[Solved] Positive Finds and Hot Deals Malware?

Hi, I would be grateful for any help wth my problem from the above. On Sunday I was on the Amazon site and I got a message asking me to do a short survey, it looked authentic and so I did, then it said I could have a free ‘prize’ and I didn’t like the look of it so I came off the site. Since then I have been plagued with something called Hot deals and Positive Finds. They come as a side bar and adverts wherever I go. It switches me to a search engine called Greatbritain.com, doing all sorts of weird things. Nev on another forum has been helping me and I have done the following with no success.
Ran full scan on Avast, nothing showing so I uninstalled and installed ESET full scan, again nothing.
Ran full scan on Malwarebytes result below

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 15/02/2015
Scan Time: 19:35:54
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.15.05
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: pamela

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 391311
Time Elapsed: 31 min, 58 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0


I did a Super Spyware scan with the results below as a file below.



I looked to see if it was there was a program to get rid of in the uninstall but no trace of it so I did a system restore to last Saturday. Still no good and then Nev suggested I downloaded …ADW and then I did a full scan. The results are below along with the one from FRST. I still have the adverts popping up, side bar, changing my program, hyperlinking, and also pop ups asking me to take surveys whichever program I am on.
I have done the ADW scan below


# AdwCleaner v4.110 - Logfile created 16/02/2015 at 13:12:55

# Updated 05/02/2015 by Xplode

# Database : 2015-02-05.2 [Local]

# Operating system : Windows 8.1 (x64)

# Username : pamela - PAMSLAPTOP

# Running from : C:\Users\pamela\Documents\MY DOCUMENTS\INSTALLATIONS\AdwCleaner.exe

# Option : Cleaning


***** [ Services ] *****



***** [ Files / Folders ] *****


Folder Deleted : C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602

Folder Deleted : C:\Program Files\Everything

Folder Deleted : C:\Users\pamela\AppData\Roaming\Everything

File Deleted : C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage

File Deleted : C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

File Deleted : C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage

File Deleted : C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal


***** [ Scheduled tasks ] *****



***** [ Shortcuts ] *****



***** [ Registry ] *****


Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}


***** [ Web browsers ] *****


-\\ Internet Explorer v11.0.9600.17416



-\\ Google Chrome v40.0.2214.111



-\\ Opera v0.0.0.0



*************************


AdwCleaner[R0].txt - [8335 bytes] - [20/04/2014 13:35:32]

AdwCleaner[R1].txt - [1723 bytes] - [16/02/2015 13:08:55]

AdwCleaner[S0].txt - [10284 bytes] - [20/04/2014 13:44:25]

AdwCleaner[S1].txt - [1666 bytes] - [16/02/2015 13:12:55]


_________________

 

sorry here is the extra FRST result

 

Today I read about someone else having similar problems and tried uninstalling Chrome which is the one I use so I have done that and now using internet explorer, the adverts are not coming onto this. I expect they are still on my laptop though.

 

Hi again, I seem to have solved the problem now. I have re installed Chrome and all seems to be OK again, thank you.

 

Thank you Starbuck here are the results

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by pamela (administrator) on PAMSLAPTOP on 19-02-2015 13:26:40
Running from C:\Users\pamela\Downloads
Loaded Profiles: pamela (Available profiles: pamela & Administrator)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Toolwiz) C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Toolwiz.com) C:\Program Files (x86)\ToolwizCareFree\ToolwizTools.exe
(Dropbox, Inc.) C:\Users\pamela\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
() C:\Program Files (x86)\Acer\Live Updater\updater.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-10-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE [283232 2014-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Run: [ToolwizCareFree] => C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe [5286160 2015-02-15] (Toolwiz)
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2480384 2014-12-19] (Acer)
Startup: C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.co.uk/
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001 -> DefaultScope {7C8695F2-1522-429C-8BD0-C9AEE04F8EA8} URL =
SearchScopes: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001 -> {7C8695F2-1522-429C-8BD0-C9AEE04F8EA8} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://search.babylon.com/?AF=100481&babsrc=HP_ss&mntrId=1e754307000000000000d682fe2bb396
CHR StartupUrls: Profile 1 -> "https://www.google.co.uk/?gfe_rd=cr&ei=qXxfVOnsM-yq8wemsoCoDQ&gws_rd=ssl", "hxxp://www.google.co.uk/"
CHR Profile: C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Translate) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-02-16]
CHR Extension: (Google Slides) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-16]
CHR Extension: (Google Docs) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-16]
CHR Extension: (Google Drive) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-16]
CHR Extension: (WOT) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-02-16]
CHR Extension: (iCloud) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2015-02-16]
CHR Extension: (YouTube) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Bing) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2015-02-16]
CHR Extension: (Adblock Plus) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-16]
CHR Extension: (Google Search) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-16]
CHR Extension: (Google Sheets) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-16]
CHR Extension: (Avast Online Security) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-16]
CHR Extension: (Google Play Music) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-02-16]
CHR Extension: (EagleGet Downloader) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kaebhgioafceeldhgjmendlfhbfjefmo [2015-02-16]
CHR Extension: (Google Maps) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-02-16]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2015-02-16]
CHR Extension: (Google Wallet) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-16]
CHR Extension: (ArcadeFrontier) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\peglehonblabfemopkgmfcpofbchegcl [2015-02-16]
CHR Extension: (Gmail) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-16]
CHR HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

