Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016 Ran by Stacie (2016-02-08 23:06:06) Running from C:\Users\Stacie\Downloads Windows 8.1 Connected (X64) (2015-12-01 18:22:47) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-555111471-2403504220-3507946370-500 - Administrator - Disabled) Guest (S-1-5-21-555111471-2403504220-3507946370-501 - Limited - Disabled) Stacie (S-1-5-21-555111471-2403504220-3507946370-1001 - Administrator - Enabled) => C:\Users\Stacie ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated) abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated) abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated) abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2003.0 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated) Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3006 - Acer Incorporated) Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated) Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2002 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated) Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated) Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated) Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated) Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated) Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.221 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.) ELAN HIDI2C Filter Driver X64 13.6.1.1_WHQL (HKLM\...\Elantech) (Version: 13.6.1.1 - ELAN Microelectronic Corp.) Foxit PhantomPDF (HKLM-x32\...\{F74C595C-BEF2-4AF9-9C4E-68F3CD509C4D}) (Version: 6.0.120.609 - Foxit Corporation) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.1 - Genesys Logic) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Host App Service (HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\SweetLabs_AP) (Version: 0.269.7.840 - Pokki) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4787.1002 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4787.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden Opera Stable 35.0.2066.37 (HKLM-x32\...\Opera 35.0.2066.37) (Version: 35.0.2066.37 - Opera Software) Pokki Start Menu (HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\SweetLabs_Start_Menu) (Version: 0.269.7.840 - Pokki) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.) WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9350 - Broadcom Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-555111471-2403504220-3507946370-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0C330B3C-3F0D-4679-9CE3-0CFDB5695EEB} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: ) Task: {0E84AAFA-2F52-4D56-B14B-A9D21E3AC99F} - System32\Tasks\Opera scheduled Autoupdate 1449018443 => C:\Program Files (x86)\Opera\launcher.exe [2016-02-01] (Opera Software) Task: {11328C02-7F1B-40D9-92DC-E36DE7875B4F} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated) Task: {11BE5489-2F52-4ED2-BC53-E959D6EE0741} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] () Task: {13E0218C-CF45-4DB8-AC5D-4A93C2ACCA50} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation) Task: {4162566D-36C1-4B2B-B241-745AC79DE177} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {4349BE07-0895-4870-81A5-DA3AD735D791} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe [2016-01-24] (Adobe Systems Incorporated) Task: {456F575C-368B-457E-9588-689C6CD7DE36} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-12-02] (Microsoft Corporation) Task: {49AAE883-A404-41E9-80D4-D0CC5F7E1D78} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-17] (Acer Incorporated) Task: {54241D0D-F5DE-443F-A0FC-B3A611A98D84} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-26] () Task: {5507224A-423C-4160-A6AF-802D0A5E5FF2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-24] (Adobe Systems Incorporated) Task: {6E878EBE-4524-418F-A2FD-F4FDDEC7CEEC} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate) Task: {6F5A56D8-D7F8-47D0-9F96-10D8D53B136B} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate) Task: {7B78FE8E-3939-43D1-BA11-94C5F5C8EB89} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated) Task: {85AD32FE-1559-48F6-9EE2-A93F09E9C659} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated) Task: {88EE1A87-BE93-40E7-9EB6-627D36D9E487} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] () Task: {90D97313-E939-4247-BC08-15F687248535} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-23] (AVAST Software) Task: {90E8D422-1B78-4DF9-8F5D-971768044F13} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-17] () Task: {959795E2-A6D8-451B-9E3E-7010C8676679} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-17] () Task: {A50EF7C6-BD41-4C1A-A5A2-378606A3B400} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-12-02] (Microsoft Corporation) Task: {BD6AE3B0-3D99-46D2-A12A-23D6888A2C54} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation) Task: {BF100BEE-13EF-4E5C-9E59-096985C221C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-01] (Google Inc.) Task: {DF189A73-AF9B-49F9-ABFA-A8C9F40BBFA7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-01-24] (Microsoft Corporation) Task: {E62055D6-62C8-4C36-BE7E-D0ACEE1762CA} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate) Task: {EBA3D7EA-0B18-404C-B186-2D355EF4A5E8} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-01-19] (Acer) Task: {F29A9F72-B784-424D-93AF-9DDF3436E067} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-01] (Google Inc.) Task: {FCB41A82-EEE2-491A-8683-00924371BD56} - System32\Tasks\SweetLabs App Platform => C:\Users\Stacie\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2015-12-11] (Pokki) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Public\Desktop\Dropbox.lnk -> C:\Program Files\Dropbox\StartURL.exe () -> hxxps://www.dropbox.com/partners/acer2014/download ==================== Loaded Modules (Whitelisted) ============== 2014-02-18 19:02 - 2014-02-18 19:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll 2015-12-02 01:42 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-04-07 15:53 - 2012-04-24 10:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2015-12-02 02:11 - 2015-12-02 02:11 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-04-07 16:16 - 2014-07-01 13:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2015-04-15 20:13 - 2015-04-15 20:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2015-04-07 15:23 - 2014-02-26 03:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe 2014-05-30 09:49 - 2014-03-07 16:21 - 00080312 _____ () C:\Windows\system32\IGFXEXPS.DLL 2015-11-23 18:44 - 2015-11-23 18:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe 2015-11-23 18:44 - 2015-11-23 18:44 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe 2015-07-17 14:39 - 2015-07-17 14:39 - 04612448 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe 2015-07-17 14:40 - 2015-07-17 14:40 - 00013664 _____ () C:\Program Files (x86)\Acer\Care Center\LogDebug.dll 2015-07-17 14:40 - 2015-07-17 14:40 - 00177504 _____ () C:\Program Files (x86)\Acer\Care Center\ACCUtilities.dll 2015-07-17 14:40 - 2015-07-17 14:40 - 00025440 _____ () C:\Program Files (x86)\Acer\Care Center\MonitorDataHelper.dll 2015-07-17 14:40 - 2015-07-17 14:40 - 00018784 _____ () C:\Program Files (x86)\Acer\Care Center\ACCPlugin.dll 2015-07-17 14:40 - 2015-07-17 14:40 - 00026464 _____ () C:\Program Files (x86)\Acer\Care Center\MonitorControlLib.dll 2015-07-17 14:40 - 2015-07-17 14:40 - 00065888 _____ () C:\Program Files (x86)\Acer\Care Center\ACCMonitorPlugin\ACCSupportMonitor.dll 2015-07-17 14:40 - 2015-07-17 14:40 - 00042336 _____ () C:\Program Files (x86)\Acer\Care Center\ACCMonitorPlugin\ACtCTuneUpMonitorDisk.dll 2015-07-17 14:40 - 2015-07-17 14:40 - 00016224 _____ () C:\Program Files (x86)\Acer\Care Center\ACCADSManager.dll 2015-07-17 14:40 - 2015-07-17 14:40 - 01744224 _____ () C:\Program Files (x86)\Acer\Care Center\ACCPlugin\ACCTuneUpPlg.dll 2015-07-17 14:40 - 2015-07-17 14:40 - 00019296 _____ () C:\Program Files (x86)\Acer\Care Center\ACCNotifyShow.dll 2015-07-17 14:40 - 2015-07-17 14:40 - 00013152 _____ () C:\Program Files (x86)\Acer\Care Center\FullScreenDetector.dll 2015-04-07 15:27 - 2013-10-01 09:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe 2015-04-07 15:53 - 2012-04-24 10:43 - 00037352 _____ () C:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll 2016-01-19 15:06 - 2016-01-19 15:06 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll 2016-01-19 15:06 - 2016-01-19 15:06 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll 2015-11-16 19:55 - 2015-11-16 19:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll 2015-11-16 19:56 - 2015-11-16 19:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll 2016-02-07 16:49 - 2016-02-07 16:49 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll 2016-01-14 17:12 - 2016-01-14 17:12 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll 2016-01-14 17:11 - 2016-01-14 17:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll 2015-11-23 18:44 - 2015-11-23 18:44 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll 2015-04-28 20:15 - 2015-04-28 20:15 - 00569856 _____ () C:\Users\Stacie\AppData\Local\SweetLabs App Platform\Engine\ppGoogleNaClPluginChrome.dll 2015-04-28 20:15 - 2015-04-28 20:15 - 01400846 _____ () C:\Users\Stacie\AppData\Local\SweetLabs App Platform\Engine\avcodec-54.dll 2015-04-28 20:15 - 2015-04-28 20:15 - 00151054 _____ () C:\Users\Stacie\AppData\Local\SweetLabs App Platform\Engine\avutil-51.dll 2015-04-28 20:15 - 2015-04-28 20:15 - 00222734 _____ () C:\Users\Stacie\AppData\Local\SweetLabs App Platform\Engine\avformat-54.dll 2016-02-07 17:02 - 2016-02-03 07:27 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libglesv2.dll 2016-02-07 17:02 - 2016-02-03 07:27 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\sharepoint.com -> hxxps://livewarringtonac.sharepoint.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-555111471-2403504220-3507946370-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\acer01.jpg DNS Servers: 192.168.43.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\StartupApproved\Run: => "AcerCloud" HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\StartupApproved\Run: => "Pokki" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{90B92C0A-6338-4BEA-B3E0-70B268BEEAA7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{40243A71-8361-44D7-BAAF-4DBA813683DC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{6FCF0307-B9FD-4AAA-AF20-0BB0132C75F4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{20640A13-C5DA-44E6-ACA6-8013DAD31BF3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{12540755-9904-4A07-9D3C-6497F026D0DF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{AFCAE119-E91B-4BE3-8357-49049F455C7A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{D75DA9B0-4ED3-4E61-8D46-A09FEFE4FFAE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{669AE168-E614-46BE-9A2A-9A05FE5B2666}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{5C8C44A7-493B-45AA-BEEF-DAFBE07F9688}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{BD4E59F5-2653-4761-A333-1D9D844ABF94}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{ED0E24D3-5B83-42D5-94BF-8887CE957173}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{5B695D04-B49D-4FDB-A804-81F872EC0E7B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{F8CC59B7-B283-4981-B1AD-65C659D9E864}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{601CDA19-79B0-4C1E-B39E-3090D6C9ADC8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{8A9B6D73-363B-4C27-9F3F-F54546D9D526}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{80A1CE7B-C391-4CF8-8818-94B902E5DA2E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{4F871BD4-7D01-4918-A998-EB4DAA629BE2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{EE0DD3B7-7FE8-4CFA-82FE-AEA5CE9273FF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{57DA7FFE-AD9C-4762-B791-ADEE253C1D8C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{97C2D7EE-9E7D-4C79-BAA3-12F316B98E42}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{304A4A63-0169-40BE-9389-CEA570A361C3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{9F70A80F-71C0-4D54-A1CE-D78B5B8A5947}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{1951CCAF-A610-464F-8A78-3DD7D5E18869}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe FirewallRules: [{0C253499-155E-4838-8ED7-BD67F9C03D5F}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe FirewallRules: [{B2FF5CD7-E30D-41CC-A95E-CB61A5D57793}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{90FEEB2B-39A8-4BEA-B4BE-798D31D21A30}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{42D1521A-842D-4707-80E7-2D5C78EE42E5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{C2031A88-3D4C-4A08-96D6-973E0DD71ABE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{29826C50-EE04-4858-BCE4-755EEF715639}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{9439D569-EAFE-4FCC-B8A8-108AEE58422F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{82F9C9C3-1802-4CEC-8EC4-91949017C51F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{35C00FB3-CAB2-4972-A7E7-C2A36A01DAE6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{4264D767-5DCA-45A1-A9E4-FF50B883D1C4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{D96F06E1-829B-417F-AC9A-0CA1B18516D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{28483B6A-2A3B-4A56-895F-94254BB8BCA0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{E8DBA5DB-DA00-48CC-9F84-3368584491AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{170EBBAA-F10F-42D4-A6FC-BF46B5F75B35}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{C2E4DDD2-EB7A-4B0B-A931-17F8BB383451}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{05B778B9-1CDC-4A8E-8BC0-46B34E45CD72}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{69927736-1404-4995-A164-6F384A7612B5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{7642419D-3248-4459-A6E7-59F6FD3E8BC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 23-01-2016 02:24:09 Scheduled Checkpoint 30-01-2016 13:54:58 Scheduled Checkpoint 04-02-2016 14:52:54 Installed Project My Screen App 08-02-2016 04:44:36 Removed Project My Screen App ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/08/2016 03:29:03 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (02/08/2016 04:39:28 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (02/08/2016 01:18:17 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: delegate_execute.exe, version: 48.0.2564.103, time stamp: 0x56b11bc1 Faulting module name: delegate_execute.exe, version: 48.0.2564.103, time stamp: 0x56b11bc1 Exception code: 0x80000003 Fault offset: 0x00007f91 Faulting process ID: 0x114c Faulting application start time: 0xdelegate_execute.exe0 Faulting application path: delegate_execute.exe1 Faulting module path: delegate_execute.exe2 Report ID: delegate_execute.exe3 Faulting package full name: delegate_execute.exe4 Faulting package-relative application ID: delegate_execute.exe5 Error: (02/05/2016 02:00:06 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -2143485936 Error: (02/05/2016 02:00:06 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {3671B6F1-A959-406A-81B4-B0AB5971DED6} Error: (02/05/2016 02:00:06 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {3671B6F1-A959-406A-81B4-B0AB5971DED6} Error: (02/04/2016 03:32:41 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (02/04/2016 03:16:02 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (02/04/2016 02:33:14 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -2143485936 Error: (02/04/2016 02:33:14 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {3C129FC3-B77E-448A-B8DB-59D25A118C07} System errors: ============= Error: (02/08/2016 03:29:19 PM) (Source: DCOM) (EventID: 10010) (User: StacesAcer) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/08/2016 03:28:49 PM) (Source: DCOM) (EventID: 10010) (User: StacesAcer) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (02/08/2016 12:15:09 PM) (Source: DCOM) (EventID: 10010) (User: StacesAcer) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (02/08/2016 12:14:39 PM) (Source: DCOM) (EventID: 10010) (User: StacesAcer) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/08/2016 04:39:34 AM) (Source: DCOM) (EventID: 10010) (User: StacesAcer) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/08/2016 04:39:04 AM) (Source: DCOM) (EventID: 10010) (User: StacesAcer) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (02/07/2016 08:11:11 PM) (Source: DCOM) (EventID: 10010) (User: StacesAcer) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/03/2016 01:55:44 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40. Error: (02/03/2016 01:55:34 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40. Error: (02/03/2016 01:54:55 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz Percentage of memory in use: 77% Total physical RAM: 1929.7 MB Available physical RAM: 428.43 MB Total Virtual: 3852.92 MB Available Virtual: 1406.02 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:449.76 GB) (Free:419.35 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 9BFAE307) Partition: GPT. ==================== End of Addition.txt ============================