FRST log; Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01Ran by acer (administrator) on ACER-PC on 26-02-2015 23:40:08Running from C:\Users\acer\Documents\DownloadsLoaded Profiles: acer & UpdatusUser (Available profiles: acer & UpdatusUser)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: IE)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7138816 2013-03-24] (Broadcom Corporation)HKLM\...\Run: [intelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2011-12-01] (Intel® Corporation)HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-4163698976-74596317-2181307835-1000\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-18] (Valve Corporation)Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dllStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnkShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-4163698976-74596317-2181307835-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKU\S-1-5-21-4163698976-74596317-2181307835-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchSearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4163698976-74596317-2181307835-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100 FireFox:========FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: =======CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Drive) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-28]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-01]CHR Extension: (YouTube) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-28]CHR Extension: (Google Search) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-28]CHR Extension: (Google Wallet) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-28]CHR Extension: (Gmail) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-28] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2011-11-30] (Red Bend Ltd.) [File not signed]R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-07] (Electronic Arts)R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2011-11-30] (Intel® Corporation) [File not signed]R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5824512 2013-03-24] (Broadcom Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2012-02-22] (Broadcom Corporation.)S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-26] (Malwarebytes Corporation)U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-26] ()S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Internet Security\cleanhlp64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-26 23:39 - 2015-02-26 23:40 - 00000000 ____D () C:\FRST2015-02-26 23:23 - 2015-02-26 23:23 - 00000376 _____ () C:\Windows\PFRO.log2015-02-26 23:23 - 2015-02-26 23:23 - 00000056 _____ () C:\Windows\setupact.log2015-02-26 23:23 - 2015-02-26 23:23 - 00000000 _____ () C:\Windows\setuperr.log2015-02-26 23:15 - 2015-02-26 23:15 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-02-26 23:15 - 2015-02-26 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-02-26 23:15 - 2015-02-26 23:15 - 00000000 ____D () C:\Program Files (x86)\ESET2015-02-26 23:15 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-02-26 23:15 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-02-26 23:09 - 2015-02-26 23:09 - 00268056 _____ () C:\Users\acer\Documents\cc_20150226_230937.reg2015-02-26 23:08 - 2015-02-26 23:08 - 00001264 _____ () C:\Users\acer\Desktop\Revo Uninstaller.lnk2015-02-26 23:08 - 2015-02-26 23:08 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group2015-02-26 22:59 - 2015-02-26 22:59 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys2015-02-26 22:59 - 2015-02-26 22:59 - 00000000 ____D () C:\ProgramData\RogueKiller2015-02-26 22:39 - 2015-02-26 23:16 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-02-26 22:39 - 2015-02-26 23:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2015-02-26 22:38 - 2015-02-26 23:06 - 00000000 ____D () C:\Users\acer\Desktop\mbar2015-02-26 22:38 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-02-26 22:36 - 2015-02-26 22:36 - 00019644 _____ () C:\ComboFix.txt2015-02-26 22:27 - 2011-06-26 06:45 - 00256000 _____ () C:\Windows\PEV.exe2015-02-26 22:27 - 2010-11-07 17:20 - 00208896 _____ () C:\Windows\MBR.exe2015-02-26 22:27 - 2009-04-20 04:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2015-02-26 22:27 - 2000-08-31 00:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2015-02-26 22:27 - 2000-08-31 00:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2015-02-26 22:27 - 2000-08-31 00:00 - 00098816 _____ () C:\Windows\sed.exe2015-02-26 22:27 - 2000-08-31 00:00 - 00080412 _____ () C:\Windows\grep.exe2015-02-26 22:27 - 2000-08-31 00:00 - 00068096 _____ () C:\Windows\zip.exe2015-02-26 22:26 - 2015-02-26 22:36 - 00000000 ____D () C:\Qoobox2015-02-26 22:26 - 2015-02-26 22:35 - 00000000 ____D () C:\Windows\erdnt2015-02-26 