Opera:
=======
OPR Extension: (pushOK_atarata) - C:\Users\pamela\AppData\Roaming\Opera Software\Opera Stable\Extensions\fnaejnjikodabjplcjngjnjniokmapkm [2015-01-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-01-17] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R4 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-10-02] (ELAN Microelectronics Corp.)
R4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R4 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporate)
R4 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S4 Everything; "C:\Program Files\Everything\Everything.exe" -svc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 BTOWSFF; C:\WINDOWS\System32\Drivers\BTOWSFF.sys [33024 2015-02-15] (Toolwiz.com)
R0 BTOWSVF; C:\Windows\System32\Drivers\BTOWSVF.sys [52480 2015-02-15] (Toolwiz.com)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-09-18] (ESET)
R0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [52992 2015-02-15] (Toolwiz.com)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-19 13:26 - 2015-02-19 13:26 - 00000000 ____D () C:\Users\pamela\Downloads\FRST-OlderVersion
2015-02-19 11:04 - 2015-02-19 11:04 - 00001130 _____ () C:\Users\pamela\Desktop\2015-02-19_11-04-10.xml
2015-02-19 10:55 - 2015-02-19 10:55 - 00002283 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-19 10:55 - 2015-02-19 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-19 10:54 - 2015-02-19 10:54 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d04c3270eb3560
2015-02-19 10:54 - 2015-02-19 10:54 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-19 10:54 - 2015-02-19 10:54 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04c3270eb3560.job
2015-02-19 10:54 - 2015-02-19 10:54 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-19 10:51 - 2015-02-19 10:51 - 00880208 _____ (Google Inc.) C:\Users\pamela\Downloads\ChromeSetup_exe (1)
2015-02-19 10:51 - 2015-02-19 10:51 - 00880208 _____ (Google Inc.) C:\Users\pamela\Documents\ChromeSetup_exe (1)
2015-02-19 10:47 - 2015-02-19 10:48 - 00880208 _____ (Google Inc.) C:\Users\pamela\Downloads\ChromeSetup_exe
2015-02-19 10:40 - 2015-02-19 10:40 - 05172208 _____ (Aveas Limited) C:\Users\pamela\Downloads\Unhooker.exe
2015-02-18 21:57 - 2015-02-18 21:57 - 00000000 _____ () C:\Users\pamela\Downloads\MSNHomepage_EXE.sskwq7m.partial
2015-02-17 14:10 - 2015-02-17 14:11 - 00033599 _____ () C:\Users\pamela\Downloads\Addition.txt
2015-02-17 14:08 - 2015-02-19 13:28 - 00020032 _____ () C:\Users\pamela\Downloads\FRST.txt
2015-02-17 14:06 - 2015-02-19 13:26 - 02086912 _____ (Farbar) C:\Users\pamela\Downloads\FRST64.exe
2015-02-16 19:04 - 2015-02-16 19:04 - 00024576 ____H () C:\Users\pamela\Desktop\~WRL0004.tmp
2015-02-16 14:06 - 2015-02-16 14:07 - 00000000 ____D () C:\Users\pamela\Desktop\FALCON PHOTOS 15
2015-02-16 13:36 - 2015-02-16 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-02-16 13:36 - 2015-02-16 15:49 - 00000000 ____D () C:\Program Files\HitmanPro
2015-02-16 09:41 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-16 09:41 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-15 21:40 - 2015-02-15 21:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-02-15 19:46 - 2015-02-18 11:34 - 00000464 _____ () C:\WINDOWS\setupact.log
2015-02-15 19:46 - 2015-02-15 19:46 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-15 19:17 - 2015-02-16 15:49 - 00000000 ____D () C:\Users\pamela\AppData\Local\ToolwizCareFree
2015-02-15 19:17 - 2015-02-16 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToolwizCareFree
2015-02-15 19:17 - 2015-02-15 19:17 - 00052992 _____ (Toolwiz.com) C:\WINDOWS\system32\Drivers\KSafeDISK.sys
2015-02-15 19:17 - 2015-02-15 19:17 - 00052480 _____ (Toolwiz.com) C:\WINDOWS\system32\Drivers\BTOWSVF.sys
2015-02-15 19:17 - 2015-02-15 19:17 - 00033024 _____ (Toolwiz.com) C:\WINDOWS\system32\Drivers\BTOWSFF.sys
2015-02-15 19:17 - 2015-02-15 19:17 - 00003322 _____ () C:\WINDOWS\System32\Tasks\ToolwizCareFree
2015-02-15 19:17 - 2015-02-15 19:17 - 00001098 _____ () C:\Users\Administrator\Desktop\Toolwiz Care.lnk
2015-02-15 19:17 - 2015-02-15 19:17 - 00000000 ____D () C:\Program Files (x86)\ToolwizCareFree
2015-02-15 18:13 - 2015-02-15 18:13 - 00000000 ____D () C:\Users\pamela\AppData\Local\ESET
2015-02-15 14:41 - 2015-02-16 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-02-15 14:41 - 2015-02-15 14:41 - 00000000 ____D () C:\ProgramData\ESET
2015-02-15 14:41 - 2015-02-15 14:41 - 00000000 ____D () C:\Program Files\ESET
2015-02-15 14:38 - 2014-12-31 11:14 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-02-14 16:30 - 2015-02-14 16:30 - 00000000 ____D () C:\Users\pamela\Documents\Valentines afternoon tea 2015
2015-02-14 14:03 - 2015-02-14 14:03 - 00000000 ____D () C:\Users\pamela\Documents\FlashIntegro
2015-02-14 14:03 - 2015-02-14 14:03 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\VideoEditor
2015-02-14 14:03 - 2015-02-14 14:03 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\FlashIntegro
2015-02-14 14:00 - 2015-02-14 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro
2015-02-14 14:00 - 2015-02-14 14:00 - 00000000 ____D () C:\Program Files (x86)\FlashIntegro
2015-02-14 14:00 - 2014-12-09 13:21 - 00081792 _____ (Flash-Integro LLC) C:\WINDOWS\SysWOW64\mslvddsfilter2.ax
2015-02-14 14:00 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\Lagarith.dll
2015-02-14 14:00 - 2005-08-01 19:43 - 00245760 _____ () C:\WINDOWS\SysWOW64\lame.ax
2015-02-14 14:00 - 2004-12-10 10:03 - 00438272 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2015-02-14 14:00 - 2004-09-06 16:06 - 00053248 _____ () C:\WINDOWS\SysWOW64\xvid.ax
2015-02-14 14:00 - 2004-07-03 21:08 - 00139264 _____ () C:\WINDOWS\SysWOW64\xvidvfw.dll
2015-02-14 14:00 - 2004-07-03 20:59 - 00524288 _____ () C:\WINDOWS\SysWOW64\xvidcore.dll
2015-02-14 14:00 - 2004-02-04 21:11 - 00081920 _____ (fccHandler) C:\WINDOWS\SysWOW64\AC3ACM.acm
2015-02-14 14:00 - 2003-05-22 12:26 - 00638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx.dll
2015-02-14 14:00 - 2003-05-22 12:26 - 00221215 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divxdec.ax
2015-02-14 14:00 - 2003-05-21 23:50 - 00261632 _____ (MainConcept) C:\WINDOWS\SysWOW64\mcdvd_32.dll
2015-02-14 14:00 - 2003-05-21 23:50 - 00156910 _____ () C:\WINDOWS\WMSysPr8.prx
2015-02-14 14:00 - 2003-05-21 23:50 - 00082944 _____ (Voxware, Inc.) C:\WINDOWS\SysWOW64\vct3216.acm
2015-02-14 14:00 - 2003-05-21 23:50 - 00038912 _____ (NCT Company) C:\WINDOWS\SysWOW64\alf2cd.acm
2015-02-14 14:00 - 2003-05-21 23:50 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2015-02-14 14:00 - 2003-03-25 05:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\L3CODECX.AX
2015-02-14 14:00 - 2003-03-18 23:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2015-02-14 14:00 - 2003-02-21 03:42 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2015-02-14 14:00 - 2002-08-20 00:41 - 00413760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg4c32.dll
2015-02-14 14:00 - 2000-03-14 20:55 - 00013239 _____ (SHARP Corporation) C:\WINDOWS\SysWOW64\Scg726.acm
2015-02-14 13:45 - 2015-02-14 13:45 - 00000104 _____ () C:\Users\pamela\Desktop\Falcons - EcoWeb - Nottingham Trent University.url
2015-02-13 15:45 - 2015-02-16 15:49 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Witches' Legacy - The Charleston Curse
2015-02-13 15:45 - 2015-02-16 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Witches' Legacy - The Charleston Curse
2015-02-13 15:45 - 2015-02-13 15:46 - 00000000 ____D () C:\Program Files (x86)\Witches' Legacy - The Charleston Curse
2015-02-13 15:45 - 2015-02-13 15:45 - 00002300 _____ () C:\Users\Public\Desktop\Play The Agency of Anomalies - Cinderstone Orphanage.lnk
2015-02-13 15:44 - 2015-02-16 15:49 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Agency of Anomalies - Cinderstone Orphanage
2015-02-13 15:44 - 2015-02-16 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Agency of Anomalies - Cinderstone Orphanage
2015-02-13 15:44 - 2015-02-13 15:45 - 00000000 ____D () C:\Program Files (x86)\The Agency of Anomalies - Cinderstone Orphanage
2015-02-13 13:50 - 2015-02-13 13:50 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\EleFun Games
2015-02-13 13:24 - 2015-02-13 13:24 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Orneon
2015-02-13 11:04 - 2015-02-16 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Collage Maker
2015-02-13 11:03 - 2015-02-13 11:04 - 00000000 ____D () C:\Program Files (x86)\Picture Collage Maker
2015-02-13 10:52 - 2015-02-13 10:54 - 116703939 _____ () C:\Users\pamela\Documents\PictureCollageMaker412_Win.zip
2015-02-12 21:43 - 2015-02-12 21:43 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Elephant Games
2015-02-12 20:50 - 2015-02-12 20:51 - 00000197 _____ () C:\WINDOWS\system32\2015-02-12-20-50-11.098-AvastVBoxSVC.exe-4664.log
2015-02-12 18:39 - 2015-02-12 18:39 - 00893254 _____ () C:\Users\pamela\Documents\Untitled 1 (2).bmp
2015-02-12 17:28 - 2015-01-15 22:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-12 17:28 - 2015-01-15 22:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-12 17:28 - 2015-01-14 04:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-12 17:28 - 2015-01-14 03:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-12 17:28 - 2015-01-13 22:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-12 17:28 - 2015-01-13 22:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-12 17:28 - 2015-01-10 09:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-12 17:28 - 2015-01-10 09:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-12 17:28 - 2015-01-10 08:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-12 17:28 - 2014-12-09 03:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-12 17:28 - 2014-12-09 01:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-12 17:28 - 2014-10-29 02:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-02-12 17:28 - 2014-10-29 02:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-02-12 17:28 - 2014-10-29 02:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-02-12 17:28 - 2014-10-29 02:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-02-12 17:28 - 2014-10-29 02:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-12 17:28 - 2014-10-29 02:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-12 17:28 - 2014-10-29 01:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-12 17:28 - 2014-10-29 01:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-02-12 17:28 - 2014-10-29 01:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-12 17:28 - 2014-10-29 01:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-12 17:28 - 2014-10-29 01:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-12 17:28 - 2014-10-29 01:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-12 17:28 - 2014-10-29 01:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-12 17:27 - 2015-01-12 03:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-12 17:27 - 2015-01-12 02:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-12 17:27 - 2015-01-12 02:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-12 17:27 - 2015-01-12 02:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-12 17:27 - 2015-01-12 02:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-12 17:27 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-12 17:27 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-12 17:27 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-12 17:27 - 2015-01-12 02:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-12 17:27 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-12 17:27 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-12 17:27 - 2015-01-12 01:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-12 17:27 - 2015-01-12 01:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-12 17:27 - 2015-01-12 01:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-12 17:27 - 2015-01-12 01:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-12 17:27 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-12 17:27 - 2015-01-12 01:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-12 17:27 - 2015-01-12 01:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-12 17:27 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-12 17:27 - 2015-01-12 01:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-12 17:27 - 2015-01-12 01:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-12 17:27 - 2015-01-12 01:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-12 17:27 - 2015-01-12 01:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-12 17:27 - 2015-01-12 01:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-12 17:27 - 2015-01-12 01:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-12 17:27 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-12 17:27 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-12 17:27 - 2015-01-12 01:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-12 17:27 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-12 17:27 - 2015-01-12 01:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-12 17:27 - 2015-01-12 01:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-12 17:27 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-12 17:27 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-12 17:27 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-12 17:27 - 2015-01-10 07:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-12 17:27 - 2015-01-10 06:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-12 17:24 - 2015-01-10 08:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-12 14:34 - 2015-02-12 14:34 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\DailyMagic
2015-02-12 14:34 - 2015-02-12 14:34 - 00000000 ____D () C:\ProgramData\DailyMagic
2015-02-09 22:11 - 2015-02-09 22:13 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\TOMI2.THE GATES OF FATE
2015-02-09 18:43 - 2015-02-19 11:22 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Jarte
2015-02-09 18:43 - 2015-02-09 18:43 - 00000995 _____ () C:\Users\Public\Desktop\Jarte.lnk
2015-02-09 18:43 - 2015-02-09 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jarte
2015-02-09 18:43 - 2015-02-09 18:43 - 00000000 ____D () C:\Program Files (x86)\Jarte
2015-02-09 18:42 - 2015-02-09 18:42 - 03172696 _____ (Carolina Road Software ) C:\Users\pamela\Documents\jarte_52_setup.exe
2015-02-08 23:11 - 2015-02-08 23:11 - 00000000 ____D () C:\Users\pamela\AppData\Local\iGware
2015-02-08 18:54 - 2015-02-08 18:54 - 00211254 _____ () C:\Users\pamela\Documents\skip.bmp
2015-02-08 10:45 - 2015-02-08 10:50 - 202689545 _____ () C:\Users\pamela\Documents\BalladOfSolar.zip
2015-02-08 10:39 - 2015-02-08 10:39 - 00001135 _____ () C:\Users\Administrator\Desktop\Caps Lock Changer.lnk
2015-02-08 10:39 - 2015-02-08 10:39 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Caps Lock Changer
2015-02-08 10:39 - 2015-02-08 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Caps Lock Changer
2015-02-08 10:39 - 2015-02-08 10:39 - 00000000 ____D () C:\Program Files (x86)\Caps Lock Changer
2015-02-08 10:38 - 2015-02-08 10:38 - 00269626 _____ () C:\Users\pamela\Documents\CapsLockChangerSetup.exe
2015-02-07 09:06 - 2015-02-07 09:06 - 00000000 ____D () C:\Users\pamela\abBox
2015-02-07 09:04 - 2015-02-18 14:07 - 00000000 ____D () C:\Users\pamela\AppData\Local\CrashDumps
2015-02-07 09:03 - 2015-02-07 09:03 - 00003334 _____ () C:\WINDOWS\System32\Tasks\AcerCloud
2015-02-07 09:03 - 2015-02-07 09:03 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\acer
2015-02-07 09:01 - 2015-02-07 09:01 - 00000000 ____D () C:\Users\pamela\AppData\Local\AcerCloud
2015-02-06 14:58 - 2015-02-06 14:58 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\VisualShape
2015-02-06 14:58 - 2015-02-06 14:58 - 00000000 ____D () C:\ProgramData\VisualShape
2015-02-06 09:25 - 2015-02-06 09:25 - 00789654 _____ () C:\Users\pamela\Documents\Untitled 1.bmp
2015-02-05 21:55 - 2015-02-05 21:57 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-21-55-26.025-AvastVBoxSVC.exe-3768.log
2015-02-05 18:53 - 2015-02-05 18:53 - 00000000 ____D () C:\ProgramData\The Revills Games
2015-02-05 18:37 - 2015-02-05 18:37 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2015-02-05 16:56 - 2015-02-05 16:56 - 00000000 ____D () C:\ProgramData\Particles
2015-02-05 16:44 - 2015-02-05 16:44 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\DominiGames
2015-02-05 16:36 - 2015-02-05 16:36 - 00002368 _____ () C:\Users\Public\Desktop\Play Mystery Tales - The Twilight World Collectors Edition.lnk
2015-02-05 16:33 - 2015-02-05 16:36 - 00000000 ____D () C:\Program Files (x86)\Mystery Tales - The Twilight World Collectors Edition
2015-02-05 16:33 - 2015-02-05 16:33 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Tales - The Twilight World Collectors Edition
2015-02-05 16:33 - 2015-02-05 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Tales - The Twilight World Collectors Edition
2015-02-05 14:36 - 2015-02-08 16:00 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\AlawarEntertainment
2015-02-05 10:39 - 2015-02-05 13:16 - 00893254 _____ () C:\Users\pamela\Documents\internetday banner.bmp
2015-02-03 22:03 - 2015-02-03 22:03 - 00000197 _____ () C:\WINDOWS\system32\2015-02-03-22-03-19.059-AvastVBoxSVC.exe-3604.log
2015-02-03 20:56 - 2015-02-03 20:56 - 00893254 _____ () C:\Users\pamela\Documents\valentine.bmp
2015-02-03 20:15 - 2015-02-03 20:58 - 00893254 _____ () C:\Users\pamela\Documents\pancake day.bmp
2015-02-02 10:15 - 2015-02-02 10:15 - 00000000 ____D () C:\Users\pamela\Documents\iPixSoft Video Slideshow Maker
2015-02-02 10:15 - 2015-02-02 10:15 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\iPixSoft
2015-02-02 10:15 - 2015-02-02 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPixSoft
2015-02-02 10:14 - 2015-02-02 10:14 - 00000000 ____D () C:\Program Files (x86)\iPixSoft
2015-02-02 10:08 - 2015-02-02 10:10 - 34314133 _____ () C:\Users\pamela\Documents\iPixSoftVideoSlideshowMaker341.zip
2015-02-01 16:05 - 2015-02-01 16:05 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-02-01 16:04 - 2015-02-01 16:04 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\WildTangent
2015-02-01 10:44 - 2015-02-15 22:46 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Alawar
2015-01-30 18:01 - 2015-01-30 18:01 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Eipix
2015-01-30 09:54 - 2015-01-30 09:55 - 00000197 _____ () C:\WINDOWS\system32\2015-01-30-09-54-42.067-AvastVBoxSVC.exe-2568.log
2015-01-26 22:02 - 2015-01-26 22:02 - 00000000 ____D () C:\Users\pamela\Documents\Nearwood SE
2015-01-24 15:10 - 2015-01-24 15:11 - 00000197 _____ () C:\WINDOWS\system32\2015-01-24-15-10-18.098-AvastVBoxSVC.exe-3028.log
2015-01-24 15:10 - 2015-01-24 15:10 - 00000000 _____ () C:\Users\pamela\Sti_Trace.log
2015-01-24 11:45 - 2015-01-24 11:45 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\RuneStonesQuest
2015-01-24 11:33 - 2015-01-24 11:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-01-24 09:58 - 2015-01-24 09:59 - 00000197 _____ () C:\WINDOWS\system32\2015-01-24-09-58-41.053-AvastVBoxSVC.exe-2672.log
2015-01-23 10:11 - 2015-01-23 10:11 - 00000000 ____D () C:\Users\pamela\Documents\High Motion Software
2015-01-23 10:11 - 2015-01-23 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High Motion Software
2015-01-23 10:11 - 2015-01-23 10:11 - 00000000 ____D () C:\Program Files (x86)\ImBatch
2015-01-23 10:10 - 2015-01-23 10:10 - 13213192 _____ (High Motion Software ) C:\Users\pamela\Documents\setup-imbatch-latest.exe
2015-01-22 18:08 - 2015-01-22 18:09 - 00000197 _____ () C:\WINDOWS\system32\2015-01-22-18-08-49.033-AvastVBoxSVC.exe-2584.log
2015-01-22 10:10 - 2015-01-22 10:10 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Epson
2015-01-21 22:39 - 2015-01-21 22:39 - 00000000 ____D () C:\Program Files\EpsonNet
2015-01-21 22:39 - 2011-08-30 13:40 - 00535040 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2015-01-21 22:39 - 2011-08-30 13:40 - 00535040 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2015-01-21 22:39 - 2011-08-30 13:38 - 00558080 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2015-01-21 22:39 - 2011-08-30 13:38 - 00558080 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2015-01-21 22:39 - 2011-08-01 18:24 - 00250880 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2015-01-21 22:39 - 2011-08-01 18:24 - 00250880 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2015-01-21 22:38 - 2015-01-21 22:38 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\InstallShield
2015-01-21 22:38 - 2015-01-21 22:38 - 00000000 ____D () C:\Program Files\EPSON
2015-01-21 22:27 - 2015-01-21 22:35 - 114022688 _____ () C:\Users\pamela\Documents\epson15719.exe
2015-01-21 17:57 - 2015-01-21 17:57 - 00003284 _____ () C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2138484092-3631122937-4138138785-1001
2015-01-21 17:01 - 2015-01-21 17:03 - 00000197 _____ () C:\WINDOWS\system32\2015-01-21-17-01-02.084-AvastVBoxSVC.exe-2776.log
2015-01-21 16:04 - 2015-02-06 10:26 - 00000000 ____D () C:\Users\pamela\Documents\Bluetooth Folder
2015-01-21 16:04 - 2015-01-21 16:04 - 00000000 ____D () C:\Users\pamela\AppData\Local\BMExplorer
2015-01-21 13:21 - 2015-01-21 13:21 - 00101040 _____ () C:\Users\pamela\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-20 20:26 - 2015-01-22 13:10 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Skype
2015-01-20 20:26 - 2015-01-20 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-20 20:26 - 2015-01-20 20:26 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-01-20 20:26 - 2015-01-20 20:26 - 00000000 ____D () C:\Users\pamela\AppData\Local\Skype
2015-01-20 20:26 - 2015-01-20 20:26 - 00000000 ____D () C:\ProgramData\Skype
