laurenmkc

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014Ran by Lauren (administrator) on LAURENS-LAPTOP on 15-04-2014 10:50:21Running from C:\Users\Lauren\DownloadsWindows 8.1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe(McAfee, Inc.) C:\Windows\system32\mfevtps.exe(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Nero AG) c:\Program Files (x86)\Nero\Update\NASvc.exe(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Soluto) c:\program files\soluto\soluto.exe(Microsoft Corporation) C:\Windows\System32\skydrive.exe(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe(Acer Cloud Technology) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Intel Corporation) C:\WINDOWS\system32\igfxext.exe(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\sdd.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe(Soluto) C:\Program Files\Soluto\SolutoService.exe(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-17] (Realtek Semiconductor)HKLM\...\Run: [igfxTray] => C:\WINDOWS\system32\igfxtray.exe [391128 2013-10-03] (Intel Corporation)HKLM\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe [771032 2013-10-03] (Intel Corporation)HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe [769496 2013-10-03] (Intel Corporation)HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3016944 2013-04-10] (Synaptics Incorporated)HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-08] (AVAST Software)HKLM\...\Winlogon: [userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit,Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-25] ( (Qualcomm Atheros Commnucations))HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-2846629673-4196287044-1004556386-1001\...\Run: [skyDrive] => C:\Users\Lauren\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-04-05] (Microsoft Corporation)HKU\S-1-5-21-2846629673-4196287044-1004556386-1001\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18247424 2014-02-13] (Acer Incorporated)HKU\S-1-5-21-2846629673-4196287044-1004556386-1001\...\Run: [spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2013-09-04] ()HKU\S-1-5-21-2846629673-4196287044-1004556386-1001\...\MountPoints2: {f0509f97-9215-11e3-bea8-48d224e13467} - "D:\VZW_Software_upgrade_assistant.exe" HKU\S-1-5-21-2846629673-4196287044-1004556386-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [skyDrive] => C:\Users\Lauren\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-04-05] (Microsoft Corporation)HKU\S-1-5-21-2846629673-4196287044-1004556386-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18247424 2014-02-13] (Acer Incorporated)HKU\S-1-5-21-2846629673-4196287044-1004556386-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2013-09-04] ()HKU\S-1-5-21-2846629673-4196287044-1004556386-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f0509f97-9215-11e3-bea8-48d224e13467} - "D:\VZW_Software_upgrade_assistant.exe" IFEO\bitguard.exe: [Debugger] tasklist.exeIFEO\bprotect.exe: [Debugger] tasklist.exeIFEO\bpsvc.exe: [Debugger] tasklist.exeIFEO\browsemngr.exe: [Debugger] tasklist.exeIFEO\browserdefender.exe: [Debugger] tasklist.exeIFEO\browsermngr.exe: [Debugger] tasklist.exeIFEO\browserprotect.exe: [Debugger] tasklist.exeIFEO\browsersafeguard.exe: [Debugger] tasklist.exeIFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exeIFEO\cltmngsvc.exe: [Debugger] tasklist.exeIFEO\delta babylon.exe: [Debugger] tasklist.exeIFEO\delta tb.exe: [Debugger] tasklist.exeIFEO\delta2.exe: [Debugger] tasklist.exeIFEO\deltainstaller.exe: [Debugger] tasklist.exeIFEO\deltasetup.exe: [Debugger] tasklist.exeIFEO\deltatb.exe: [Debugger] tasklist.exeIFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exeIFEO\dprotectsvc.exe: [Debugger] tasklist.exeIFEO\iminentsetup.exe: [Debugger] tasklist.exeIFEO\jumpflip: [Debugger] tasklist.exeIFEO\protectedsearch.exe: [Debugger] tasklist.exeIFEO\rjatydimofu.exe: [Debugger] tasklist.exeIFEO\searchinstaller.exe: [Debugger] tasklist.exeIFEO\searchprotection.exe: [Debugger] tasklist.exeIFEO\searchsettings.exe: [Debugger] tasklist.exeIFEO\searchsettings64.exe: [Debugger] tasklist.exeIFEO\snapdo.exe: [Debugger] tasklist.exeIFEO\stinst32.exe: [Debugger] tasklist.exeIFEO\stinst64.exe: [Debugger] tasklist.exeIFEO\sweetimsetup.exe: [Debugger] tasklist.exeIFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exeIFEO\umbrella.exe: [Debugger] tasklist.exeIFEO\utiljumpflip.exe: [Debugger] tasklist.exeIFEO\volaro: [Debugger] tasklist.exeIFEO\vonteera: [Debugger] tasklist.exeIFEO\websteroids.exe: [Debugger] tasklist.exeIFEO\websteroidsservice.exe: [Debugger] tasklist.exeStartup: C:\Users\Lauren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnkShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (No File)Startup: C:\Users\Lauren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnkShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Settings Manager\systemk\sysapcrt.dllHKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)URLSearchHook: HKCU - (No Name) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - No FileSearchScopes: HKLM - DefaultScope {6A334E33-A3A2-4164-9BFF-1C665F92DDA1} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJSSearchScopes: HKLM - {6A334E33-A3A2-4164-9BFF-1C665F92DDA1} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJSSearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=12302&tm=310&src=ds&p={searchTerms}SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01SearchScopes: HKLM-x32 - {6A334E33-A3A2-4164-9BFF-1C665F92DDA1} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJSSearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?sid=476&aid=100&itype=a&ver=12302&tm=310&src=ds&p={searchTerms}SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01SearchScopes: HKCU - {6A334E33-A3A2-4164-9BFF-1C665F92DDA1} URL = SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)BHO-x32: No Name - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - No FileToolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)DPF: HKLM-x32 {206599BA-54C3-4B56-8B27-361541F02B36} http://wireless.uoregon.edu/tools/xc_loader_activex.ocxHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)Tcpip\Parameters: [DhcpNameServer] 128.223.32.36 128.223.60.23Tcpip\..