22:24 - 2015-02-26 22:24 - 00001348 _____ () C:\Users\acer\Desktop\JRT.txt2015-02-26 21:19 - 2015-02-26 21:19 - 00000000 _____ () C:\autoexec.bat2015-02-26 20:49 - 2015-02-26 20:49 - 00003146 _____ () C:\Windows\System32\Tasks\Run_Bobby_Browser2015-02-25 20:09 - 2015-01-08 23:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls2015-02-25 20:09 - 2015-01-08 23:43 - 00419936 _____ () C:\Windows\system32\locale.nls2015-02-19 23:14 - 2015-02-19 23:14 - 00000000 ____D () C:\Users\acer\AppData\Local\Steam2015-02-16 18:45 - 2015-02-16 18:45 - 00001713 _____ () C:\Users\Public\Desktop\iTunes.lnk2015-02-16 18:45 - 2015-02-16 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2015-02-16 18:45 - 2015-02-16 18:45 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A72015-02-16 18:45 - 2015-02-16 18:45 - 00000000 ____D () C:\Program Files\iTunes2015-02-16 18:45 - 2015-02-16 18:45 - 00000000 ____D () C:\Program Files\iPod2015-02-16 18:45 - 2015-02-16 18:45 - 00000000 ____D () C:\Program Files (x86)\iTunes2015-02-12 10:38 - 2015-01-23 04:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2015-02-12 10:38 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-02-12 10:38 - 2015-01-23 03:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2015-02-12 10:38 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-02-10 23:59 - 2015-01-14 05:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-02-10 23:59 - 2015-01-14 05:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-02-10 23:59 - 2015-01-13 03:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll2015-02-10 23:59 - 2015-01-13 02:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll2015-02-10 23:59 - 2015-01-12 03:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-02-10 23:59 - 2015-01-12 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-02-10 23:59 - 2015-01-12 03:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2015-02-10 23:59 - 2015-01-12 02:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-02-10 23:59 - 2015-01-12 02:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-02-10 23:59 - 2015-01-12 02:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-02-10 23:59 - 2015-01-12 02:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2015-02-10 23:59 - 2015-01-12 02:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2015-02-10 23:59 - 2015-01-12 02:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-02-10 23:59 - 2015-01-12 02:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-02-10 23:59 - 2015-01-12 02:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-02-10 23:59 - 2015-01-12 02:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-02-10 23:59 - 2015-01-12 02:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2015-02-10 23:59 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-02-10 23:59 - 2015-01-12 02:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2015-02-10 23:59 - 2015-01-12 02:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-02-10 23:59 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-02-10 23:59 - 2015-01-12 02:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2015-02-10 23:59 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-02-10 23:59 - 2015-01-12 02:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-02-10 23:59 - 2015-01-12 02:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-02-10 23:59 - 2015-01-12 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-02-10 23:59 - 2015-01-12 02:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2015-02-10 23:59 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2015-02-10 23:59 - 2015-01-12 02:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-02-10 23:59 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-02-10 23:59 - 2015-01-12 02:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-02-10 23:59 - 2015-01-12 01:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-02-10 23:59 - 2015-01-12 01:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-02-10 23:59 - 2015-01-12 01:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2015-02-10 23:59 - 2015-01-12 01:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-02-10 23:59 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-02-10 23:59 - 2015-01-12 01:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-02-10 23:59 - 2015-01-12 01:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2015-02-10 23:59 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-02-10 23:59 - 2015-01-12 01:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-02-10 23:59 - 2015-01-12 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2015-02-10 23:59 - 2015-01-12 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-02-10 23:59 - 2015-01-12 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-02-10 