2015-01-20 20:26 - 2015-01-20 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-20 10:13 - 2014-07-24 15:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2015-01-20 10:13 - 2014-07-24 15:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2015-01-20 10:13 - 2014-07-24 15:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-01-20 10:13 - 2014-07-24 15:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2015-01-20 10:13 - 2014-07-24 15:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-01-20 10:13 - 2014-07-24 15:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-01-20 10:13 - 2014-07-24 15:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-01-20 10:13 - 2014-07-24 15:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-01-20 10:13 - 2014-07-24 15:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-01-20 10:13 - 2014-07-24 15:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2015-01-20 10:13 - 2014-07-24 13:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2015-01-20 10:13 - 2014-07-24 13:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-01-20 10:13 - 2014-07-24 13:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-01-20 10:13 - 2014-07-24 13:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-01-20 10:13 - 2014-07-24 13:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2015-01-20 10:13 - 2014-07-24 11:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2015-01-20 10:13 - 2014-07-24 11:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2015-01-20 10:13 - 2014-07-24 11:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2015-01-20 10:13 - 2014-07-24 10:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-01-20 10:13 - 2014-07-24 09:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-01-20 10:13 - 2014-07-24 09:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-20 10:13 - 2014-07-24 09:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2015-01-20 10:13 - 2014-07-24 09:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-01-20 10:13 - 2014-07-24 09:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-20 10:13 - 2014-07-24 09:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2015-01-20 10:13 - 2014-07-24 08:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2015-01-20 10:13 - 2014-07-24 08:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2015-01-20 10:13 - 2014-07-24 08:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2015-01-20 10:13 - 2014-07-24 08:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-01-20 10:13 - 2014-07-24 08:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-01-20 10:13 - 2014-07-24 08:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2015-01-20 10:13 - 2014-07-24 08:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-01-20 10:13 - 2014-07-24 08:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-20 10:13 - 2014-07-24 08:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-01-20 10:13 - 2014-07-24 08:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-20 10:13 - 2014-07-24 08:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2015-01-20 10:13 - 2014-07-24 07:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2015-01-20 10:13 - 2014-07-24 07:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2015-01-20 10:13 - 2014-07-24 07:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-01-20 10:13 - 2014-07-24 04:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-01-20 10:13 - 2014-07-24 04:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2015-01-20 10:13 - 2014-07-04 09:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2015-01-20 10:13 - 2014-06-14 06:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2015-01-20 10:13 - 2014-06-14 05:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2015-01-20 10:13 - 2014-05-06 04:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-01-20 10:12 - 2014-07-24 15:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-01-20 10:12 - 2014-07-24 15:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-01-20 10:12 - 2014-07-24 15:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-20 10:12 - 2014-07-24 15:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-01-20 10:12 - 2014-07-24 15:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-20 10:12 - 2014-07-24 15:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2015-01-20 10:12 - 2014-07-24 15:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-01-20 10:12 - 2014-07-24 15:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-01-20 10:12 - 2014-07-24 15:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-01-20 10:12 - 2014-07-24 15:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-01-20 10:12 - 2014-07-24 13:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-01-20 10:12 - 2014-07-24 13:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2015-01-20 10:12 - 2014-07-24 13:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-01-20 10:12 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2015-01-20 10:12 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2015-01-20 10:12 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2015-01-20 10:12 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2015-01-20 10:12 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2015-01-20 10:12 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2015-01-20 10:12 - 2014-07-24 11:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2015-01-20 10:12 - 2014-07-24 11:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-01-20 10:12 - 2014-07-24 11:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2015-01-20 10:12 - 2014-07-24 11:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2015-01-20 10:12 - 2014-07-24 11:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-01-20 10:12 - 2014-07-24 11:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-20 10:12 - 2014-07-24 11:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-20 10:12 - 2014-07-24 11:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2015-01-20 10:12 - 2014-07-24 11:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-01-20 10:12 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2015-01-20 10:12 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2015-01-20 10:12 - 2014-07-24 10:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2015-01-20 10:12 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2015-01-20 10:12 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2015-01-20 10:12 - 2014-07-24 10:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2015-01-20 10:12 - 2014-07-24 10:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2015-01-20 10:12 - 2014-07-24 10:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-20 10:12 - 2014-07-24 10:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2015-01-20 10:12 - 2014-07-24 10:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2015-01-20 10:12 - 2014-07-24 10:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-01-20 10:12 - 2014-07-24 10:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2015-01-20 10:12 - 2014-07-24 10:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2015-01-20 10:12 - 2014-07-24 10:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-01-20 10:12 - 2014-07-24 10:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2015-01-20 10:12 - 2014-07-24 10:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2015-01-20 10:12 - 2014-07-24 09:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2015-01-20 10:12 - 2014-07-24 09:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2015-01-20 10:12 - 2014-07-24 09:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2015-01-20 10:12 - 2014-07-24 09:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2015-01-20 10:12 - 2014-07-24 09:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-01-20 10:12 - 2014-07-24 09:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2015-01-20 10:12 - 2014-07-24 09:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2015-01-20 10:12 - 2014-07-24 09:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2015-01-20 10:12 - 2014-07-24 09:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2015-01-20 10:12 - 2014-07-24 09:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-01-20 10:12 - 2014-07-24 09:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2015-01-20 10:12 - 2014-07-24 09:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2015-01-20 10:12 - 2014-07-24 09:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-01-20 10:12 - 2014-07-24 09:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2015-01-20 10:12 - 2014-07-24 09:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2015-01-20 10:12 - 2014-07-24 08:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2015-01-20 10:12 - 2014-07-24 08:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2015-01-20 10:12 - 2014-07-24 08:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2015-01-20 10:12 - 2014-07-24 08:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2015-01-20 10:12 - 2014-07-24 08:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-01-20 10:12 - 2014-07-24 08:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-01-20 10:12 - 2014-07-24 08:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2015-01-20 10:12 - 2014-07-24 08:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2015-01-20 10:12 - 2014-07-24 08:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2015-01-20 10:12 - 2014-07-24 08:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-01-20 10:12 - 2014-07-24 08:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2015-01-20 10:12 - 2014-07-24 08:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2015-01-20 10:12 - 2014-07-24 08:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-01-20 10:12 - 2014-07-24 08:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-20 10:12 - 2014-07-24 08:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-01-20 10:12 - 2014-07-24 08:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2015-01-20 10:12 - 2014-07-24 08:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2015-01-20 10:12 - 2014-07-24 08:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2015-01-20 10:12 - 2014-07-24 08:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2015-01-20 10:12 - 2014-07-24 08:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2015-01-20 10:12 - 2014-07-24 08:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-01-20 10:12 - 2014-07-24 08:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-01-20 10:12 - 2014-07-24 08:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-20 10:12 - 2014-07-24 08:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2015-01-20 10:12 - 2014-07-24 08:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-20 10:12 - 2014-07-24 08:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-20 10:12 - 2014-07-24 07:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-01-20 10:12 - 2014-07-24 07:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-01-20 10:12 - 2014-07-24 07:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2015-01-20 10:12 - 2014-07-24 07:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-01-20 10:12 - 2014-07-24 07:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-01-20 10:12 - 2014-07-12 05:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2015-01-20 10:12 - 2014-07-12 04:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2015-01-20 10:12 - 2014-07-04 12:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2015-01-20 10:12 - 2014-07-04 10:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2015-01-20 10:12 - 2014-07-04 10:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-01-20 10:12 - 2014-07-04 10:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2015-01-20 10:12 - 2014-07-04 10:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-01-20 10:12 - 2014-07-04 09:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2015-01-20 10:12 - 2014-06-27 06:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2015-01-20 10:12 - 2014-06-26 00:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2015-01-20 10:12 - 2014-06-26 00:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2015-01-20 10:12 - 2014-06-19 23:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-01-20 10:12 - 2014-06-19 02:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2015-01-20 10:12 - 2014-06-07 12:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2015-01-20 10:12 - 2014-06-07 10:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2015-01-20 10:12 - 2014-06-05 14:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-01-20 10:12 - 2014-06-05 10:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2015-01-20 10:12 - 2014-06-05 09:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2015-01-20 10:12 - 2014-05-31 05:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2015-01-20 10:12 - 2014-05-31 04:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2015-01-20 10:12 - 2014-05-29 06:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2015-01-20 10:12 - 2014-05-29 05:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2015-01-20 10:12 - 2014-05-26 07:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-01-20 10:12 - 2014-05-10 10:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-01-20 10:12 - 2014-05-10 08:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-01-20 10:12 - 2014-05-06 00:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-01-20 10:12 - 2014-03-25 02:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2015-01-20 10:12 - 2014-03-25 02:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2015-01-20 10:12 - 2014-03-25 01:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2015-01-20 10:12 - 2014-03-25 01:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2015-01-20 10:11 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2015-01-20 10:11 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2015-01-20 10:11 - 2014-07-24 08:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-20 10:11 - 2014-07-24 08:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2021-10-21 13:36 - 2014-01-06 04:50 - 00000852 _____ () C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 07:34 - 2014-01-06 04:50 - 00000712 _____ () C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2015-02-19 13:26 - 2014-04-20 16:11 - 00000000 ____D () C:\FRST
2015-02-19 13:24 - 2015-01-18 18:24 - 00000941 _____ () C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {0D94A9D0-B043-439F-AD01-0BE120FE12C0}.job
2015-02-19 13:24 - 2015-01-18 18:24 - 00000755 _____ () C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {0D94A9D0-B043-439F-AD01-0BE120FE12C0}.job
2015-02-19 13:02 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-19 12:41 - 2015-01-16 22:30 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-19 11:48 - 2015-01-16 14:00 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2138484092-3631122937-4138138785-1001
2015-02-19 11:29 - 2014-06-24 14:23 - 00000000 ___RD () C:\Users\pamela\Dropbox
2015-02-19 11:25 - 2015-01-17 11:55 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-19 10:55 - 2015-01-16 14:27 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-19 10:54 - 2015-01-16 14:26 - 00000000 ____D () C:\Users\pamela\AppData\Local\Deployment
2015-02-19 10:25 - 2014-01-06 04:27 - 01809179 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-19 10:05 - 2015-01-16 18:20 - 00001036 _____ () C:\Users\pamela\Desktop\Dropbox.lnk
2015-02-19 10:05 - 2015-01-16 18:19 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-19 10:05 - 2015-01-16 18:17 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Dropbox
2015-02-19 10:02 - 2014-03-08 13:46 - 00000000 ___DO () C:\Users\pamela\SkyDrive
2015-02-18 22:48 - 2015-01-16 13:45 - 00000000 ____D () C:\Users\pamela
2015-02-18 22:47 - 2014-01-06 05:13 - 00000000 ____D () C:\ProgramData\Temp
2015-02-18 20:36 - 2014-03-08 16:14 - 00000000 ___RD () C:\Users\pamela\Desktop\SECURITY
2015-02-18 19:40 - 2013-11-27 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-18 19:40 - 2013-11-27 10:12 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-02-18 15:39 - 2014-03-16 10:17 - 00000000 ___RD () C:\Users\pamela\Desktop\GIVEAWAY FULL GAMES
2015-02-18 11:34 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-17 10:29 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-17 10:04 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-16 20:23 - 2013-08-22 13:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-16 20:21 - 2015-01-16 13:52 - 00000000 ____D () C:\Users\pamela\AppData\Local\VirtualStore
2015-02-16 15:49 - 2015-01-16 17:55 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\PhotoFiltre
2015-02-16 15:49 - 2014-01-06 05:13 - 00000000 ____D () C:\ProgramData\Norton
2015-02-16 15:49 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-16 15:49 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-16 15:49 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-02-16 15:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration
2015-02-16 13:12 - 2014-04-20 13:33 - 00000000 ____D () C:\AdwCleaner
2015-02-16 09:43 - 2013-08-22 15:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-15 19:22 - 2013-11-27 09:48 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-15 19:12 - 2013-08-22 14:44 - 00429600 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-15 18:35 - 2015-01-19 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-02-15 18:35 - 2015-01-16 14:56 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2015-02-15 14:43 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-15 14:34 - 2015-01-16 14:34 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-15 14:34 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Vss
2015-02-15 10:24 - 2014-04-06 09:24 - 00000000 ____D () C:\Games
2015-02-14 10:01 - 2015-01-10 10:04 - 00013824 _____ () C:\Users\pamela\Desktop\weight chart 2015 book2.xls
2015-02-13 11:09 - 2014-11-21 10:40 - 00000000 ____D () C:\Users\Public\Documents\PearlMountain
2015-02-13 11:04 - 2015-01-17 10:18 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\PearlMountain
2015-02-13 11:04 - 2015-01-17 10:18 - 00000000 ____D () C:\ProgramData\PearlMountain
2015-02-12 14:42 - 2014-04-21 20:44 - 00000000 ____D () C:\BigFishCache
2015-02-08 17:32 - 2015-01-18 11:56 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\MagicIndie
2015-02-07 19:59 - 2013-11-27 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-07 19:59 - 2013-11-27 10:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-02-07 19:57 - 2015-01-16 13:55 - 00000000 ____D () C:\Users\pamela\AppData\Local\clear.fi
2015-02-07 09:03 - 2014-01-06 05:08 - 00000000 ____D () C:\ProgramData\OEM
2015-02-05 21:59 - 2013-11-27 09:55 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-03 19:31 - 2015-01-17 16:41 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 19:31 - 2015-01-17 16:41 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-01 16:04 - 2013-11-27 10:12 - 00000000 ____D () C:\ProgramData\WildTangent
2015-01-29 22:16 - 2014-03-08 13:42 - 00000000 ____D () C:\Users\pamela\AppData\Local\Packages
2015-01-26 15:24 - 2014-03-08 18:31 - 00000000 ____D () C:\Users\pamela\Desktop\MATERIAL FOR NEW BOOK
2015-01-23 16:30 - 2014-03-08 18:29 - 00000000 ___RD () C:\Users\pamela\Desktop\MY DOCTORS INFO
2015-01-22 10:11 - 2015-01-16 13:45 - 00000000 ____D () C:\Users\pamela\AppData\Local\Pokki
2015-01-21 22:41 - 2015-01-19 20:30 - 00000000 ____D () C:\Program Files (x86)\epson
2015-01-21 22:41 - 2014-01-06 04:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-21 22:40 - 2015-01-19 20:30 - 00000954 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2015-01-21 22:39 - 2015-01-16 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-01-21 22:37 - 2015-01-16 16:03 - 00000000 ____D () C:\ProgramData\EPSON
2015-01-21 16:56 - 2013-08-22 19:11 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-21 16:56 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-21 16:56 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-21 16:56 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-21 16:56 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-01-21 16:55 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-21 16:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2015-01-21 16:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-21 16:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-01-21 16:55 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-01-21 16:54 - 2013-08-22 11:22 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-01-21 16:54 - 2013-08-22 11:22 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-01-21 16:54 - 2013-08-22 11:17 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-01-21 16:54 - 2013-08-22 11:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-01-21 16:54 - 2013-08-22 11:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-01-21 16:54 - 2013-08-22 04:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-01-21 16:54 - 2013-08-22 04:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-01-21 16:54 - 2013-08-22 03:59 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-01-21 16:54 - 2013-08-22 03:56 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-01-21 16:54 - 2013-08-22 03:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-01-21 16:54 - 2013-08-22 03:51 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-01-21 16:54 - 2013-08-22 03:51 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-01-21 16:54 - 2013-08-22 03:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-01-21 16:54 - 2013-08-22 03:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-01-21 16:04 - 2014-01-06 05:00 - 00000000 ____D () C:\ProgramData\Atheros