\Interfaces\{67DCC0A0-D85C-4A4A-8139-C3D2E5A48927}: [NameServer]156.154.70.22,156.154.71.22Tcpip\..\Interfaces\{C77BFDC2-566D-4E7D-AA9E-48DAAC682B9A}: [NameServer]156.154.70.22,156.154.71.22 FireFox:========FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-07-30]FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKFF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-07-30] Chrome: =======CHR Extension: (Adblock Plus) - C:\Users\Lauren\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-10]CHR Extension: (Google Wallet) - C:\Users\Lauren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-07]CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-08] ==================== Services (Whitelisted) ================= R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [310400 2013-04-25] (Windows ® Win 7 DDK provider)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-08] (AVAST Software)R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-11-25] (Acer Incorporated)R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-04-30] (Acer Incorporated)R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165328 2012-12-19] (Intel Corporation)R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-25] (Acer Incorporate)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-10-21] (McAfee, Inc.)R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-11-26] (McAfee, Inc.)R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4292960 2013-11-11] (Symantec Corporation)R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-08] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-08] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-08] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-08] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-08] (AVAST Software)R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-08] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-08] ()S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-25] (Qualcomm Atheros)R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-09] (Acer Incorporated)S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-15] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-10-21] (McAfee, Inc.)R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-11-04] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-09] (Acer Incorporated)S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-04-10] (Synaptics Incorporated)S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)R3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-15 10:50 - 2014-04-15 10:50 - 00026861 _____ () C:\Users\Lauren\Downloads\FRST.txt2014-04-15 10:49 - 2014-04-15 10:50 - 00000000 ____D () C:\FRST2014-04-15 10:49 - 2014-04-15 10:49 - 02054144 _____ (Farbar) C:\Users\Lauren\Downloads\FRST64.exe2014-04-13 20:43 - 2014-04-15 10:38 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-04-13 20:42 - 2014-04-13 20:42 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-04-13 20:42 - 2014-04-13 20:42 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-04-13 20:42 - 2014-04-13 20:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-13 20:42 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-04-13 20:42 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2014-04-08 19:26 - 2014-04-08 19:26 - 00001872 _____ () C:\Users\Lauren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk2014-04-08 19:25 - 2014-04-08 19:25 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetAssistant2014-04-08 19:25 - 2014-04-08 19:25 - 00000000 ____D () C:\Program Files (x86)\W3i2014-04-08 19:24 - 2014-04-08 19:24 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\Yahoo!2014-04-08 19:24 - 2014-04-08 19:24 - 00000000 ____D () C:\ProgramData\Yahoo! Companion2014-04-08 19:24 - 2014-04-08 19:24 - 00000000 ____D () C:\ProgramData\Yahoo!2014-04-08 19:24 - 2014-04-08 19:24 - 00000000 ____D () C:\Program Files (x86)\Yahoo!2014-04-08 17:55 - 2014-04-08 17:55 - 00001986 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk2014-04-08 17:55 - 2014-04-08 17:55 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\AVAST Software2014-04-08 17:54 - 2014-04-13 21:54 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update2014-04-08 17:54 - 2014-04-08 17:54 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe2014-04-08 17:54 - 2014-04-08 17:54 - 00208928 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00084816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr2014-04-08 17:53 - 2014-04-08 17:53 - 00000000 ____D () C:\Program Files\AVAST Software2014-04-08 17:47 - 2014-03-30 18:16 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2014-04-08 17:47 - 2014-03-30 16:57 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2014-04-08 17:47 - 2014-03-10 03:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys2014-04-08 17:47 - 2014-03-10 03:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys2014-04-08 17:47 - 2014-03-06 02:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll2014-04-08 17:47 - 2014-03-06 02:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll2014-04-08 17:47 - 2014-03-05 23:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll2014-04-08 17:47 - 2014-03-05 23:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll2014-04-08 17:44 - 2014-04-08 17:44 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb2014-04-08 17:44 - 2014-04-08 17:44 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb2014-04-06 19:35 - 2014-04-06 19:35 - 00000000 ____D () C:\ProgramData\BrowserProtect2014-04-06 19:35 - 2014-04-06 19:35 - 00000000 ____D () C:\ProgramData\Browser Manager2014-04-06 19:35 - 2014-04-06 19:35 - 00000000 ____D () C:\ProgramData\BitGuard2014-04-06 18:53 - 2014-04-13 22:07 - 00000000 ____D () C:\Program Files (x86)\Settings Manager2014-04-06 18:53 - 2014-04-13 22:05 - 00000000 ____D () C:\ProgramData\Wincert2014-04-06 18:52 - 2014-04-06 18:56 - 00000000 ____D () C:\Users\Lauren\AppData\Local\pptaddin2014-04-06 18:52 - 2014-04-06 18:52 - 00003442 _____ () C:\WINDOWS\System32\Tasks\SoftUpdateDaily2014-04-06 18:52 - 2014-04-06 18:52 - 00003256 _____ () C:\WINDOWS\System32\Tasks\SoftUpdateLogon2014-04-06 18:52 - 2014-04-06 18:52 - 00000000 ____D () C:\Users\Lauren\AppData\Local\SoftUpdate2014-04-06 18:52 - 2014-04-06 18:52 - 00000000 ____D () C:\Users\Lauren\AppData\Local\emaze2014-04-06 17:45 - 2014-04-06 17:45 - 26437344 _____ (Microsoft Corporation) C:\Users\Lauren\Downloads\Windows-KB890830-x64-V5.10.exe2014-04-05 23:35 - 2014-04-05 23:35 - 00001097 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk2014-04-05 23:35 - 2014-04-05 23:35 - 00000000 ____D () C:\Users\Lauren\AppData\Local\VS Revo Group2014-04-05 23:35 - 2014-04-05 23:35 - 00000000 ____D () C:\ProgramData\VS Revo Group2014-04-05 23:35 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys2014-04-05 23:34 - 2014-04-05 23:34 - 00000000 ____D () C:\Program Files\VS Revo Group2014-04-05 23:33 - 2014-04-05 23:34 - 10619688 _____ (VS Revo Group ) C:\Users\Lauren\Downloads\RevoUninProSetup.exe2014-04-05 22:35 - 2014-04-05 22:35 - 00000017 _____ () C:\Users\Lauren\AppData\Local\resmon.resmoncfg2014-04-05 22:26 - 2014-04-14 19:58 - 00066896 _____ () C:\WINDOWS\PFRO.log2014-04-04 00:52 - 2014-04-04 00:52 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\cloudbkp2014-04-04 00:47 - 2014-04-13 22:05 - 00000000 ____D () C:\ProgramData\Systweak2014-04-03 18:37 - 2014-04-14 23:40 - 00000796 _____ () C:\WINDOWS\setupact.log2014-04-03 18:37 - 2014-04-03 18:37 - 00000000 _____ () C:\WINDOWS\setuperr.log2014-04-03 16:36 - 2014-04-15 10:15 - 01214066 _____ () C:\WINDOWS\WindowsUpdate.log2014-04-03 16:09 - 2014-04-04 02:45 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup2014-04-03 16:09 - 2014-04-04 02:05 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup2014-04-03 16:09 - 2014-04-04 00:53 - 00003120 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector_startup2014-04-03 16:09 - 2012-07-25 12:03 - 00016896 _____ () C:\WINDOWS\system32\sasnative64.exe2014-04-03 16:08 - 2014-04-03 16:08 - 00003108 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro2014-04-03 16:07 - 2014-04-13 22:06 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\systweak2014-04-03 15:57 - 2014-04-03 15:57 - 00000000 ____D () C:\Program Files\Microsoft Silverlight2014-04-03 15:57 - 2014-04-03 15:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight2014-04-03 15:56 - 2014-04-03 15:56 - 13084896 _____ (Microsoft Corporation) C:\Users\Lauren\Downloads\Silverlight_x64.exe2014-03-29 12:22 - 2014-03-29 12:22 - 00027648 ____H () C:\Users\Lauren\Downloads\~WRL0001.tmp2014-03-28 20:01 - 2014-03-28 20:02 - 00000000 ___SD () C:\ProgramData\Shared Space2014-03-28 20:00 - 2014-03-28 20:00 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll2014-03-28 20:00 - 2014-03-28 20:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll2014-03-28 19:59 - 2014-04-04 02:37 - 00000000 ____D () C:\Program Files\COMODO2014-03-28 19:59 - 2014-04-04 02:35 - 00000000 ____D () C:\ProgramData\COMODO2014-03-28 19:59 - 2014-03-28 19:59 - 00000000 ____D () C:\Program Files\AdTrustMedia2014-03-28 19:58 - 2014-03-28 19:58 - 00057096 _____ (COMODO CA Limited) C:\WINDOWS\system32\certsentry.dll2014-03-28 19:58 - 2014-03-28 19:58 - 00000000 ____D () C:\Users\Lauren\AppData\Local\Comodo2014-03-21 08:07 - 2014-02-22 05:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe2014-03-21 08:07 - 2014-02-22 04:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe2014-03-18 00:30 - 2014-01-07 18:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys2014-03-18 00:30 - 2014-01-07 18:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys2014-03-18 00:30 - 2014-01-04 08:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll2014-03-18 00:30 - 2014-01-04 08:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll2014-03-18 00:30 - 2014-01-04 07:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll2014-03-18 00:30 - 2014-01-04 06:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll2014-03-18 00:30 - 2014-01-02 16:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll2014-03-18 00:30 - 2014-01-02 16:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll2014-03-18 00:30 - 2013-12-31 18:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll2014-03-18 00:30 - 2013-12-31 17:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll2014-03-18 00:30 - 2013-12-31 17:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll2014-03-18 00:30 - 2013-12-31 16:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll2014-03-18 00:30 - 2013-12-31 16:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll2014-03-18 00:30 - 2013-12-31 16:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll2014-03-18 00:30 - 2013-12-30 16:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll2014-03-18 00:30 - 2013-12-30 16:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll2014-03-18 00:30 - 2013-12-30 16:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll2014-03-18 00:30 - 2013-12-27 08:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll2014-03-18 00:30 - 2013-12-27 01:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll2014-03-18 00:30 - 2013-12-27 01:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe2014-03-18 00:30 - 2013-12-27 01:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll2014-03-18 00:30 - 2013-12-27 00:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll2014-03-18 00:30 - 2013-12-27 00:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe2014-03-18 