23:59 - 2015-01-12 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-02-10 23:59 - 2015-01-12 01:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-02-10 23:59 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-02-10 23:59 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-02-10 23:59 - 2015-01-12 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2015-02-10 23:59 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-02-10 23:59 - 2015-01-12 01:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-02-10 23:59 - 2015-01-12 01:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-02-10 23:59 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-02-10 23:59 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-02-10 23:59 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-02-10 23:59 - 2015-01-10 06:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-02-10 23:59 - 2015-01-10 06:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-02-10 23:59 - 2015-01-10 06:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2015-02-10 23:59 - 2015-01-10 06:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2015-02-10 23:59 - 2015-01-10 06:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2015-02-10 23:59 - 2015-01-10 06:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2015-02-10 23:59 - 2015-01-10 06:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2015-02-10 23:59 - 2015-01-10 06:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-02-10 23:59 - 2015-01-10 06:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2015-02-10 23:59 - 2015-01-10 06:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-02-10 23:59 - 2015-01-10 06:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2015-02-10 23:59 - 2015-01-10 06:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2015-02-10 23:59 - 2015-01-10 06:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2015-02-10 23:59 - 2015-01-10 06:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2015-02-10 23:59 - 2015-01-09 02:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-02-10 23:58 - 2015-02-04 03:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2015-02-10 23:58 - 2015-02-04 03:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2015-02-10 23:58 - 2015-02-04 03:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2015-02-10 23:58 - 2015-02-04 03:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2015-02-10 23:58 - 2015-02-04 03:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2015-02-10 23:58 - 2015-02-04 03:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll2015-02-10 23:58 - 2015-02-04 03:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2015-02-10 23:58 - 2015-01-27 23:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe2015-02-10 23:58 - 2015-01-15 08:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-02-10 23:58 - 2015-01-15 08:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2015-02-10 23:58 - 2015-01-15 08:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-02-10 23:58 - 2015-01-15 08:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2015-02-10 23:58 - 2015-01-15 08:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2015-02-10 23:58 - 2015-01-15 08:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2015-02-10 23:58 - 2015-01-15 08:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2015-02-10 23:58 - 2015-01-15 08:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2015-02-10 23:58 - 2015-01-15 08:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-02-10 23:58 - 2015-01-15 08:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2015-02-10 23:58 - 2015-01-15 08:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-02-10 23:58 - 2015-01-15 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2015-02-10 23:58 - 2015-01-15 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2015-02-10 23:58 - 2015-01-15 07:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2015-02-10 23:58 - 2015-01-15 07:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-02-10 23:58 - 2015-01-15 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2015-02-10 23:58 - 2015-01-15 07:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-02-10 23:58 - 2015-01-15 04:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2015-02-10 23:58 - 2015-01-14 06:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-02-10 23:58 - 2015-01-14 06:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2015-02-10 23:58 - 2015-01-14 06:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2015-02-10 23:58 - 2015-01-14 06:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2015-02-10 23:58 - 2015-01-14 05:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2015-02-10 23:58 - 2015-01-14 05:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2015-02-10 