==================== Files in the root of some directories =======

2014-08-13 09:03 - 2014-08-13 09:03 - 0752128 _____ () C:\Users\pamela\AppData\Local\AlawarHelper.exe
2014-01-06 04:51 - 2014-01-06 04:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\pamela\DropboxInstaller.exe
C:\Users\pamela\mbam-setup-2.0.4.1028.exe
C:\Users\pamela\pf7-setup-en.exe


Some content of TEMP:
====================
C:\Users\pamela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp60v0gw.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-15 16:30

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by pamela at 2015-02-19 13:29:15
Running from C:\Users\pamela\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8101 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atlantis: Pearls of the Deep (HKLM-x32\...\BFG-Atlantis - Pearls of the Deep) (Version: - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Caps Lock Changer 1.0 (HKLM-x32\...\Caps Lock Changer) (Version: 1.0 - Filebird.com)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3323.57 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Echoes of Sorrow (HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Echoes of Sorrow) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-302 303 305 306 Series Printer Uninstall (HKLM\...\EPSON XP-302 303 305 306 Series) (Version: - SEIKO EPSON Corporation)
EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
ESET NOD32 Antivirus (HKLM\...\{7F39EB28-B9B7-41B8-8564-DB33284A010D}) (Version: 8.0.304.0 - ESET, spol s r. o.)
ETDWare PS/2-X64 11.6.28.201_WHQL (HKLM\...\Elantech) (Version: 11.6.28.201 - ELAN Microelectronic Corp.)
Fairway™ (HKLM-x32\...\BFG-Fairway) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.236 - SurfRight B.V.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
ImBatch 3.5.0 (HKLM-x32\...\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1) (Version: 3.5.0 - High Motion Software)
Insane Cold: Back to the Ice Age (HKLM-x32\...\BFG-Insane Cold - Back to the Ice Age) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3349 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
iPixSoft Video Slideshow Maker (3.4.1.0) (HKLM-x32\...\iPixSoft Video Slideshow Maker_is1) (Version: 3.4.1.0 - iPixSoft)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Jarte 5.2 (HKLM-x32\...\Jarte_is1) (Version: 5.2 - Carolina Road Software L.L.C.)
Lamp of Aladdin (HKLM-x32\...\BFG-Lamp of Aladdin) (Version: - )
League of Mermaids: Pearl Saga (HKLM-x32\...\BFG-League of Mermaids - Pearl Saga) (Version: - )
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Mystery Tales: The Twilight World Collector's Edition (HKLM-x32\...\BFG-Mystery Tales - The Twilight World Collectors Edition) (Version: - )
Nearwood (HKLM-x32\...\BFG-Nearwood) (Version: - )
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
PhotoFiltre (HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\PhotoFiltre) (Version: - )
Picture Collage Maker 4.1.2 (HKLM-x32\...\{D53599B0-AA76-4CC6-B9EF-CC2F27B56F24}_is1) (Version: 4.1.2 - PearlMountain Technology Co., Ltd)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.27041 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
The Agency of Anomalies: Cinderstone Orphanage (HKLM-x32\...\BFG-The Agency of Anomalies - Cinderstone Orphanage) (Version: - )
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
The Far Kingdoms: Winter Solitaire (HKLM-x32\...\BFG-The Far Kingdoms - Winter Solitaire) (Version: - )
Toolwiz Care (HKLM-x32\...\ToolwizCareFree) (Version: 3.1.0.5100 - ToolWiz Care)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VSDC Free Video Editor version 2.3.1.339 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 2.3.1.339 - Flash-Integro LLC)
Whispered Stories: Sandman (HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Whispered Stories: Sandman) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Witches' Legacy: The Charleston Curse (HKLM-x32\...\BFG-Witches' Legacy - The Charleston Curse) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

02-02-2015 10:12:45 Windows Update
05-02-2015 10:33:06 Windows Update
08-02-2015 11:28:35 Windows Update
12-02-2015 12:45:31 Windows Update
14-02-2015 14:00:48 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
15-02-2015 14:24:26 Revo Uninstaller's restore point - Avast Free Antivirus
16-02-2015 15:26:50 Restore Operation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2B29CD6E-B01A-40C7-B63A-EC42A29C9B55} - System32\Tasks\GoogleUpdateTaskMachineCore1d04c3270eb3560 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: {2EDCEF49-C5A6-42BE-82FC-B5B05E82738B} - System32\Tasks\EPSON XP-312 313 315 Series Update {0D94A9D0-B043-439F-AD01-0BE120FE12C0} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-12-03] (SEIKO EPSON CORPORATION)
Task: {398A1DA3-84E0-4D21-BBF7-1D57ECE1D2B8} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {0D94A9D0-B043-439F-AD01-0BE120FE12C0} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-12-03] (SEIKO EPSON CORPORATION)
Task: {39F97378-9FE6-4A41-98E6-3F062E2ECBA8} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {3E6B7FAF-B2F7-4723-AA6D-85447FEB0682} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-09-12] (Acer Incorporated)
Task: {5CF7D427-668E-49E8-9E4A-3DDCDA2738FD} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {63628C44-8485-4BA4-89E2-75063B675B6D} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-02] (Acer Incorporate)
Task: {6C69E5D4-C0A2-4E53-9F2E-2FB7994DEF2B} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {6EA775D7-9A79-4328-A1D8-B1B5975037E5} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate)
Task: {83072805-5E61-4BF3-97C8-C19693E15FF9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8E81B0FD-4E65-4CD0-8613-F74C1242A6B2} - System32\Tasks\ToolwizCareFree => C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe [2015-02-15] (Toolwiz)
Task: {930A3CCE-3C68-420E-89B6-A07739C15BCA} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {CE4E985C-2A0B-4D7F-8427-3143897146F1} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {F3A5D9A3-F1C0-403F-90C7-700236AFC71B} - System32\Tasks\avastBCLRestartS-1-5-21-2138484092-3631122937-4138138785-1001 => Chrome.exe
Task: {F52BAABC-ECE7-45D6-A6E8-C96C1E6690EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {0D94A9D0-B043-439F-AD01-0BE120FE12C0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {0D94A9D0-B043-439F-AD01-0BE120FE12C0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04c3270eb3560.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-01-06 05:16 - 2013-07-30 18:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-07-08 22:34 - 2013-07-08 22:34 - 04150312 _____ () C:\Program Files (x86)\Acer\Live Updater\updater.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-19 21:48 - 2014-12-19 21:48 - 00203008 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2014-12-19 21:48 - 2014-12-19 21:48 - 00119552 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00750080 _____ () C:\Users\pamela\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-19 10:05 - 2015-02-19 10:05 - 00043008 _____ () c:\users\pamela\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp60v0gw.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00047616 _____ () C:\Users\pamela\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00865280 _____ () C:\Users\pamela\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00200704 _____ () C:\Users\pamela\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:099BA123
AlternateDataStreams: C:\ProgramData\Temp:271E16B0
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:31106FCB
AlternateDataStreams: C:\ProgramData\Temp:3C6D7222
AlternateDataStreams: C:\ProgramData\Temp:3E0674EA
AlternateDataStreams: C:\ProgramData\Temp:447856CD
AlternateDataStreams: C:\ProgramData\Temp:48862C37
AlternateDataStreams: C:\ProgramData\Temp:5164A01F
AlternateDataStreams: C:\ProgramData\Temp:7687A3E3
AlternateDataStreams: C:\ProgramData\Temp:A95AB9BF
AlternateDataStreams: C:\ProgramData\Temp:B1997945
AlternateDataStreams: C:\ProgramData\Temp:B3606FCC
AlternateDataStreams: C:\ProgramData\Temp:B6FBC05A
AlternateDataStreams: C:\ProgramData\Temp:C6920A5D
AlternateDataStreams: C:\ProgramData\TempDA730F9
AlternateDataStreams: C:\ProgramData\Temp:E81603BC
AlternateDataStreams: C:\ProgramData\Temp:F0F90DC6
AlternateDataStreams: C:\Users\pamela\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\StartupApproved\Run: => "Skype"

==================== Accounts: =============================

Administrator (S-1-5-21-2138484092-3631122937-4138138785-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2138484092-3631122937-4138138785-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2138484092-3631122937-4138138785-1005 - Limited - Enabled)
pamela (S-1-5-21-2138484092-3631122937-4138138785-1001 - Administrator - Enabled) => C:\Users\pamela

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/18/2015 04:40:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2031

Error: (02/18/2015 04:40:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2031

Error: (02/18/2015 04:40:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/18/2015 04:40:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1016

Error: (02/18/2015 04:40:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1016

Error: (02/18/2015 04:40:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/18/2015 02:06:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BackgroundAgent.exe, version: 1.0.1.6, time stamp: 0x5494253a
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process ID: 0x1424
Faulting application start time: 0xBackgroundAgent.exe0
Faulting application path: BackgroundAgent.exe1
Faulting module path: BackgroundAgent.exe2
Report ID: BackgroundAgent.exe3
Faulting package full name: BackgroundAgent.exe4
Faulting package-relative application ID: BackgroundAgent.exe5

Error: (02/18/2015 11:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1047

Error: (02/18/2015 11:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1047

Error: (02/18/2015 11:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (02/18/2015 11:34:09 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:56:06 on ‎18/‎02/‎2015 was unexpected.