00:30 - 2013-12-26 23:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll2014-03-18 00:30 - 2013-12-21 00:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll2014-03-18 00:30 - 2013-12-17 00:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys2014-03-18 00:30 - 2013-12-13 23:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll2014-03-18 00:30 - 2013-12-13 23:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll2014-03-18 00:30 - 2013-12-13 03:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe2014-03-18 00:30 - 2013-12-09 01:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll2014-03-18 00:30 - 2013-12-08 21:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll2014-03-18 00:29 - 2014-01-07 18:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS2014-03-18 00:29 - 2013-12-31 18:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll2014-03-18 00:29 - 2013-12-30 16:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll2014-03-18 00:29 - 2013-12-30 16:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll2014-03-18 00:29 - 2013-12-12 23:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll2014-03-18 00:29 - 2013-12-12 22:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll ==================== One Month Modified Files and Folders ======= 2014-04-19 12:15 - 2013-09-04 08:55 - 00000852 _____ () C:\WINDOWS\system32\Drivers\RTKHDRC.dat2014-04-19 12:14 - 2013-09-04 08:55 - 00000712 _____ () C:\WINDOWS\system32\Drivers\RTEQEX0.dat2014-04-15 10:50 - 2014-04-15 10:50 - 00026861 _____ () C:\Users\Lauren\Downloads\FRST.txt2014-04-15 10:50 - 2014-04-15 10:49 - 00000000 ____D () C:\FRST2014-04-15 10:49 - 2014-04-15 10:49 - 02054144 _____ (Farbar) C:\Users\Lauren\Downloads\FRST64.exe2014-04-15 10:44 - 2013-10-23 18:20 - 00003954 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1B9730AB-780D-4EFA-ABC7-CE9909A55CF8}2014-04-15 10:38 - 2014-04-13 20:43 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-04-15 10:18 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports2014-04-15 10:15 - 2014-04-03 16:36 - 01214066 _____ () C:\WINDOWS\WindowsUpdate.log2014-04-15 10:12 - 2013-11-07 18:46 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2014-04-15 10:07 - 2013-10-20 12:27 - 00005002 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LAURENS-LAPTOP-Lauren Laurens-Laptop2014-04-15 10:05 - 2013-10-19 12:35 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2846629673-4196287044-1004556386-10012014-04-15 10:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru2014-04-15 09:57 - 2013-11-07 18:46 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-04-15 09:57 - 2013-11-07 18:46 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2014-04-15 09:57 - 2013-10-20 11:09 - 00000000 __RDO () C:\Users\Lauren\SkyDrive2014-04-14 23:41 - 2013-09-29 21:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2014-04-14 23:40 - 2014-04-03 18:37 - 00000796 _____ () C:\WINDOWS\setupact.log2014-04-14 20:01 - 2013-09-04 09:21 - 00000000 ____D () C:\ProgramData\boost_interprocess2014-04-14 19:58 - 2014-04-05 22:26 - 00066896 _____ () C:\WINDOWS\PFRO.log2014-04-14 19:58 - 2013-10-23 19:27 - 00053284 _____ () C:\WINDOWS\system32\wpbbin.exe2014-04-14 19:58 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2014-04-14 19:58 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI2014-04-13 22:07 - 2014-04-06 18:53 - 00000000 ____D () C:\Program Files (x86)\Settings Manager2014-04-13 22:06 - 2014-04-03 16:07 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\systweak2014-04-13 22:05 - 2014-04-06 18:53 - 00000000 ____D () C:\ProgramData\Wincert2014-04-13 22:05 - 2014-04-04 00:47 - 00000000 ____D () C:\ProgramData\Systweak2014-04-13 21:54 - 2014-04-08 17:54 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update2014-04-13 21:53 - 2013-10-23 19:33 - 00000000 ____D () C:\Users\Lauren2014-04-13 20:42 - 2014-04-13 20:42 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-04-13 20:42 - 2014-04-13 20:42 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-04-13 20:42 - 2014-04-13 20:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-13 20:28 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF2014-04-13 12:29 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM2014-04-12 00:44 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness2014-04-12 00:11 - 2013-10-20 11:02 - 00000000 ____D () C:\Program Files\Microsoft Office 152014-04-09 16:43 - 2013-10-21 22:38 - 00000000 ____D () C:\WINDOWS\system32\MRT2014-04-09 00:55 - 2013-10-21 22:38 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2014-04-08 19:26 - 2014-04-08 19:26 - 00001872 _____ () C:\Users\Lauren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk2014-04-08 19:25 - 2014-04-08 19:25 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetAssistant2014-04-08 19:25 - 2014-04-08 19:25 - 00000000 ____D () C:\Program Files (x86)\W3i2014-04-08 19:24 - 2014-04-08 19:24 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\Yahoo!2014-04-08 19:24 - 2014-04-08 19:24 - 00000000 ____D () C:\ProgramData\Yahoo! Companion2014-04-08 19:24 - 2014-04-08 19:24 - 00000000 ____D () C:\ProgramData\Yahoo!2014-04-08 19:24 - 2014-04-08 19:24 - 00000000 ____D () C:\Program Files (x86)\Yahoo!2014-04-08 17:55 - 2014-04-08 17:55 - 00001986 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk2014-04-08 17:55 - 2014-04-08 17:55 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\AVAST Software2014-04-08 17:54 - 2014-04-08 17:54 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe2014-04-08 17:54 - 2014-04-08 17:54 - 00208928 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00084816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys2014-04-08 17:54 - 2014-04-08 17:54 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr2014-04-08 17:53 - 2014-04-08 17:53 - 00000000 ____D () C:\Program Files\AVAST