23:58 - 2015-01-14 05:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2015-02-10 23:58 - 2014-12-12 05:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2015-02-10 23:58 - 2014-12-12 05:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2015-02-10 23:58 - 2014-12-08 03:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll2015-02-10 23:58 - 2014-12-08 02:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll2015-02-10 23:58 - 2014-11-26 03:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll2015-02-10 23:58 - 2014-11-26 03:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll2015-02-10 23:58 - 2014-10-04 02:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2015-02-10 23:58 - 2014-10-04 01:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2015-02-10 23:58 - 2014-10-04 01:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll2015-02-10 23:58 - 2014-07-07 02:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll2015-02-10 23:58 - 2014-07-07 02:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll2015-02-10 23:58 - 2014-07-07 01:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll2015-02-10 23:58 - 2014-07-07 01:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll2015-02-10 22:32 - 2015-02-26 21:07 - 00000000 ____D () C:\FM Genie Scout 152015-02-08 22:01 - 2015-02-16 21:55 - 00000000 ____D () C:\Users\acer\Documents\Shortlists2015-02-08 20:39 - 2015-02-08 20:39 - 00000222 _____ () C:\Users\acer\Desktop\Football Manager 2015.url2015-02-08 20:39 - 2015-02-08 20:39 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam2015-02-07 23:38 - 2015-02-07 23:38 - 00001272 _____ () C:\Users\Public\Desktop\SimCity™.lnk2015-02-07 23:38 - 2015-02-07 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™2015-02-07 23:13 - 2015-02-07 23:26 - 00000000 ____D () C:\Program Files (x86)\Origin Games2015-02-07 23:12 - 2015-02-07 23:13 - 00000000 ____D () C:\Users\acer\AppData\Local\Origin2015-02-07 23:11 - 2015-02-08 13:59 - 00000000 ____D () C:\Program Files (x86)\Origin2015-02-07 23:11 - 2015-02-07 23:40 - 00000000 ____D () C:\ProgramData\Electronic Arts2015-02-07 23:11 - 2015-02-07 23:11 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk2015-02-07 22:58 - 2015-02-26 23:24 - 00000000 ____D () C:\Program Files (x86)\Steam2015-02-07 22:58 - 2015-02-07 22:58 - 00000963 _____ () C:\Users\Public\Desktop\Steam.lnk2015-02-07 22:58 - 2015-02-07 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam2015-02-01 00:11 - 2015-02-01 00:11 - 00002146 _____ () C:\Users\Public\Desktop\RollerCoaster Tycoon 2.lnk2015-02-01 00:11 - 2015-02-01 00:11 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games2015-02-01 00:05 - 2015-02-01 00:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames2015-02-01 00:05 - 2015-02-01 00:05 - 00000000 ____D () C:\Program Files (x86)\Infogrames ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-26 23:34 - 2013-03-31 15:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2015-02-26 23:31 - 2009-07-14 04:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-02-26 23:31 - 2009-07-14 04:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-02-26 23:27 - 2013-03-24 16:45 - 01791630 _____ () C:\Windows\WindowsUpdate.log2015-02-26 23:26 - 2014-09-28 22:56 - 00000000 ____D () C:\Users\UpdatusUser.acer-PC.0002015-02-26 23:24 - 2014-12-28 01:07 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-02-26 23:23 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-02-26 23:18 - 2014-12-28 01:07 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-02-26 23:15 - 2014-09-22 22:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-02-26 23:09 - 2013-12-12 19:15 - 00000000 ____D () C:\Windows\Minidump2015-02-26 23:09 - 2013-10-07 20:53 - 00000000 ____D () C:\Users\acer\AppData\Roaming\BitTorrent2015-02-26 22:36 - 2009-07-14 03:20 - 00000000 __RHD () C:\Users\Default2015-02-26 22:34 - 2009-07-14 02:34 - 00000215 _____ () C:\Windows\system.ini2015-02-26 22:23 - 2014-10-19 21:38 - 00000000 ____D () C:\AdwCleaner2015-02-26 21:28 - 2009-07-14 04:45 - 05028736 _____ () C:\Windows\system32\FNTCACHE.DAT2015-02-26 21:19 - 2013-03-24 21:21 - 00109296 _____ () C:\Users\acer\AppData\Local\GDIPFONTCACHEV1.DAT2015-02-22 11:20 - 2009-07-14 05:08 - 00032570 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2015-02-21 22:35 - 2014-12-28 01:07 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-02-18 23:14 - 2009-07-14 05:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI2015-02-16 18:45 - 2014-07-03 00:16 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692015-02-16 18:45 - 2013-09-05 18:47 - 00000000 ____D () C:\Program Files\Common Files\Apple2015-02-12 10:28 - 2014-12-10 22:21 - 00000000 ____D () C:\Windows\system32\appraiser2015-02-12 10:28 - 2014-05-07 00:48 - 00000000 ___SD () C:\Windows\system32\CompatTel2015-02-11 01:29 - 2013-04-08 18:59 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-02-11 01:28 - 2013-07-13 02:01 - 00000000 ____D () C:\Windows\system32\MRT2015-02-11 01:25 - 2013-03-24 22:04 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-02-09 00:49 - 2013-04-09 10:44 - 00000000 ____D () C:\ProgramData\Origin2015-02-08 20:46 - 2013-04-14 22:31 - 00000000 ____D () C:\Users\Public\Documents\Sports Interactive2015-02-08 20:46 - 2013-04-14 22:31 - 00000000 ____D () C:\Users\acer\Documents\Sports Interactive2015-02-08 20:46 - 2013-04-14 22:31 - 00000000 ____D () C:\Users\acer\AppData\Local\Sports Interactive2015-02-07 23:40 - 2013-04-09 11:06 - 00000000 ____D () C:\Users\acer\Documents\SimCity2015-02-07 23:38 - 2009-07-14 05:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2015-02-05 00:34 - 2013-03-31 15:19 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-02-05 00:34 - 2013-03-31 15:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2015-02-05 00:34 - 2013-03-31 15:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2015-02-03 21:13 - 2014-12-28 01:07 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-02-03 21:13 - 2014-12-28 01:07 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-02-01 00:11 - 2013-03-24 16:46 - 00000000 ____D () C:\Users\acer\AppData\Local\VirtualStore2015-02-01 00:05 - 2013-03-24 21:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2015-01-29 00:04 - 2014-12-13 22:28 - 00000000 ____D () C:\Users\acer\Desktop\Dad Work ==================== Files in the root of some directories ======= 2013-04-08 18:24 - 2013-04-08 18:24 - 4126720 _____ () C:\Program Files (x86)\GUTFEAA.tmp2013-03-24 21:30 - 2013-03-24 21:30 - 0005221 _____ () C:\Users\acer\AppData\Local\WiDiSetupLog.20130324.213003.txt Some content of TEMP:====================C:\Users\acer\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-24 20:29 ==================== End Of Log ============================ Addition log; Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01Ran by acer at 2015-02-26 23:41:02Running from C:\Users\acer\Documents\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)BitTorrent (HKU\S-1-5-21-4163698976-74596317-2181307835-1000\...\BitTorrent) (Version: 7.9.2.36804 - BitTorrent Inc.)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.120 - Broadcom Corporation)Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version: - )Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) HiddenCisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) HiddenCisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) HiddenD3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)Football Manager 2015 (HKLM-x32\...\Steam App 295270) (Version: - Sports Interactive)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.26.9 - Google Inc.) HiddenIntel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.00.0000 - Intel Corporation)Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenNVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2410 - Broadcom Corporation)Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 10-02-2015 23:41:32 Windows Update11-02-2015 01:23:43 Windows Update16-02-2015 02:48:08 Windows Update16-02-2015 18:42:08 Installed iTunes19-02-2015 23:17:17 Windows Update24-02-2015 19:41:16 Windows Update25-02-2015 20:07:31 Windows Update26-02-2015 20:50:36 Removed iTunes26-02-2015 22:16:51 avast! antivirus system restore point26-02-2015 22:19:01 Removed Visual Studio 2010 x64 Redistributables26-02-2015 22:19:21 Removed Visual Studio 2012 x64 Redistributables26-02-2015 22:19:44 Removed Visual Studio 2012 x86 Redistributables ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {12D02662-1C81-4316-AA7E-B0D2C316DDC4} - System32\Tasks\Run_Bobby_Browser => C:\Users\acer\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTIONTask: {1A97FBE5-837E-4A97-8866-69EF33DBEB5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {25FCCEBA-5F87-420D-B5AC-7183485FFE49} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)Task: {388D376A-11CB-48D5-A12A-45224B1BBBFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-28] (Google Inc.)Task: {69FF7506-CBF2-4633-B7F1-EBAC688BE879} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)Task: {6FD7C5CD-1310-4A83-811E-46955D706825} - System32\Tasks\0814avUpdateInfo => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe [2014-08-12] ()Task: {ECC43367-63EF-413F-A775-DDBE0868206E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-28] (Google Inc.)Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exeTask: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-09-28 22:55 - 2013-08-29 22:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll2012-02-28 16:07 - 2012-02-28 16:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2015-02-21 22:35 - 2015-02-17 22:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll2015-02-21 22:35 - 2015-02-17 22:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll2015-02-21 22:35 - 2015-02-17 22:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll2015-02-21 22:35 - 2015-02-17 22:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll2014-10-17 08:33 - 2014-10-17 08:33 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll2013-03-24 21:15 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll2013-03-24 21:35 - 2012-02-08 09:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4163698976-74596317-2181307835-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\acer\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmpDNS Servers: 194.168.4.100 - 194.168.8.100 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= acer (S-1-5-21-4163698976-74596317-2181307835-1000 - Administrator - Enabled) => C:\Users\acerAdministrator (S-1-5-21-4163698976-74596317-2181307835-500 - Administrator - Disabled)Guest (S-1-5-21-4163698976-74596317-2181307835-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-4163698976-74596317-2181307835-1002 - Limited - Enabled)UpdatusUser (S-1-5-21-4163698976-74596317-2181307835-1003 - Limited - Enabled) => C:\Users\UpdatusUser.acer-PC.000 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (02/26/2015 11:25:07 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/26/2015 11:24:31 PM) (Source: Windows Search Service) (EventID: 7010) (User: )Description: The index cannot be initialized. Details:The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/26/2015 11:24:31 PM) (Source: Windows Search Service) (EventID: 3058) (User: )Description: The application cannot be initialized. Context: Windows Application Details:The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/26/2015 11:24:31 PM) (Source: Windows Search Service) (EventID: 3028) (User: )Description: The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details:The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/26/2015 11:24:31 PM) (Source: Windows Search Service) (EventID: 3029) (User: )Description: The plug-in in <Search.TripoliIndexer> cannot be initialized. Context: Windows Application, SystemIndex Catalog Details:Element not found. (HRESULT : 0x80070490) (0x80070490) Error: (02/26/2015 11:24:30 PM) (Source: Windows Search Service) (EventID: 3029) (User: )Description: The plug-in in <Search.JetPropStore> cannot be initialized. Context: Windows Application, SystemIndex Catalog Details:The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/26/2015 11:24:30 PM) (Source: Windows Search Service) (EventID: 9002) (User: )Description: The Windows Search Service cannot load the property store information. Context: Windows Application, SystemIndex Catalog Details:The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800) Error: (02/26/2015 11:24:30 PM) (Source: Windows Search Service) (EventID: 7042) (User: )Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Details:The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/26/2015 11:24:30 PM) (Source: Windows Search Service) (EventID: 7040) (User: )Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index. Details:The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/26/2015 11:24:29 PM) (Source: Windows Search Service) (EventID: 9000) (User: )Description: The Windows Search Service cannot open the Jet property store. Details:0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800)) System errors:=============Error: (02/26/2015 11:24:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Windows Search service failed to start due to the following error: %%1053 Error: (02/26/2015 11:24:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. Error: (02/26/2015 11:24:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Windows Search service failed to start due to the following error: %%1053 Error: (02/26/2015 11:24:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. Error: (02/26/2015 11:24:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Windows Search service failed to start due to the following error: %%1053 Error: (02/26/2015 11:24:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. Error: (02/26/2015 11:24:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Windows Search service failed to start due to the following error: %%1053 Error: (02/26/2015 11:24:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. Error: (02/26/2015 11:24:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Windows Search service failed to start due to the following error: %%1053 Error: (02/26/2015 11:24:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. Microsoft Office Sessions:=========================