Error: (02/16/2015 03:28:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%1062


Microsoft Office Sessions:
=========================
Error: (02/18/2015 04:40:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2031

Error: (02/18/2015 04:40:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2031

Error: (02/18/2015 04:40:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/18/2015 04:40:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1016

Error: (02/18/2015 04:40:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1016

Error: (02/18/2015 04:40:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/18/2015 02:06:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.65494253aMSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d142401d04b6f076fd145C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll5d373151-b777-11e4-826c-40f02fc179e2

Error: (02/18/2015 11:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1047

Error: (02/18/2015 11:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1047

Error: (02/18/2015 11:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU N3520 @ 2.16GHz
Percentage of memory in use: 61%
Total physical RAM: 3979.34 MB
Available physical RAM: 1519.1 MB
Total Pagefile: 4683.34 MB
Available Pagefile: 2561.94 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.69 GB) (Free:149.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 43B43B55)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

I've done that Starbuck thank you and enclose the log, I hadto reboot and when I did it came up with a notice that the Acer App was not resonding, I cannot get my start or programs. I will restart again and see what happens

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01
Ran by pamela at 2015-02-20 09:55:12 Run:2
Running from C:\Users\pamela\Downloads
Loaded Profiles: pamela (Available profiles: pamela & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001 -> DefaultScope {7C8695F2-1522-429C-8BD0-C9AEE04F8EA8} URL =
SearchScopes: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001 -> {7C8695F2-1522-429C-8BD0-C9AEE04F8EA8} URL =
CHR HomePage: Profile 1 -> hxxp://search.babylon.com/?AF=100481&babsrc=HP_ss&mntrId=1e754307000000000000d682fe2bb396
CHR Extension: (Avast Online Security) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-16]
CHR Extension: (ArcadeFrontier) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\peglehonblabfemopkgmfcpofbchegcl [2015-02-16]
CHR HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - No Path
OPR Extension: (pushOK_atarata) - C:\Users\pamela\AppData\Roaming\Opera Software\Opera Stable\Extensions\fnaejnjikodabjplcjngjnjniokmapkm [2015-01-18]
R4 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S4 Everything; "C:\Program Files\Everything\Everything.exe" -svc [X]
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
2015-02-12 20:50 - 2015-02-12 20:51 - 00000197 _____ () C:\WINDOWS\system32\2015-02-12-20-50-11.098-AvastVBoxSVC.exe-4664.log
2015-02-05 21:55 - 2015-02-05 21:57 - 00000197 _____ () C:\WINDOWS\system32\2015-02-05-21-55-26.025-AvastVBoxSVC.exe-3768.log
2015-01-30 09:54 - 2015-01-30 09:55 - 00000197 _____ () C:\WINDOWS\system32\2015-01-30-09-54-42.067-AvastVBoxSVC.exe-2568.log
2015-01-24 15:10 - 2015-01-24 15:11 - 00000197 _____ () C:\WINDOWS\system32\2015-01-24-15-10-18.098-AvastVBoxSVC.exe-3028.log
2015-01-24 09:58 - 2015-01-24 09:59 - 00000197 _____ () C:\WINDOWS\system32\2015-01-24-09-58-41.053-AvastVBoxSVC.exe-2672.log
2015-01-22 18:08 - 2015-01-22 18:09 - 00000197 _____ () C:\WINDOWS\system32\2015-01-22-18-08-49.033-AvastVBoxSVC.exe-2584.log
2015-01-21 17:57 - 2015-01-21 17:57 - 00003284 _____ () C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2138484092-3631122937-4138138785-1001
2015-01-21 17:01 - 2015-01-21 17:03 - 00000197 _____ () C:\WINDOWS\system32\2015-01-21-17-01-02.084-AvastVBoxSVC.exe-2776.log
2014-01-06 04:51 - 2014-01-06 04:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
C:\Users\pamela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp60v0gw.dll
Task: {F3A5D9A3-F1C0-403F-90C7-700236AFC71B} - System32\Tasks\avastBCLRestartS-1-5-21-2138484092-3631122937-4138138785-1001 => Chrome.exe
AlternateDataStreams: C:\ProgramData\Temp:099BA123
AlternateDataStreams: C:\ProgramData\Temp:271E16B0
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:31106FCB
AlternateDataStreams: C:\ProgramData\Temp:3C6D7222
AlternateDataStreams: C:\ProgramData\Temp:3E0674EA
AlternateDataStreams: C:\ProgramData\Temp:447856CD
AlternateDataStreams: C:\ProgramData\Temp:48862C37
AlternateDataStreams: C:\ProgramData\Temp:5164A01F
AlternateDataStreams: C:\ProgramData\Temp:7687A3E3
AlternateDataStreams: C:\ProgramData\Temp:A95AB9BF
AlternateDataStreams: C:\ProgramData\Temp:B1997945
AlternateDataStreams: C:\ProgramData\Temp:B3606FCC
AlternateDataStreams: C:\ProgramData\Temp:B6FBC05A
AlternateDataStreams: C:\ProgramData\Temp:C6920A5D
AlternateDataStreams: C:\ProgramData\TempDA730F9
AlternateDataStreams: C:\ProgramData\Temp:E81603BC
AlternateDataStreams: C:\ProgramData\Temp:F0F90DC6
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
C:\Program Files\Common Files\McAfee
Hosts:
CMD: ipconfig /flushdns
EmptyTemp:
*****************

[2084] C:\Windows\System32\mfevtps.exe => Process closed successfully.
[2304] C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe => Process closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7C8695F2-1522-429C-8BD0-C9AEE04F8EA8}" => Key deleted successfully.
HKCR\CLSID\{7C8695F2-1522-429C-8BD0-C9AEE04F8EA8} => Key not found.
Chrome HomePage deleted successfully.
C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki => Moved successfully.
C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\peglehonblabfemopkgmfcpofbchegcl => Moved successfully.
"HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\SOFTWARE\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion" => Key deleted successfully.
C:\Users\pamela\AppData\Roaming\Opera Software\Opera Stable\Extensions\fnaejnjikodabjplcjngjnjniokmapkm => Moved successfully.
mfefire => Unable to stop service
mfefire => Service deleted successfully.
mfevtp => Service stopped successfully.
mfevtp => Service deleted successfully.
Everything => Service deleted successfully.
cfwids => Service deleted successfully.
mfeapfk => Service deleted successfully.
mfeavfk => Unable to stop service
mfeavfk => Service deleted successfully.
mfeelamk => Service deleted successfully.
mfefirek => Service deleted successfully.
mfehidk => Unable to stop service
mfehidk => Service deleted successfully.
mfewfpk => Unable to stop service
mfewfpk => Service deleted successfully.
C:\WINDOWS\system32\2015-02-12-20-50-11.098-AvastVBoxSVC.exe-4664.log => Moved successfully.
C:\WINDOWS\system32\2015-02-05-21-55-26.025-AvastVBoxSVC.exe-3768.log => Moved successfully.
C:\WINDOWS\system32\2015-01-30-09-54-42.067-AvastVBoxSVC.exe-2568.log => Moved successfully.
C:\WINDOWS\system32\2015-01-24-15-10-18.098-AvastVBoxSVC.exe-3028.log => Moved successfully.
C:\WINDOWS\system32\2015-01-24-09-58-41.053-AvastVBoxSVC.exe-2672.log => Moved successfully.
C:\WINDOWS\system32\2015-01-22-18-08-49.033-AvastVBoxSVC.exe-2584.log => Moved successfully.
C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2138484092-3631122937-4138138785-1001 => Moved successfully.
C:\WINDOWS\system32\2015-01-21-17-01-02.084-AvastVBoxSVC.exe-2776.log => Moved successfully.
C:\ProgramData\DP45977C.lfl => Moved successfully.
"C:\Users\pamela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp60v0gw.dll" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3A5D9A3-F1C0-403F-90C7-700236AFC71B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3A5D9A3-F1C0-403F-90C7-700236AFC71B}" => Key deleted successfully.
C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-2138484092-3631122937-4138138785-1001 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestartS-1-5-21-2138484092-3631122937-4138138785-1001" => Key deleted successfully.
C:\ProgramData\Temp => ":099BA123" ADS removed successfully.
C:\ProgramData\Temp => ":271E16B0" ADS removed successfully.
C:\ProgramData\Temp => ":2CB9631F" ADS removed successfully.
C:\ProgramData\Temp => ":31106FCB" ADS removed successfully.
C:\ProgramData\Temp => ":3C6D7222" ADS removed successfully.
C:\ProgramData\Temp => ":3E0674EA" ADS removed successfully.
C:\ProgramData\Temp => ":447856CD" ADS removed successfully.
C:\ProgramData\Temp => ":48862C37" ADS removed successfully.
C:\ProgramData\Temp => ":5164A01F" ADS removed successfully.
C:\ProgramData\Temp => ":7687A3E3" ADS removed successfully.
C:\ProgramData\Temp => ":A95AB9BF" ADS removed successfully.
C:\ProgramData\Temp => ":B1997945" ADS removed successfully.
C:\ProgramData\Temp => ":B3606FCC" ADS removed successfully.
C:\ProgramData\Temp => ":B6FBC05A" ADS removed successfully.
C:\ProgramData\Temp => ":C6920A5D" ADS removed successfully.
C:\ProgramData\Temp => "DA730F9" ADS removed successfully.
C:\ProgramData\Temp => ":E81603BC" ADS removed successfully.
C:\ProgramData\Temp => ":F0F90DC6" ADS removed successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefire" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefirek" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfevtp" => Key deleted successfully.
C:\Program Files\Common Files\McAfee => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => Removed 402.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog 09:56:18 ====

 

I still can't get my apps or start menue etc. it comes up with the message that Acer Apps are not working do I want to start them again, I click yes, it says do I allow Acer to do this and then comes up with error message. I have uninstalled toolwiz care as you suggested.

 

Thank you again, I wondered if it was anything to do with removing the McFee, that was an app already there by Acer when I got my laptop. I've done the re run again