Software2014-04-08 17:44 - 2014-04-08 17:44 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb2014-04-08 17:44 - 2014-04-08 17:44 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb2014-04-06 19:35 - 2014-04-06 19:35 - 00000000 ____D () C:\ProgramData\BrowserProtect2014-04-06 19:35 - 2014-04-06 19:35 - 00000000 ____D () C:\ProgramData\Browser Manager2014-04-06 19:35 - 2014-04-06 19:35 - 00000000 ____D () C:\ProgramData\BitGuard2014-04-06 18:56 - 2014-04-06 18:52 - 00000000 ____D () C:\Users\Lauren\AppData\Local\pptaddin2014-04-06 18:52 - 2014-04-06 18:52 - 00003442 _____ () C:\WINDOWS\System32\Tasks\SoftUpdateDaily2014-04-06 18:52 - 2014-04-06 18:52 - 00003256 _____ () C:\WINDOWS\System32\Tasks\SoftUpdateLogon2014-04-06 18:52 - 2014-04-06 18:52 - 00000000 ____D () C:\Users\Lauren\AppData\Local\SoftUpdate2014-04-06 18:52 - 2014-04-06 18:52 - 00000000 ____D () C:\Users\Lauren\AppData\Local\emaze2014-04-06 17:45 - 2014-04-06 17:45 - 26437344 _____ (Microsoft Corporation) C:\Users\Lauren\Downloads\Windows-KB890830-x64-V5.10.exe2014-04-05 23:35 - 2014-04-05 23:35 - 00001097 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk2014-04-05 23:35 - 2014-04-05 23:35 - 00000000 ____D () C:\Users\Lauren\AppData\Local\VS Revo Group2014-04-05 23:35 - 2014-04-05 23:35 - 00000000 ____D () C:\ProgramData\VS Revo Group2014-04-05 23:34 - 2014-04-05 23:34 - 00000000 ____D () C:\Program Files\VS Revo Group2014-04-05 23:34 - 2014-04-05 23:33 - 10619688 _____ (VS Revo Group ) C:\Users\Lauren\Downloads\RevoUninProSetup.exe2014-04-05 22:35 - 2014-04-05 22:35 - 00000017 _____ () C:\Users\Lauren\AppData\Local\resmon.resmoncfg2014-04-04 02:45 - 2014-04-03 16:09 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup2014-04-04 02:37 - 2014-03-28 19:59 - 00000000 ____D () C:\Program Files\COMODO2014-04-04 02:35 - 2014-03-28 19:59 - 00000000 ____D () C:\ProgramData\COMODO2014-04-04 02:05 - 2014-04-03 16:09 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup2014-04-04 00:53 - 2014-04-03 16:09 - 00003120 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector_startup2014-04-04 00:52 - 2014-04-04 00:52 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\cloudbkp2014-04-04 00:42 - 2013-10-19 11:48 - 00000000 ___RD () C:\Users\Lauren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-04 00:42 - 2013-08-22 08:36 - 00000000 __RSD () C:\WINDOWS\Media2014-04-04 00:42 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData2014-04-04 00:40 - 2013-10-19 12:51 - 00000000 ____D () C:\Users\Lauren\AppData\Local\clear.fi2014-04-04 00:22 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\registration2014-04-04 00:21 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep2014-04-04 00:10 - 2013-10-19 11:47 - 00000000 ____D () C:\Users\Lauren\AppData\Local\Packages2014-04-03 18:37 - 2014-04-03 18:37 - 00000000 _____ () C:\WINDOWS\setuperr.log2014-04-03 16:08 - 2014-04-03 16:08 - 00003108 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro2014-04-03 15:57 - 2014-04-03 15:57 - 00000000 ____D () C:\Program Files\Microsoft Silverlight2014-04-03 15:57 - 2014-04-03 15:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight2014-04-03 15:56 - 2014-04-03 15:56 - 13084896 _____ (Microsoft Corporation) C:\Users\Lauren\Downloads\Silverlight_x64.exe2014-04-03 09:51 - 2014-04-13 20:42 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-04-03 09:51 - 2014-04-13 20:42 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2014-04-03 09:50 - 2014-03-12 19:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2014-04-01 16:07 - 2013-11-07 18:46 - 00003900 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2014-04-01 16:07 - 2013-11-07 18:46 - 00003664 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2014-03-31 14:23 - 2013-08-22 08:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2014-03-31 14:23 - 2013-08-22 08:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl2014-03-30 18:16 - 2014-04-08 17:47 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2014-03-30 16:57 - 2014-04-08 17:47 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2014-03-29 16:29 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache2014-03-29 12:22 - 2014-03-29 12:22 - 00027648 ____H () C:\Users\Lauren\Downloads\~WRL0001.tmp2014-03-28 20:02 - 2014-03-28 20:01 - 00000000 ___SD () C:\ProgramData\Shared Space2014-03-28 20:00 - 2014-03-28 20:00 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll2014-03-28 20:00 - 2014-03-28 20:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll2014-03-28 19:59 - 2014-03-28 19:59 - 00000000 ____D () C:\Program Files\AdTrustMedia2014-03-28 19:58 - 2014-03-28 19:58 - 00057096 _____ (COMODO CA Limited) C:\WINDOWS\system32\certsentry.dll2014-03-28 19:58 - 2014-03-28 19:58 - 00000000 ____D () C:\Users\Lauren\AppData\Local\Comodo2014-03-21 20:29 - 2013-10-20 22:06 - 00000000 ____D () C:\Users\Lauren\AppData\Roaming\Spotify2014-03-19 07:01 - 2013-10-19 11:48 - 00000000 ___RD () C:\Users\Lauren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools Some content of TEMP:====================C:\Users\Lauren\AppData\Local\Temp\BackupSetup.exeC:\Users\Lauren\AppData\Local\Temp\BundleSweetIMSetup.exeC:\Users\Lauren\AppData\Local\Temp\Delta.exeC:\Users\Lauren\AppData\Local\Temp\DeltaTB.exeC:\Users\Lauren\AppData\Local\Temp\ezinstall.exeC:\Users\Lauren\AppData\Local\Temp\MybabylonTB.exeC:\Users\Lauren\AppData\Local\Temp\SettingsManagerSetup.exeC:\Users\Lauren\AppData\Local\Temp\swupdateRunnable.exeC:\Users\Lauren\AppData\Local\Temp\WSSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys[2014-03-12 22:33] - [2014-01-31 09:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02 LastRegBack: 2014-04-08 19:34 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2014Ran by Lauren at 2014-04-15 10:51:56Running from C:\Users\Lauren\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) HiddenAcer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 