D50}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{83F51D67-F8A0-4616-BC4F-4937ABC14DD7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{D57F46B9-6B40-44BC-9CF7-E526A6E56F7C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{BB69A54B-1611-4DA7-B48C-576B795AFD9C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{B8A98128-C62A-4AC8-9E02-384AECE2F491}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{2BF4CA7B-42C3-4B30-AD1C-BE38F8EF178F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{D4E6A60A-30DF-4A98-9AA5-483237CE5673}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{CCA25A8C-539A-464A-A83E-9DAC47A8B4AE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{7A3A0400-0076-499C-8200-F61981531F82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exeFirewallRules: [{CD6A319F-0CC1-4AE7-A190-093186830790}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exeFirewallRules: [{466EC148-DAA3-4308-BBE2-3B03FC498C40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exeFirewallRules: [{DC5F62F1-019E-4BFB-86F5-2EEF65A0125A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exeFirewallRules: [{461806A5-F0DB-4575-803D-2A10B0A283DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exeFirewallRules: [{8221603A-FC43-4AD2-85E7-B32EC670335F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exeFirewallRules: [{E8305DD4-6A0E-4AC6-BF60-5A8C9F1C7758}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exeFirewallRules: [{E1D81959-C215-46A4-A3A4-C26136AC8444}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exeFirewallRules: [uDP Query User{99A036D9-E27E-4FD1-BCAE-8E9D2B9EB677}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exeFirewallRules: [TCP Query User{EE3347D5-DFBD-44DE-9DF6-AA5189A3F4AC}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exeFirewallRules: [{15F0D890-34A8-4E9F-A896-E7E8BDBF3A40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exeFirewallRules: [{025F3012-3716-45A0-B352-83ECF42A49BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exeFirewallRules: [{1067D37B-6CEC-4AB8-A3B1-A23BEEE6F441}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rome Total War Gold\RomeTW-BI.exeFirewallRules: [{195E6E65-0C7A-4218-B8ED-7CCFD0AFDA94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rome Total War Gold\RomeTW-BI.exeFirewallRules: [{4C283F29-46C3-495E-9F72-4D40D6D568FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rome Total War Gold\RomeTW.exeFirewallRules: [{08CCA486-0852-42D4-A442-615BA85E821E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rome Total War Gold\RomeTW.exeFirewallRules: [{FB2E967B-A967-43DE-87C9-6517CAE8C9BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exeFirewallRules: [{531E85DF-DD42-4F99-91BD-2211E368190A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exeFirewallRules: [{4CF42286-380D-4483-8C29-D489F62B2F5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exeFirewallRules: [{30AE2DBD-697D-480A-AB03-D267E7D0A131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exeFirewallRules: [{F0988670-94F0-4277-9C84-A9BC94E9417C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{1BDAD60F-6AD7-40BF-BFAA-C4980BC7B315}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{401392F0-4003-4794-ACFD-365E85715140}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{858C7B24-1AE4-4BE0-BC1E-266D317F3BD8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{4188AF72-A482-461B-B8A2-96FF92D6D1CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{426DCCCB-D908-4841-822C-9F1B7FAFC756}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{B4F92868-366B-427A-9018-917D25F6AA99}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{27C95FA1-A32D-49CA-84C0-0319222E33BD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{BBE56875-DDAE-4669-BD24-3CA27FF86764}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exeFirewallRules: [{043BD252-F3F3-403B-B3DB-254CCCFB2C44}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exeFirewallRules: [{6BA4DB62-BD67-42EC-A6D6-A156BBBC7700}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exeFirewallRules: [{D4AAAC24-7539-40F2-B11E-90C800B7ECB5}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exeFirewallRules: [{BAC2F91A-6D21-412C-BABC-83E201930910}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exeFirewallRules: [{DF5CE658-28E1-4AD2-B9B6-900511594DD4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exeFirewallRules: [{14DE31AF-5E79-4779-8A68-9C41F5D752EF}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exeFirewallRules: [{8B28DFC8-525B-422F-888D-8060E83FD3DC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exeFirewallRules: [{2667F8F3-DC92-42B1-BB88-B6A23906847A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exeFirewallRules: [{C6B9FA38-6C60-4EC7-9CA0-CB8D1468CF39}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exeFirewallRules: [{83716CA6-AB34-40CB-9AB2-90F50474A8B1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exeFirewallRules: [{63365151-7B4B-403C-A610-A2AB4870E7E0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exeFirewallRules: [{FEFC16B1-D4F2-45D0-9429-4A8226170FFD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{60F87F65-FC65-41FF-98DE-90D09C689F7F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{91CC8ADC-E2E5-4484-8DCA-398DA5DC79F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{F9CBBD4F-074B-4F19-AD62-82595B24A044}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{55ED3273-DA33-48D6-9A05-235F330B501A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exeFirewallRules: [{7E1FC37E-26DC-4F5B-B86B-EE0A48DB8979}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exeFirewallRules: [{8B425BC6-87F2-4FED-8AA0-185C685AA5E6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{3211C824-66A7-4772-B806-4EAA4F097E71}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{F7C80AB8-A9C5-4946-9353-33CE095ADA18}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{DAF568F1-68D7-43BC-963C-DB8D2C6339C8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{80C37223-9A46-4EDE-816C-0253DB5E6EC5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{1EF69081-B9FE-4D11-ADE4-AE6293C6954D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exeFirewallRules: [{8E0FB238-BFCA-4D6D-AA37-DF2AAF3CAB72}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{009B25AA-1651-4BB5-A55E-121C4EB2FB44}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exeFirewallRules: [{868707BA-267D-4331-9EE7-D661D74EB5BE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exeFirewallRules: [{39EA8AA9-2905-4415-90DE-552CFC143D20}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exeFirewallRules: [{2C66D465-522C-4133-9047-AB7A9B522D7C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exeFirewallRules: [{2A1621CD-A860-4076-B110-79F54CA9BC21}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exeFirewallRules: [{20FFB403-6BEF-42CB-B505-0EE58AEC7952}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exeFirewallRules: [{04A5BA01-F3BA-4B4F-A662-58BC688409E5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exeFirewallRules: [{0BDA2DAA-EE79-45B8-A5C9-E8AEF86738B2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exeFirewallRules: [{91743047-6D9B-40C3-B860-D313AD30EBA8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exeFirewallRules: [{43F10461-843A-44F0-A4B9-DB08B6236739}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exeFirewallRules: [{9E4D1D34-AE25-4A3D-B92D-F097059F85E5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exeFirewallRules: [{0C403A23-D369-4421-B96F-16E7B31811F0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXEFirewallRules: [{66E5A26C-12B2-4BA7-BA46-AA05855168B4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeFirewallRules: [{6A8A91DD-6E1A-4E8C-9E7A-B8D83257A1BE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeFirewallRules: [{E0C439D2-759E-43E6-B66F-71BB51A38255}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exeFirewallRules: [{64BA0916-8239-45AD-85A5-69CAA1A5E142}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exeFirewallRules: [{49C025A6-2E1B-4922-8A5F-D63E2F8C7692}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exeFirewallRules: [{931FD5EA-7348-4FBA-972F-F9F4142C1A97}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exeFirewallRules: [{E9DB9F14-CEF7-4C3E-A59D-D87748DB3464}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exeFirewallRules: [{4DF8C246-687E-48D2-B630-F37A1F57CDBB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exeFirewallRules: [{BB01356F-FDC3-4CC4-84E1-54DAE5618ACC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exeFirewallRules: [{56C26DEE-92BF-4402-9576-CA9FB48C6ADB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exeFirewallRules: [{1E1795DC-C342-4B6B-8FC8-7669437F6A68}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exeFirewallRules: [{FF27D215-FAF4-4B1F-BC9E-50BBE5E97D75}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exeFirewallRules: [{DBB80217-6023-4C6B-BDE7-ECEF7F70CFE3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exeFirewallRules: [{E4E77C60-1760-45AE-B193-ED7F9C813D3B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exeFirewallRules: [{1D329FD3-C42A-4C36-B0C8-872E0F3A7324}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exeFirewallRules: [{FC1F675E-5779-402E-B047-EAABE9F88C8B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exeFirewallRules: [{B56F1057-544D-411B-AE46-7A94D85D3B96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeFirewallRules: [{6E85A319-A83D-4D80-96D0-668C86BDFD4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeFirewallRules: [{FB258068-644F-4E34-994F-6B6E4D61FE6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exeFirewallRules: [{86039E2D-37E0-4602-9E61-A2F2AA086E53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exeFirewallRules: [{04D03424-5636-44E5-953B-495E79CA6A4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exeFirewallRules: [{C4B9A76C-B841-4138-84F3-C937F3B7793A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights of the Old Republic II\swkotor2.exeFirewallRules: [{2E949E58-4A7A-4661-BCD0-6C8B14FB5527}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights of the Old Republic II\swkotor2.exeFirewallRules: [{64A3E3ED-AF7A-4CD5-9EF7-E99EEF6C009F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exeFirewallRules: [{B30A77C3-FFF0-4C0B-B7B8-28E2A7D09152}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exeFirewallRules: [{153A6773-3CB2-45F7-B826-FC3C2C9B8CDA}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exeFirewallRules: [{34FFB433-6007-4D62-B8E8-4AE0434347FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exeFirewallRules: [{011CCB68-ED3B-4762-8448-68D0039144F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exeFirewallRules: [{30405361-DFA7-4803-83C5-96266DF6B474}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exeFirewallRules: [{F30C88C8-860A-4AF5-9AC1-399009B20AEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exeFirewallRules: [{F160110D-658C-409B-B4BB-59615230157E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{71025755-6679-4FD4-AD08-869F107E4B29}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{B6BE1AE9-4A50-4101-BAFB-7C3B0FD5F001}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{7F517F15-38F6-4A6C-AAE6-683F90BD8AF7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{E2811E4A-F4B6-4C3F-80AB-3F2CF67224F8}] => (Allow) C:\Program Files\iTunes\iTunes.exeFirewallRules: [{533E9037-A99C-4DA3-B438-C5510D1E2000}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (09/29/2015 09:06:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Local Hostname Roys-PC.local already in use; will try Roys-PC-2.local instead Error: (09/29/2015 09:06:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Roys-PC.local. Addr 10.0.0.5 Error: (09/29/2015 09:06:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 10.0.0.5:5353 16 Roys-PC.local. AAAA 2601:02C1:0000:2B20:1ACF:5EFF:FEC7:0638 Error: (09/29/2015 08:47:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Local Hostname Roys-PC.local already in use; will try Roys-PC-2.local instead Error: (09/29/2015 08:47:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Roys-PC.local. Addr 10.0.0.5 Error: (09/29/2015 08:47:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: mDNSCoreReceiveResponse: Received from 10.0.0.5:5353 16 Roys-PC.local. AAAA 2601:02C1:0000:2B20:1ACF:5EFF:FEC7:0638 Error: (09/29/2015 08:47:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 528984 Error: (09/29/2015 08:47:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 528984 Error: (09/29/2015 08:47:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/29/2015 04:46:14 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (2956) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. System errors:=============Error: (09/27/2015 11:24:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (09/27/2015 11:22:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (09/27/2015 11:22:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (09/27/2015 11:22:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (09/27/2015 11:22:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (09/27/2015 11:22:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (09/27/2015 11:22:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (09/27/2015 11:22:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (09/27/2015 11:22:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (09/27/2015 11:22:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable CodeIntegrity:=================================== Date: 2015-09-27 23:05:44.239 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-27 23:05:44.229 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Core i7-4790 CPU @ 3.60GHzPercentage of memory in use: 29%Total physical RAM: 12207.59 MBAvailable physical RAM: 8552.15 MBTotal Virtual: 14063.59 MBAvailable Virtual: 9564.86 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:913.51 GB) (Free:640.11 GB) NTFSDrive e: (Acer) (Fixed) (Total:1845 GB) (Free:1844.17 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 931.5 GB) (Disk ID: 55E5485C) Partition: GPT. ========================================================Disk: 1 (Size: 1863 GB) (Disk ID: EA02B1C4) Partition: GPT. ==================== End of Addition.txt ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.