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by pamela (administrator) on PAMSLAPTOP on 20-02-2015 18:45:03
Running from C:\Users\pamela\Downloads
Loaded Profiles: pamela (Available profiles: pamela & Administrator)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Dropbox, Inc.) C:\Users\pamela\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Acer Incorporated) C:\Program Files\Acer\Remote Files\RemoteFilesService.exe
(Acer Incorporated) C:\Program Files\Acer\Remote Files\CacheMan.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\bfgclient\bfgclient.exe
() C:\Program Files (x86)\bfgclient\bfgclient.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-10-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE [283232 2014-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2480384 2014-12-19] (Acer)
Startup: C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.co.uk/
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://search.babylon.com/?AF=100481&babsrc=HP_ss&mntrId=1e754307000000000000d682fe2bb396
CHR StartupUrls: Profile 1 -> "https://www.google.co.uk/?gfe_rd=cr&ei=qXxfVOnsM-yq8wemsoCoDQ&gws_rd=ssl", "hxxp://www.google.co.uk/"
CHR Profile: C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Translate) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-02-16]
CHR Extension: (Google Slides) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-16]
CHR Extension: (Google Docs) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-16]
CHR Extension: (Google Drive) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-16]
CHR Extension: (WOT) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-02-16]
CHR Extension: (iCloud) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2015-02-16]
CHR Extension: (YouTube) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Adblock Plus) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-16]
CHR Extension: (Google Search) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-16]
CHR Extension: (Google Sheets) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-16]
CHR Extension: (No Name) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-20]
CHR Extension: (Google Play Music) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-02-16]
CHR Extension: (EagleGet Downloader) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kaebhgioafceeldhgjmendlfhbfjefmo [2015-02-16]
CHR Extension: (Google Maps) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-02-16]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2015-02-16]
CHR Extension: (Google Wallet) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-16]
CHR Extension: (Gmail) - C:\Users\pamela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-16]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-01-17] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-10-02] (ELAN Microelectronics Corp.)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
S4 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporate)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-08-18] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-08-18] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-08-18] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-09-18] (ESET)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 13:06 - 2015-02-20 13:06 - 00000000 ____D () C:\Users\pamela\Documents\clear.fi
2015-02-20 10:54 - 2015-02-20 10:54 - 00003334 _____ () C:\WINDOWS\System32\Tasks\AcerCloud
2015-02-20 10:52 - 2015-02-20 10:52 - 01533288 _____ (Igor Pavlov) C:\Users\pamela\Downloads\AcerPortal_Setup.exe
2015-02-20 09:57 - 2015-02-20 10:33 - 00001860 _____ () C:\WINDOWS\PFRO.log
2015-02-20 09:49 - 2015-02-20 09:49 - 00005331 _____ () C:\Users\pamela\Downloads\fixlist (1).txt
2015-02-19 13:31 - 2015-02-19 13:31 - 00073723 _____ () C:\Users\pamela\Downloads\scan result.txt
2015-02-19 10:55 - 2015-02-20 10:02 - 00002207 _____ () C:\Users\Public\Desktop\chrome.lnk
2015-02-19 10:55 - 2015-02-19 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-19 10:54 - 2015-02-19 10:54 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d04c3270eb3560
2015-02-19 10:54 - 2015-02-19 10:54 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-19 10:54 - 2015-02-19 10:54 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04c3270eb3560.job
2015-02-19 10:54 - 2015-02-19 10:54 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-19 10:51 - 2015-02-19 10:51 - 00880208 _____ (Google Inc.) C:\Users\pamela\Downloads\ChromeSetup_exe (1)
2015-02-19 10:51 - 2015-02-19 10:51 - 00880208 _____ (Google Inc.) C:\Users\pamela\Documents\ChromeSetup_exe (1)
2015-02-19 10:40 - 2015-02-19 10:40 - 05172208 _____ (Aveas Limited) C:\Users\pamela\Downloads\Unhooker.exe
2015-02-17 14:10 - 2015-02-19 13:30 - 00028496 _____ () C:\Users\pamela\Downloads\Addition.txt
2015-02-17 14:08 - 2015-02-20 18:45 - 00016604 _____ () C:\Users\pamela\Downloads\FRST.txt
2015-02-17 14:06 - 2015-02-19 13:26 - 02086912 _____ (Farbar) C:\Users\pamela\Downloads\FRST64.exe
2015-02-16 19:04 - 2015-02-16 19:04 - 00024576 ____H () C:\Users\pamela\Desktop\~WRL0004.tmp
2015-02-16 14:06 - 2015-02-16 14:07 - 00000000 ____D () C:\Users\pamela\Desktop\FALCON PHOTOS 15
2015-02-16 13:36 - 2015-02-16 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-02-16 13:36 - 2015-02-16 15:49 - 00000000 ____D () C:\Program Files\HitmanPro
2015-02-16 09:41 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-16 09:41 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-15 21:40 - 2015-02-15 21:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-02-15 19:46 - 2015-02-20 10:33 - 00000812 _____ () C:\WINDOWS\setupact.log
2015-02-15 19:46 - 2015-02-15 19:46 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-15 19:17 - 2015-02-15 19:17 - 00001098 _____ () C:\Users\Administrator\Desktop\Toolwiz Care.lnk
2015-02-15 18:13 - 2015-02-15 18:13 - 00000000 ____D () C:\Users\pamela\AppData\Local\ESET
2015-02-15 14:41 - 2015-02-16 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-02-15 14:41 - 2015-02-15 14:41 - 00000000 ____D () C:\ProgramData\ESET
2015-02-15 14:41 - 2015-02-15 14:41 - 00000000 ____D () C:\Program Files\ESET
2015-02-15 14:38 - 2014-12-31 11:14 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-02-14 16:30 - 2015-02-14 16:30 - 00000000 ____D () C:\Users\pamela\Documents\Valentines afternoon tea 2015
2015-02-14 14:03 - 2015-02-14 14:03 - 00000000 ____D () C:\Users\pamela\Documents\FlashIntegro
2015-02-14 14:03 - 2015-02-14 14:03 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\VideoEditor
2015-02-14 14:03 - 2015-02-14 14:03 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\FlashIntegro
2015-02-14 14:00 - 2015-02-14 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro
2015-02-14 14:00 - 2015-02-14 14:00 - 00000000 ____D () C:\Program Files (x86)\FlashIntegro
2015-02-14 14:00 - 2014-12-09 13:21 - 00081792 _____ (Flash-Integro LLC) C:\WINDOWS\SysWOW64\mslvddsfilter2.ax
2015-02-14 14:00 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\Lagarith.dll
2015-02-14 14:00 - 2005-08-01 19:43 - 00245760 _____ () C:\WINDOWS\SysWOW64\lame.ax
2015-02-14 14:00 - 2004-12-10 10:03 - 00438272 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2015-02-14 14:00 - 2004-09-06 16:06 - 00053248 _____ () C:\WINDOWS\SysWOW64\xvid.ax
2015-02-14 14:00 - 2004-07-03 21:08 - 00139264 _____ () C:\WINDOWS\SysWOW64\xvidvfw.dll
2015-02-14 14:00 - 2004-07-03 20:59 - 00524288 _____ () C:\WINDOWS\SysWOW64\xvidcore.dll
2015-02-14 14:00 - 2004-02-04 21:11 - 00081920 _____ (fccHandler) C:\WINDOWS\SysWOW64\AC3ACM.acm
2015-02-14 14:00 - 2003-05-22 12:26 - 00638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx.dll
2015-02-14 14:00 - 2003-05-22 12:26 - 00221215 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divxdec.ax
2015-02-14 14:00 - 2003-05-21 23:50 - 00261632 _____ (MainConcept) C:\WINDOWS\SysWOW64\mcdvd_32.dll
2015-02-14 14:00 - 2003-05-21 23:50 - 00156910 _____ () C:\WINDOWS\WMSysPr8.prx
2015-02-14 14:00 - 2003-05-21 23:50 - 00082944 _____ (Voxware, Inc.) C:\WINDOWS\SysWOW64\vct3216.acm
2015-02-14 14:00 - 2003-05-21 23:50 - 00038912 _____ (NCT Company) C:\WINDOWS\SysWOW64\alf2cd.acm
2015-02-14 14:00 - 2003-05-21 23:50 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2015-02-14 14:00 - 2003-03-25 05:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\L3CODECX.AX
2015-02-14 14:00 - 2003-03-18 23:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2015-02-14 14:00 - 2003-02-21 03:42 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2015-02-14 14:00 - 2002-08-20 00:41 - 00413760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg4c32.dll
2015-02-14 14:00 - 2000-03-14 20:55 - 00013239 _____ (SHARP Corporation) C:\WINDOWS\SysWOW64\Scg726.acm
2015-02-14 13:45 - 2015-02-14 13:45 - 00000104 _____ () C:\Users\pamela\Desktop\Falcons - EcoWeb - Nottingham Trent University.url
2015-02-13 15:45 - 2015-02-16 15:49 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Witches' Legacy - The Charleston Curse
2015-02-13 15:45 - 2015-02-16 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Witches' Legacy - The Charleston Curse
2015-02-13 15:45 - 2015-02-13 15:46 - 00000000 ____D () C:\Program Files (x86)\Witches' Legacy - The Charleston Curse
2015-02-13 15:45 - 2015-02-13 15:45 - 00002300 _____ () C:\Users\Public\Desktop\Play The Agency of Anomalies - Cinderstone Orphanage.lnk
2015-02-13 15:44 - 2015-02-16 15:49 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Agency of Anomalies - Cinderstone Orphanage
2015-02-13 15:44 - 2015-02-16 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Agency of Anomalies - Cinderstone Orphanage
2015-02-13 15:44 - 2015-02-13 15:45 - 00000000 ____D () C:\Program Files (x86)\The Agency of Anomalies - Cinderstone Orphanage
2015-02-13 13:50 - 2015-02-13 13:50 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\EleFun Games
2015-02-13 13:24 - 2015-02-13 13:24 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Orneon
2015-02-13 11:04 - 2015-02-16 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Collage Maker
2015-02-13 11:03 - 2015-02-13 11:04 - 00000000 ____D () C:\Program Files (x86)\Picture Collage Maker
2015-02-13 10:52 - 2015-02-13 10:54 - 116703939 _____ () C:\Users\pamela\Documents\PictureCollageMaker412_Win.zip
2015-02-12 21:43 - 2015-02-12 21:43 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Elephant Games
2015-02-12 18:39 - 2015-02-12 18:39 - 00893254 _____ () C:\Users\pamela\Documents\Untitled 1 (2).bmp
2015-02-12 17:28 - 2015-01-15 22:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-12 17:28 - 2015-01-15 22:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-12 17:28 - 2015-01-14 04:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-12 17:28 - 2015-01-14 03:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-12 17:28 - 2015-01-13 22:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-12 17:28 - 2015-01-13 22:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-12 17:28 - 2015-01-10 09:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-12 17:28 - 2015-01-10 09:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-12 17:28 - 2015-01-10 08:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-12 17:28 - 2014-12-09 03:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-12 17:28 - 2014-12-09 01:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-12 17:28 - 2014-10-29 02:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-02-12 17:28 - 2014-10-29 02:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-02-12 17:28 - 2014-10-29 02:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-02-12 17:28 - 2014-10-29 02:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-02-12 17:28 - 2014-10-29 02:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-12 17:28 - 2014-10-29 02:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-12 17:28 - 2014-10-29 01:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-12 17:28 - 2014-10-29 01:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-02-12 17:28 - 2014-10-29 01:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-12 17:28 - 2014-10-29 01:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-12 17:28 - 2014-10-29 01:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-12 17:28 - 2014-10-29 01:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-12 17:28 - 2014-10-29 01:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-12 17:27 - 2015-01-12 03:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-12 17:27 - 2015-01-12 02:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-12 17:27 - 2015-01-12 02:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-12 17:27 - 2015-01-12 02:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-12 17:27 - 2015-01-12 02:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-12 17:27 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-12 17:27 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-12 17:27 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-12 17:27 - 2015-01-12 02:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-12 17:27 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-12 17:27 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-12 17:27 - 2015-01-12 01:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-12 17:27 - 2015-01-12 01:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-12 17:27 - 2015-01-12 01:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-12 17:27 - 2015-01-12 01:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-12 17:27 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-12 17:27 - 2015-01-12 01:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-12 17:27 - 2015-01-12 01:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-12 17:27 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-12 17:27 - 2015-01-12 01:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-12 17:27 - 2015-01-12 01:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-12 17:27 - 2015-01-12 01:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-12 17:27 - 2015-01-12 01:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-12 17:27 - 2015-01-12 01:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-12 17:27 - 2015-01-12 01:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-12 17:27 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-12 17:27 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-12 17:27 - 2015-01-12 01:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-12 17:27 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-12 17:27 - 2015-01-12 01:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-12 17:27 - 2015-01-12 01:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-12 17:27 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-12 17:27 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-12 17:27 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-12 17:27 - 2015-01-10 07:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-12 17:27 - 2015-01-10 06:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-12 17:24 - 2015-01-10 08:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-12 14:34 - 2015-02-12 14:34 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\DailyMagic
2015-02-12 14:34 - 2015-02-12 14:34 - 00000000 ____D () C:\ProgramData\DailyMagic
2015-02-09 22:11 - 2015-02-09 22:13 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\TOMI2.THE GATES OF FATE
2015-02-09 18:43 - 2015-02-19 11:22 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Jarte
2015-02-09 18:43 - 2015-02-09 18:43 - 00000995 _____ () C:\Users\Public\Desktop\Jarte.lnk
2015-02-09 18:43 - 2015-02-09 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jarte
2015-02-09 18:43 - 2015-02-09 18:43 - 00000000 ____D () C:\Program Files (x86)\Jarte
2015-02-09 18:42 - 2015-02-09 18:42 - 03172696 _____ (Carolina Road Software ) C:\Users\pamela\Documents\jarte_52_setup.exe
2015-02-08 23:11 - 2015-02-08 23:11 - 00000000 ____D () C:\Users\pamela\AppData\Local\iGware
2015-02-08 18:54 - 2015-02-08 18:54 - 00211254 _____ () C:\Users\pamela\Documents\skip.bmp
2015-02-08 10:45 - 2015-02-08 10:50 - 202689545 _____ () C:\Users\pamela\Documents\BalladOfSolar.zip
2015-02-08 10:39 - 2015-02-08 10:39 - 00001135 _____ () C:\Users\Administrator\Desktop\Caps Lock Changer.lnk
2015-02-08 10:39 - 2015-02-08 10:39 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Caps Lock Changer
2015-02-08 10:39 - 2015-02-08 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Caps Lock Changer
2015-02-08 10:39 - 2015-02-08 10:39 - 00000000 ____D () C:\Program Files (x86)\Caps Lock Changer
2015-02-08 10:38 - 2015-02-08 10:38 - 00269626 _____ () C:\Users\pamela\Documents\CapsLockChangerSetup.exe
2015-02-07 09:06 - 2015-02-07 09:06 - 00000000 ____D () C:\Users\pamela\abBox
2015-02-07 09:04 - 2015-02-20 16:31 - 00000000 ____D () C:\Users\pamela\AppData\Local\CrashDumps
2015-02-07 09:03 - 2015-02-07 09:03 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\acer
2015-02-07 09:01 - 2015-02-07 09:01 - 00000000 ____D () C:\Users\pamela\AppData\Local\AcerCloud
2015-02-06 14:58 - 2015-02-06 14:58 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\VisualShape
2015-02-06 14:58 - 2015-02-06 14:58 - 00000000 ____D () C:\ProgramData\VisualShape
2015-02-06 09:25 - 2015-02-06 09:25 - 00789654 _____ () C:\Users\pamela\Documents\Untitled 1.bmp
2015-02-05 18:53 - 2015-02-05 18:53 - 00000000 ____D () C:\ProgramData\The Revills Games
2015-02-05 18:37 - 2015-02-05 18:37 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2015-02-05 16:56 - 2015-02-05 16:56 - 00000000 ____D () C:\ProgramData\Particles
2015-02-05 16:44 - 2015-02-05 16:44 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\DominiGames
2015-02-05 16:36 - 2015-02-05 16:36 - 00002368 _____ () C:\Users\Public\Desktop\Play Mystery Tales - The Twilight World Collectors Edition.lnk
2015-02-05 16:33 - 2015-02-05 16:36 - 00000000 ____D () C:\Program Files (x86)\Mystery Tales - The Twilight World Collectors Edition
2015-02-05 16:33 - 2015-02-05 16:33 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Tales - The Twilight World Collectors Edition
2015-02-05 16:33 - 2015-02-05 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Tales - The Twilight World Collectors Edition
2015-02-05 14:36 - 2015-02-08 16:00 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\AlawarEntertainment
2015-02-05 10:39 - 2015-02-05 13:16 - 00893254 _____ () C:\Users\pamela\Documents\internetday banner.bmp
2015-02-03 22:03 - 2015-02-03 22:03 - 00000197 _____ () C:\WINDOWS\system32\2015-02-03-22-03-19.059-AvastVBoxSVC.exe-3604.log
2015-02-03 20:56 - 2015-02-03 20:56 - 00893254 _____ () C:\Users\pamela\Documents\valentine.bmp
2015-02-03 20:15 - 2015-02-03 20:58 - 00893254 _____ () C:\Users\pamela\Documents\pancake day.bmp
2015-02-02 10:15 - 2015-02-02 10:15 - 00000000 ____D () C:\Users\pamela\Documents\iPixSoft Video Slideshow Maker
2015-02-02 10:15 - 2015-02-02 10:15 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\iPixSoft
2015-02-02 10:15 - 2015-02-02 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPixSoft
2015-02-02 10:14 - 2015-02-02 10:14 - 00000000 ____D () C:\Program Files (x86)\iPixSoft
2015-02-02 10:08 - 2015-02-02 10:10 - 34314133 _____ () C:\Users\pamela\Documents\iPixSoftVideoSlideshowMaker341.zip
2015-02-01 16:05 - 2015-02-01 16:05 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-02-01 16:04 - 2015-02-01 16:04 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\WildTangent
2015-02-01 10:44 - 2015-02-15 22:46 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Alawar
2015-01-30 18:01 - 2015-01-30 18:01 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Eipix
2015-01-26 22:02 - 2015-01-26 22:02 - 00000000 ____D () C:\Users\pamela\Documents\Nearwood SE
2015-01-24 15:10 - 2015-01-24 15:10 - 00000000 _____ () C:\Users\pamela\Sti_Trace.log
2015-01-24 11:45 - 2015-01-24 11:45 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\RuneStonesQuest
2015-01-24 11:33 - 2015-01-24 11:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-01-23 10:11 - 2015-01-23 10:11 - 00000000 ____D () C:\Users\pamela\Documents\High Motion Software
2015-01-23 10:11 - 2015-01-23 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High Motion Software
2015-01-23 10:11 - 2015-01-23 10:11 - 00000000 ____D () C:\Program Files (x86)\ImBatch
2015-01-23 10:10 - 2015-01-23 10:10 - 13213192 _____ (High Motion Software ) C:\Users\pamela\Documents\setup-imbatch-latest.exe
2015-01-22 10:10 - 2015-01-22 10:10 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Epson
2015-01-21 22:39 - 2015-01-21 22:39 - 00000000 ____D () C:\Program Files\EpsonNet
2015-01-21 22:39 - 2011-08-30 13:40 - 00535040 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2015-01-21 22:39 - 2011-08-30 13:40 - 00535040 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2015-01-21 22:39 - 2011-08-30 13:38 - 00558080 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2015-01-21 22:39 - 2011-08-30 13:38 - 00558080 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2015-01-21 22:39 - 2011-08-01 18:24 - 00250880 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2015-01-21 22:39 - 2011-08-01 18:24 - 00250880 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2015-01-21 22:38 - 2015-01-21 22:38 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\InstallShield
2015-01-21 22:38 - 2015-01-21 22:38 - 00000000 ____D () C:\Program Files\EPSON
2015-01-21 22:27 - 2015-01-21 22:35 - 114022688 _____ () C:\Users\pamela\Documents\epson15719.exe
2015-01-21 16:04 - 2015-02-06 10:26 - 00000000 ____D () C:\Users\pamela\Documents\Bluetooth Folder
2015-01-21 16:04 - 2015-01-21 16:04 - 00000000 ____D () C:\Users\pamela\AppData\Local\BMExplorer
2015-01-21 13:21 - 2015-01-21 13:21 - 00101040 _____ () C:\Users\pamela\AppData\Local\GDIPFONTCACHEV1.DAT