2.04.2005 - Acer)Acer Games (HKCU\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3004 - Acer Incorporated)Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.3002.6 - Acer Incorporated)Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.3003.1 - Acer Incorporated)Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.3004 - Acer Incorporated)Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.01.2002 - Acer Incorporated)Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) HiddenCradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) HiddenDelicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) HiddenDora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) HiddeneBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) HiddenIdentity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation) HiddenJewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) HiddenLive Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 12.8.903 - McAfee, Inc.)Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4605.1003 - Microsoft Corporation)Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) HiddenMystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) HiddenNero BackItUp (x32 Version: 12.5.5000 - Nero AG) HiddenNero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) HiddenNero ControlCenter (x32 Version: 11.0.15600 - Nero AG) HiddenNero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) HiddenNero Core Components (x32 Version: 11.0.20200 - Nero AG) HiddenNero Launcher (x32 Version: 12.2.7000 - Nero AG) HiddenNero RescueAgent (x32 Version: 12.0.3001 - Nero AG) HiddenNero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) HiddenNero Update (x32 Version: 11.0.11800.31.0 - Nero AG) HiddenNetAssistant (x32 Version: 3.8.3 - W3i) HiddenNorton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.1.10 - Symantec Corporation)Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) HiddenOffice 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) HiddenOffice 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) HiddenOffice 15 Click-to-Run Localization Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) HiddenPeggle Nights (x32 Version: 2.2.0.98 - WildTangent) HiddenPlants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) HiddenPokki (HKCU\...\Pokki) (Version: 0.263.14.128 - Pokki)Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) HiddenQualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.226 - Qualcomm Atheros Communications)Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.51 - Qualcomm Atheros)Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)Soluto (HKLM\...\{A40888FC-B545-46F3-8628-6AE98C1C75C6}) (Version: 1.3.1193.1 - Soluto)Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.34 - Synaptics Incorporated)Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) HiddenThe Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) HiddenUpdate for Microsoft en-us Dictionary (Version: 16.1.864.1 - Microsoft Corporation) HiddenUpdate Installer for WildTangent Games App (x32 Version: - WildTangent) HiddenVisual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) HiddenVisual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)W3i NetAssistant (HKCU\...\NetAssistant 3.8.3) (Version: 3.8.3 - Freeze.com)WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden ==================== Restore Points ========================= 04-04-2014 06:14:22 Restore Operation06-04-2014 06:17:50 march 2206-04-2014 06:38:34 Revo Uninstaller Pro's restore point - Malwarebytes Anti-Malware version 1.75.0.130007-04-2014 01:57:41 Revo Uninstaller Pro's restore point - PrivDog09-04-2014 00:52:42 avast! antivirus system restore point ==================== Hosts content: ========================== 2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0127C372-7BA9-4395-BFFE-120D86D7487D} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2014-02-13] (Acer Incorporated)Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTaskTask: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsListTask: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTaskTask: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulateTask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalanceTask: {5516C200-E8EC-4080-9283-DB00ED41E808} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)Task: {662530EE-1024-4E01-8D8A-F731FE47D187} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-08] (AVAST Software)Task: {69B2B25D-C82F-4380-8E22-B259EAED2407} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play CleanupTask: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance TaskTask: {6E57D222-B917-4EA4-9527-9A74F058EE5F} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-10] (Synaptics Incorporated)Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTaskTask: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {78F66E00-4767-4A30-920C-BF2D98A7D5CA} - System32\Tasks\SoftUpdateDaily => C:\Users\Lauren\AppData\Local\SoftUpdate\SoftUpdate.exe [2014-04-06] ()Task: {802120FB-D2E6-4889-9443-9EF7033808FD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-09] (Microsoft Corporation)Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance TaskTask: {8A2E78F5-CA6A-4C09-B0A0-62215DBD092F} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2846629673-4196287044-1004556386-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exeTask: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTaskTask: {941A1893-8F21-48CB-A574-F1EB036515ED} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-25] (Acer Incorporate)Task: {956738E1-B32E-4D33-898A-9C737B0827E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07] (Google Inc.)Task: {9C426E5A-EE8F-4DCE-894B-43FD56C461D0} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()Task: {9FE95BD8-CBE3-487E-BA44-05D144AD3FB3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-04-11] (Microsoft Corporation)Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance WorkTask: {C2EF20FC-B891-4F01-BA97-EEC60E8DADB0} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTIONTask: {CBB01653-A729-49B0-AA1D-1C7CF17365D4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation)Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTaskTask: {D2179457-57CA-4818-9E83-D593A5FB5879} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07] (Google Inc.)Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensingTask: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon SynchronizationTask: {DBC38E9E-F9EE-458A-A137-C33A1F082372} - System32\Tasks\Microsoft Office 15 Sync Maintenance for LAURENS-LAPTOP-Lauren Laurens-Laptop => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-04-11] (Microsoft Corporation)Task: {E4FC13DB-06CF-4CFC-B355-449583EC9DB5} - System32\Tasks\SoftUpdateLogon => C:\Users\Lauren\AppData\Local\SoftUpdate\SoftUpdate.exe [2014-04-06] ()Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRETask: {EF1C46C3-B6BB-40EE-B622-C09A4EF5E1FE} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTIONTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Loaded Modules (whitelisted) ============= 2014-03-14 07:00 - 2014-03-14 07:00 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll2014-03-22 00:06 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll2013-10-20 11:02 - 2014-03-25 13:21 - 00629928 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll2014-03-19 11:39 - 2014-04-11 21:19 - 08884904 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll2013-04-25 16:45 - 2013-04-25 16:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll2013-04-25 16:42 - 2013-04-25 16:42 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll2013-04-25 16:48 - 2013-04-25 16:48 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2013-09-04 09:10 - 2013-09-04 09:10 - 01193176 _____ () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe2013-01-29 12:28 - 2013-01-29 12:28 - 00109024 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll2013-01-29 12:28 - 2013-01-29 12:28 - 00055352 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll2014-02-15 22:40 - 2014-02-15 22:40 - 00101376 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Management\84d75b2b93977401cfdaa7bd390b9411\Windows.Management.ni.dll2014-02-13 16:56 - 2014-02-13 16:56 - 01782272 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\8848363a64856b740e9ebd321b6a98ca\Windows.ApplicationModel.ni.dll2014-02-13 16:56 - 2014-02-13 16:56 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\67df9eac656929e232d804428e224a7d\Windows.System.ni.dll2014-02-13 16:56 - 2014-02-13 16:56 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\8d0f16d53c303f545bdc3bdeeb2a7fb3\Windows.Foundation.ni.dll2014-04-14 16:45 - 2014-04-14 16:45 - 02211328 _____ () C:\Program Files\AVAST Software\Avast\defs\14041401\algo.dll2013-09-04 08:50 - 2012-10-22 14:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll2014-02-13 16:12 - 2014-02-13 16:12 - 00279296 _____ () C:\Program Files (x86)\Acer\Acer Portal\libcurl.dll2013-11-25 11:40 - 2013-11-25 11:40 - 00048384 _____ () C:\Program Files (x86)\Acer\Acer Portal\LocalDevice.dll2013-11-25 11:40 - 2013-11-25 11:40 - 00030464 _____ () C:\Program Files (x86)\Acer\Acer Portal\LocalDeviceDiscovery.dll2013-11-25 11:39 - 2013-11-25 11:39 - 00081664 _____ () C:\Program Files (x86)\Acer\Acer Portal\GREGCommLib.dll2013-11-13 17:57 - 2014-04-11 21:17 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll2014-04-08 17:54 - 2014-04-08 17:54 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll2013-11-13 18:01 - 2014-04-11 21:20 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll2014-04-10 14:14 - 2014-04-01 18:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll2013-09-04 09:26 - 2013-02-20 22:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll2014-04-10 14:14 - 2014-04-01 18:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll2014-04-10 14:14 - 2014-04-01 18:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll2014-04-10 14:14 - 2014-04-01 18:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll2014-04-10 14:14 - 2014-04-01 18:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll2014-04-10 14:14 - 2014-04-01 18:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Lauren\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: Bluetooth Audio DeviceDescription: Bluetooth Audio DeviceClass Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}Manufacturer: Qualcomm Atheros CommunicationsService: BTATH_A2DPProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Virtual Bluetooth Support (Include Audio)Description: Virtual Bluetooth Support (Include Audio)Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}Manufacturer: Qualcomm Atheros CommunicationsService: AthBTPortProblem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)Resolution: Update the driver Name: Bluetooth LWFLT DeviceDescription: Bluetooth LWFLT DeviceClass Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}Manufacturer: Qualcomm Atheros CommunicationsService: BTATH_LWFLTProblem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)Resolution: Update the driver ==================== Event log errors: ========================= Application errors:==================Error: (04/15/2014 10:26:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: LAURENS-LAPTOP)Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/15/2014 10:25:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: LAURENS-LAPTOP)Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/15/2014 10:25:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: LAURENS-LAPTOP)Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/15/2014 10:24:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: LAURENS-LAPTOP)Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/15/2014 