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2021-10-21 13:36 - 2014-01-06 04:50 - 00000852 _____ () C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 07:34 - 2014-01-06 04:50 - 00000712 _____ () C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2015-02-20 18:45 - 2014-04-20 16:11 - 00000000 ____D () C:\FRST
2015-02-20 18:42 - 2015-01-18 18:24 - 00000941 _____ () C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {0D94A9D0-B043-439F-AD01-0BE120FE12C0}.job
2015-02-20 18:42 - 2015-01-18 18:24 - 00000755 _____ () C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {0D94A9D0-B043-439F-AD01-0BE120FE12C0}.job
2015-02-20 18:42 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-20 16:13 - 2014-06-24 14:23 - 00000000 ___RD () C:\Users\pamela\Dropbox
2015-02-20 14:50 - 2014-01-06 05:13 - 00000000 ____D () C:\ProgramData\Temp
2015-02-20 14:14 - 2014-01-06 04:27 - 01919655 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-20 13:06 - 2015-01-16 13:55 - 00000000 ____D () C:\Users\pamela\AppData\Local\clear.fi
2015-02-20 13:06 - 2013-11-27 09:40 - 00000000 ___HD () C:\OEM
2015-02-20 10:52 - 2014-01-06 05:08 - 00000000 ____D () C:\ProgramData\OEM
2015-02-20 10:41 - 2015-01-16 18:17 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Dropbox
2015-02-20 10:41 - 2014-03-08 13:46 - 00000000 ___DO () C:\Users\pamela\SkyDrive
2015-02-20 10:33 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-20 10:32 - 2015-01-16 13:45 - 00000000 ____D () C:\Users\pamela
2015-02-20 10:02 - 2013-11-27 09:55 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-20 10:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-20 09:56 - 2013-08-22 13:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-19 19:25 - 2015-01-17 11:55 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-19 15:28 - 2015-01-16 14:00 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2138484092-3631122937-4138138785-1001
2015-02-19 12:41 - 2015-01-16 22:30 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-19 10:55 - 2015-01-16 14:27 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-19 10:54 - 2015-01-16 14:26 - 00000000 ____D () C:\Users\pamela\AppData\Local\Deployment
2015-02-19 10:05 - 2015-01-16 18:20 - 00001036 _____ () C:\Users\pamela\Desktop\Dropbox.lnk
2015-02-19 10:05 - 2015-01-16 18:19 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-18 20:36 - 2014-03-08 16:14 - 00000000 ___RD () C:\Users\pamela\Desktop\SECURITY
2015-02-18 19:40 - 2013-11-27 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-18 19:40 - 2013-11-27 10:12 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-02-18 15:39 - 2014-03-16 10:17 - 00000000 ___RD () C:\Users\pamela\Desktop\GIVEAWAY FULL GAMES
2015-02-17 10:29 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-16 20:21 - 2015-01-16 13:52 - 00000000 ____D () C:\Users\pamela\AppData\Local\VirtualStore
2015-02-16 15:49 - 2015-01-16 17:55 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\PhotoFiltre
2015-02-16 15:49 - 2014-01-06 05:13 - 00000000 ____D () C:\ProgramData\Norton
2015-02-16 15:49 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-16 15:49 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-16 15:49 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-16 15:49 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-02-16 15:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration
2015-02-16 13:12 - 2014-04-20 13:33 - 00000000 ____D () C:\AdwCleaner
2015-02-16 09:43 - 2013-08-22 15:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-15 19:22 - 2013-11-27 09:48 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-15 19:12 - 2013-08-22 14:44 - 00429600 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-15 18:35 - 2015-01-19 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-02-15 18:35 - 2015-01-16 14:56 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2015-02-15 14:43 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-15 14:34 - 2015-01-16 14:34 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-15 14:34 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Vss
2015-02-15 10:24 - 2014-04-06 09:24 - 00000000 ____D () C:\Games
2015-02-14 10:01 - 2015-01-10 10:04 - 00013824 _____ () C:\Users\pamela\Desktop\weight chart 2015 book2.xls
2015-02-13 11:09 - 2014-11-21 10:40 - 00000000 ____D () C:\Users\Public\Documents\PearlMountain
2015-02-13 11:04 - 2015-01-17 10:18 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\PearlMountain
2015-02-13 11:04 - 2015-01-17 10:18 - 00000000 ____D () C:\ProgramData\PearlMountain
2015-02-12 14:42 - 2014-04-21 20:44 - 00000000 ____D () C:\BigFishCache
2015-02-08 17:32 - 2015-01-18 11:56 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\MagicIndie
2015-02-07 19:59 - 2013-11-27 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-07 19:59 - 2013-11-27 10:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-02-03 19:31 - 2015-01-17 16:41 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 19:31 - 2015-01-17 16:41 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-01 16:04 - 2013-11-27 10:12 - 00000000 ____D () C:\ProgramData\WildTangent
2015-01-29 22:16 - 2014-03-08 13:42 - 00000000 ____D () C:\Users\pamela\AppData\Local\Packages
2015-01-26 15:24 - 2014-03-08 18:31 - 00000000 ____D () C:\Users\pamela\Desktop\MATERIAL FOR NEW BOOK
2015-01-23 16:30 - 2014-03-08 18:29 - 00000000 ___RD () C:\Users\pamela\Desktop\MY DOCTORS INFO
2015-01-22 13:10 - 2015-01-20 20:26 - 00000000 ____D () C:\Users\pamela\AppData\Roaming\Skype
2015-01-22 10:11 - 2015-01-16 13:45 - 00000000 ____D () C:\Users\pamela\AppData\Local\Pokki
2015-01-21 22:41 - 2015-01-19 20:30 - 00000000 ____D () C:\Program Files (x86)\epson
2015-01-21 22:41 - 2014-01-06 04:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-21 22:40 - 2015-01-19 20:30 - 00000954 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2015-01-21 22:39 - 2015-01-16 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-01-21 22:37 - 2015-01-16 16:03 - 00000000 ____D () C:\ProgramData\EPSON
2015-01-21 16:56 - 2013-08-22 19:11 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-21 16:56 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-21 16:56 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-21 16:56 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-21 16:56 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-01-21 16:55 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-21 16:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2015-01-21 16:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-21 16:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-01-21 16:55 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-01-21 16:54 - 2013-08-22 11:22 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-01-21 16:54 - 2013-08-22 11:22 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-01-21 16:54 - 2013-08-22 11:17 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-01-21 16:54 - 2013-08-22 11:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-01-21 16:54 - 2013-08-22 11:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-01-21 16:54 - 2013-08-22 04:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-01-21 16:54 - 2013-08-22 04:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-01-21 16:54 - 2013-08-22 03:59 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-01-21 16:54 - 2013-08-22 03:56 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-01-21 16:54 - 2013-08-22 03:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-01-21 16:54 - 2013-08-22 03:51 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-01-21 16:54 - 2013-08-22 03:51 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-01-21 16:54 - 2013-08-22 03:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-01-21 16:54 - 2013-08-22 03:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-01-21 16:04 - 2014-01-06 05:00 - 00000000 ____D () C:\ProgramData\Atheros

==================== Files in the root of some directories =======

2014-08-13 09:03 - 2014-08-13 09:03 - 0752128 _____ () C:\Users\pamela\AppData\Local\AlawarHelper.exe

Files to move or delete:
====================
C:\Users\pamela\DropboxInstaller.exe
C:\Users\pamela\mbam-setup-2.0.4.1028.exe
C:\Users\pamela\pf7-setup-en.exe


Some content of TEMP:
====================
C:\Users\pamela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnycb47.dll
C:\Users\pamela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnyt7o_.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-15 16:30

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by pamela at 2015-02-20 18:46:42
Running from C:\Users\pamela\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8101 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atlantis: Pearls of the Deep (HKLM-x32\...\BFG-Atlantis - Pearls of the Deep) (Version: - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Caps Lock Changer 1.0 (HKLM-x32\...\Caps Lock Changer) (Version: 1.0 - Filebird.com)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3323.57 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Echoes of Sorrow (HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Echoes of Sorrow) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-302 303 305 306 Series Printer Uninstall (HKLM\...\EPSON XP-302 303 305 306 Series) (Version: - SEIKO EPSON Corporation)
EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
ESET NOD32 Antivirus (HKLM\...\{7F39EB28-B9B7-41B8-8564-DB33284A010D}) (Version: 8.0.304.0 - ESET, spol s r. o.)
ETDWare PS/2-X64 11.6.28.201_WHQL (HKLM\...\Elantech) (Version: 11.6.28.201 - ELAN Microelectronic Corp.)
Fairway™ (HKLM-x32\...\BFG-Fairway) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.236 - SurfRight B.V.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
ImBatch 3.5.0 (HKLM-x32\...\{5C8028D2-E41D-44A3-A51E-E6FFF8F448B3}_is1) (Version: 3.5.0 - High Motion Software)
Insane Cold: Back to the Ice Age (HKLM-x32\...\BFG-Insane Cold - Back to the Ice Age) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3349 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
iPixSoft Video Slideshow Maker (3.4.1.0) (HKLM-x32\...\iPixSoft Video Slideshow Maker_is1) (Version: 3.4.1.0 - iPixSoft)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Jarte 5.2 (HKLM-x32\...\Jarte_is1) (Version: 5.2 - Carolina Road Software L.L.C.)
Lamp of Aladdin (HKLM-x32\...\BFG-Lamp of Aladdin) (Version: - )
League of Mermaids: Pearl Saga (HKLM-x32\...\BFG-League of Mermaids - Pearl Saga) (Version: - )
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Mystery Tales: The Twilight World Collector's Edition (HKLM-x32\...\BFG-Mystery Tales - The Twilight World Collectors Edition) (Version: - )
Nearwood (HKLM-x32\...\BFG-Nearwood) (Version: - )
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
PhotoFiltre (HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\PhotoFiltre) (Version: - )
Picture Collage Maker 4.1.2 (HKLM-x32\...\{D53599B0-AA76-4CC6-B9EF-CC2F27B56F24}_is1) (Version: 4.1.2 - PearlMountain Technology Co., Ltd)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.27041 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
The Agency of Anomalies: Cinderstone Orphanage (HKLM-x32\...\BFG-The Agency of Anomalies - Cinderstone Orphanage) (Version: - )
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
The Far Kingdoms: Winter Solitaire (HKLM-x32\...\BFG-The Far Kingdoms - Winter Solitaire) (Version: - )
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VSDC Free Video Editor version 2.3.1.339 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 2.3.1.339 - Flash-Integro LLC)
Whispered Stories: Sandman (HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\Whispered Stories: Sandman) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Witches' Legacy: The Charleston Curse (HKLM-x32\...\BFG-Witches' Legacy - The Charleston Curse) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2138484092-3631122937-4138138785-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pamela\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