10:23:28 AM) (Source: Application Hang) (User: )Description: The program wwahost.exe version 6.3.9600.16431 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 4a4 Start Time: 01cf58cb8e864649 Termination Time: 12 Application Path: C:\WINDOWS\system32\wwahost.exe Report Id: a54e615e-c4c2-11e3-becd-48d224e13467 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe Faulting package-relative application ID: Microsoft.WindowsLive.Mail Error: (04/15/2014 10:13:41 AM) (Source: Application Hang) (User: )Description: The program LiveComm.exe version 17.5.9600.20461 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1a8c Start Time: 01cf58cb8926876e Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: 4640e13c-c4c1-11e3-becd-48d224e13467 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (04/14/2014 04:32:52 PM) (Source: Customer Experience Improvement Program) (User: )Description: 80070005 Error: (04/13/2014 09:50:26 PM) (Source: Customer Experience Improvement Program) (User: )Description: 80070005 Error: (04/13/2014 09:10:07 PM) (Source: Desktop Window Manager) (User: )Description: The Desktop Window Manager has encountered a fatal error (0x8898008d) Error: (04/13/2014 08:53:23 PM) (Source: Application Hang) (User: )Description: The program LiveComm.exe version 17.5.9600.20461 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2430 Start Time: 01cf578ff88dddfd Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: 5ce0e185-c387-11e3-beca-48d224e13467 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 System errors:=============Error: (04/15/2014 10:00:03 AM) (Source: DCOM) (User: NT AUTHORITY)Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (04/15/2014 09:11:41 AM) (Source: DCOM) (User: LAURENS-LAPTOP)Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2} Error: (04/15/2014 09:04:53 AM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service. Error: (04/15/2014 07:57:42 AM) (Source: DCOM) (User: NT AUTHORITY)Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (04/14/2014 10:23:11 PM) (Source: DCOM) (User: LAURENS-LAPTOP)Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2} Error: (04/14/2014 07:59:18 PM) (Source: Service Control Manager) (User: )Description: The McAfee Inc. mfeapfk service failed to start due to the following error: %%1243 Error: (04/14/2014 06:31:37 PM) (Source: DCOM) (User: LAURENS-LAPTOP)Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2} Error: (04/14/2014 03:31:36 PM) (Source: DCOM) (User: LAURENS-LAPTOP)Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2} Error: (04/14/2014 03:27:01 PM) (Source: DCOM) (User: NT AUTHORITY)Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (04/14/2014 03:24:45 PM) (Source: DCOM) (User: NT AUTHORITY)Description: {209500FC-6B45-4693-8871-6296C4843751} Microsoft Office Sessions:=========================Error: (04/15/2014 10:26:17 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: LAURENS-LAPTOP)Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927142 Error: (04/15/2014 10:25:56 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: LAURENS-LAPTOP)Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927142 Error: (04/15/2014 10:25:03 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: LAURENS-LAPTOP)Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927142 Error: (04/15/2014 10:24:42 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: LAURENS-LAPTOP)Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927142 Error: (04/15/2014 10:23:28 AM) (Source: Application Hang)(User: )Description: wwahost.exe6.3.9600.164314a401cf58cb8e86464912C:\WINDOWS\system32\wwahost.exea54e615e-c4c2-11e3-becd-48d224e13467microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail Error: (04/15/2014 10:13:41 AM) (Source: Application Hang)(User: )Description: LiveComm.exe17.5.9600.204611a8c01cf58cb8926876e4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe4640e13c-c4c1-11e3-becd-48d224e13467microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (04/14/2014 04:32:52 PM) (Source: Customer Experience Improvement Program)(User: )Description: 80070005 Error: (04/13/2014 09:50:26 PM) (Source: Customer Experience Improvement Program)(User: )Description: 80070005 Error: (04/13/2014 09:10:07 PM) (Source: Desktop Window Manager)(User: )Description: 0x8898008d Error: (04/13/2014 08:53:23 PM) (Source: Application Hang)(User: )Description: LiveComm.exe17.5.9600.20461243001cf578ff88dddfd4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe5ce0e185-c387-11e3-beca-48d224e13467microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 CodeIntegrity Errors:=================================== Date: 2014-04-13 21:53:14.523 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2014-04-13 21:53:14.429 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2014-04-13 12:28:31.881 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2014-04-13 12:28:31.787 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2014-04-13 12:26:53.961 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2014-04-13 12:26:53.867 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2014-04-12 11:30:59.680 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2014-04-12 11:30:59.587 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2014-04-12 00:44:28.921 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2014-04-12 00:44:28.689 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== Percentage of memory in use: 65%Total physical RAM: 3903.41 MBAvailable physical RAM: 1341.89 MBTotal Pagefile: 4735.41 MBAvailable Pagefile: 1623.45 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.8 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:449.02 GB) (Free:403.03 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 466 GB) (Disk ID: E60EFD1E) Partition: GPT Partition Type. ==================== End Of Log ============================