05-02-2015 10:33:06 Windows Update
08-02-2015 11:28:35 Windows Update
12-02-2015 12:45:31 Windows Update
14-02-2015 14:00:48 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
15-02-2015 14:24:26 Revo Uninstaller's restore point - Avast Free Antivirus
16-02-2015 15:26:50 Restore Operation
20-02-2015 10:31:24 Revo Uninstaller's restore point - Toolwiz Care

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2015-02-20 09:55 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2B29CD6E-B01A-40C7-B63A-EC42A29C9B55} - System32\Tasks\GoogleUpdateTaskMachineCore1d04c3270eb3560 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: {2EDCEF49-C5A6-42BE-82FC-B5B05E82738B} - System32\Tasks\EPSON XP-312 313 315 Series Update {0D94A9D0-B043-439F-AD01-0BE120FE12C0} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-12-03] (SEIKO EPSON CORPORATION)
Task: {398A1DA3-84E0-4D21-BBF7-1D57ECE1D2B8} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {0D94A9D0-B043-439F-AD01-0BE120FE12C0} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2014-12-03] (SEIKO EPSON CORPORATION)
Task: {39F97378-9FE6-4A41-98E6-3F062E2ECBA8} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {3E6B7FAF-B2F7-4723-AA6D-85447FEB0682} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-09-12] (Acer Incorporated)
Task: {5CF7D427-668E-49E8-9E4A-3DDCDA2738FD} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {63628C44-8485-4BA4-89E2-75063B675B6D} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-02] (Acer Incorporate)
Task: {69DF7E04-F9AB-4F18-B99A-4A4B4208DF82} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {6C69E5D4-C0A2-4E53-9F2E-2FB7994DEF2B} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {6EA775D7-9A79-4328-A1D8-B1B5975037E5} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate)
Task: {83072805-5E61-4BF3-97C8-C19693E15FF9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CE4E985C-2A0B-4D7F-8427-3143897146F1} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {F52BAABC-ECE7-45D6-A6E8-C96C1E6690EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {0D94A9D0-B043-439F-AD01-0BE120FE12C0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {0D94A9D0-B043-439F-AD01-0BE120FE12C0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04c3270eb3560.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-01-06 05:16 - 2013-07-30 18:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-03-05 21:44 - 2014-03-05 21:44 - 04598048 _____ () C:\Program Files (x86)\bfgclient\bfgclient.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00750080 _____ () C:\Users\pamela\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-20 10:41 - 2015-02-20 10:41 - 00043008 _____ () c:\users\pamela\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnycb47.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00047616 _____ () C:\Users\pamela\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00865280 _____ () C:\Users\pamela\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00200704 _____ () C:\Users\pamela\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2013-08-13 20:41 - 2013-08-13 20:41 - 00277576 _____ () C:\Program Files\Acer\Remote Files\libcurl.dll
2013-08-13 20:41 - 2013-08-13 20:41 - 00627960 _____ () C:\Program Files\Acer\Remote Files\sqlite3.dll
2014-03-05 21:44 - 2014-03-05 21:44 - 01568032 _____ () C:\Program Files (x86)\bfgclient\bfgcommon.dll
2014-01-14 19:29 - 2014-01-14 19:29 - 00059904 _____ () C:\Program Files (x86)\bfgclient\zlib1.dll
2014-01-14 19:27 - 2014-01-14 19:27 - 28768768 _____ () C:\ProgramData\Big Fish\cef\3.1180.823\libcef.dll
2014-01-06 05:16 - 2013-07-30 18:11 - 00088648 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-02-20 10:02 - 2015-02-17 22:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 10:02 - 2015-02-17 22:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-20 10:02 - 2015-02-17 22:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:5164A01F
AlternateDataStreams: C:\ProgramData\Temp:A95AB9BF
AlternateDataStreams: C:\ProgramData\Temp:F0F90DC6
AlternateDataStreams: C:\Users\pamela\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pamela\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-2138484092-3631122937-4138138785-1001\...\StartupApproved\Run: => "Skype"

==================== Accounts: =============================

Administrator (S-1-5-21-2138484092-3631122937-4138138785-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2138484092-3631122937-4138138785-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2138484092-3631122937-4138138785-1005 - Limited - Enabled)
pamela (S-1-5-21-2138484092-3631122937-4138138785-1001 - Administrator - Enabled) => C:\Users\pamela

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/20/2015 04:30:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: explorer.exe, version: 6.3.9600.17284, time stamp: 0x53f816dc
Exception code: 0xc0000005
Fault offset: 0x00000000000c57cb
Faulting process ID: 0x460
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report ID: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5

Error: (02/20/2015 10:56:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: explorer.exe, version: 6.3.9600.17284, time stamp: 0x53f816dc
Exception code: 0xc0000005
Fault offset: 0x00000000000c57cb
Faulting process ID: 0xc2c
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report ID: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5

Error: (02/20/2015 10:39:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: twinui.appcore.dll, version: 6.3.9600.17195, time stamp: 0x5389407c
Exception code: 0x80270233
Fault offset: 0x0000000000087c77
Faulting process ID: 0x734
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report ID: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5

Error: (02/20/2015 10:37:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 6.3.9600.17284 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ebc

Start Time: 01d04cf8f93dd105

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: 6b4196c0-b8ec-11e4-826f-40f02fc179e2

Faulting package full name:

Faulting package-relative application ID:

Error: (02/20/2015 10:36:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.3.9600.17284 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 628

Start Time: 01d04cf8af3e3752

Termination Time: 0

Application Path: C:\WINDOWS\Explorer.EXE

Report Id: 364f6563-b8ec-11e4-826f-40f02fc179e2

Faulting package full name:

Faulting package-relative application ID:

Error: (02/20/2015 10:32:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Notification.exe, version: 6.0.3009.0, time stamp: 0x51db7eda
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xe0434352
Fault offset: 0x000000000000606c
Faulting process ID: 0x121c
Faulting application start time: 0xNotification.exe0
Faulting application path: Notification.exe1
Faulting module path: Notification.exe2
Report ID: Notification.exe3
Faulting package full name: Notification.exe4
Faulting package-relative application ID: Notification.exe5

Error: (02/20/2015 10:32:38 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Notification.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Exception
Stack:
at Windows.UI.Notifications.ToastNotificationManager.CreateToastNotifier(System.String)
at Notification.ToastManager.ShowToast(System.String)
at Notification.Form1.ShowToast(System.String)
at Notification.Form1.RunWindow()
at Notification.Form1..ctor()
at Notification.Program.Main()

Error: (02/20/2015 10:27:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 6.3.9600.17284 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 8ac

Start Time: 01d04cf7c127ebe2

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: 0f67757c-b8eb-11e4-826e-40f02fc179e2

Faulting package full name:

Faulting package-relative application ID:

Error: (02/20/2015 10:26:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 6.3.9600.17284 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ffc

Start Time: 01d04cf77b0b0e4e

Termination Time: 0

Application Path: C:\WINDOWS\explorer.exe

Report Id: fea6ace4-b8ea-11e4-826e-40f02fc179e2

Faulting package full name:

Faulting package-relative application ID:

Error: (02/20/2015 10:24:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: twinui.appcore.dll, version: 6.3.9600.17195, time stamp: 0x5389407c
Exception code: 0x80270233
Fault offset: 0x0000000000087c77
Faulting process ID: 0x614
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report ID: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5


System errors:
=============
Error: (02/20/2015 10:34:43 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Device Setup Manager service did not respond on starting.

Error: (02/20/2015 10:23:47 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Device Setup Manager service did not respond on starting.

Error: (02/20/2015 10:22:23 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:20:45 on ‎20/‎02/‎2015 was unexpected.

Error: (02/20/2015 09:59:49 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Device Setup Manager service did not respond on starting.

Error: (02/20/2015 09:58:48 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Microsoft iSCSI Initiator Service service did not respond on starting.

Error: (02/20/2015 09:55:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Firewall Core Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/20/2015 09:55:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Validation Trust Protection Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/18/2015 11:34:09 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:56:06 on ‎18/‎02/‎2015 was unexpected.

Error: (02/16/2015 03:28:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%1062


Microsoft Office Sessions:
=========================
Error: (02/20/2015 04:30:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.3.9600.1728453f816dcexplorer.exe6.3.9600.1728453f816dcc000000500000000000c57cb46001d04cfbe9b7b0caC:\WINDOWS\explorer.exeC:\WINDOWS\explorer.exed6b3125e-b91d-11e4-826f-40f02fc179e2

Error: (02/20/2015 10:56:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.3.9600.1728453f816dcexplorer.exe6.3.9600.1728453f816dcc000000500000000000c57cbc2c01d04cf977151712C:\WINDOWS\explorer.exeC:\WINDOWS\explorer.exe20bde39a-b8ef-11e4-826f-40f02fc179e2

Error: (02/20/2015 10:39:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.3.9600.1728453f816dctwinui.appcore.dll6.3.9600.171955389407c802702330000000000087c7773401d04cf92dc4b5d9C:\Windows\explorer.exeC:\WINDOWS\System32\twinui.appcore.dllb33ac2d2-b8ec-11e4-826f-40f02fc179e2

Error: (02/20/2015 10:37:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.3.9600.17284ebc01d04cf8f93dd1050C:\Windows\explorer.exe6b4196c0-b8ec-11e4-826f-40f02fc179e2

Error: (02/20/2015 10:36:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.1728462801d04cf8af3e37520C:\WINDOWS\Explorer.EXE364f6563-b8ec-11e4-826f-40f02fc179e2

Error: (02/20/2015 10:32:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Notification.exe6.0.3009.051db7edaKERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c121c01d04cf88b1aa9b7C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exeC:\WINDOWS\system32\KERNELBASE.dllca25a10b-b8eb-11e4-826e-40f02fc179e2

Error: (02/20/2015 10:32:38 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Notification.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Exception
Stack:
at Windows.UI.Notifications.ToastNotificationManager.CreateToastNotifier(System.String)
at Notification.ToastManager.ShowToast(System.String)
at Notification.Form1.ShowToast(System.String)
at Notification.Form1.RunWindow()
at Notification.Form1..ctor()
at Notification.Program.Main()

Error: (02/20/2015 10:27:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.3.9600.172848ac01d04cf7c127ebe20C:\Windows\explorer.exe0f67757c-b8eb-11e4-826e-40f02fc179e2

Error: (02/20/2015 10:26:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.3.9600.17284ffc01d04cf77b0b0e4e0C:\WINDOWS\explorer.exefea6ace4-b8ea-11e4-826e-40f02fc179e2

Error: (02/20/2015 10:24:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1728453f816dctwinui.appcore.dll6.3.9600.171955389407c802702330000000000087c7761401d04cf725536516C:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\twinui.appcore.dllaef13f03-b8ea-11e4-826e-40f02fc179e2


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU N3520 @ 2.16GHz
Percentage of memory in use: 28%
Total physical RAM: 3979.34 MB
Available physical RAM: 2838.21 MB
Total Pagefile: 4683.34 MB
Available Pagefile: 2818.98 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.69 GB) (Free:161.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 43B43B55)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

Hi again, I have done as you instructed but it is still the same. I can get my programs that isn't a problem it is the Acer apps and my charm bar or my start menu that show normally when I click on the windows on my task bar. It was running OK before I did the first fix, sorry to be so much trouble.

 

I tried switching off and on again, I get a window which says ACER BYOC Service is not available
this Acer App is not responding
Restart the App?
I click on Yes

Then a window pops up Run CCDS Service exe?
I click yes
then a window pops up Error occured App will be closed.

 

Hi again, yes I did the first system resore last night, and this morning just done the second one. Unfortunately on restart the same messages came up and things are still the same. I also got a messsage saying that system restore could not complete sucessfully probabaly because of an antivirus program I was running, an unspecified error 0x80070005, it said disable the antivirus and try again.I ave left that until I see what you suggest.

 

Hi Starbuck, I have managed to repair my laptop. I had a thought to go on Toolwiz care and look at start up, there were programs on there, some enabled some disabled, I went through them all and enabled them all. Then I shut down and started again and all sees OK, everything seems as it should be now. Thanks for your time and help