AND NOW FRST AGAIN
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Stacie (administrator) on STACESACER (11-02-2016 22:45:54)
Running from C:\Users\Stacie\Downloads
Loaded Profiles: Stacie (Available Profiles: Stacie)
Platform: Windows 8.1 Connected (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2016-02-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732760 2016-01-19] (Acer)
HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-04-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{2B728B98-5926-4F4F-BB1A-3684C4393821}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{ECB8E448-8E2A-4C36-9A5F-1BD5BAA39653}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\S-1-5-21-555111471-2403504220-3507946370-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-555111471-2403504220-3507946370-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-555111471-2403504220-3507946370-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-555111471-2403504220-3507946370-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - No File
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-12-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-01]
CHR Extension: (Google Drive) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-01]
CHR Extension: (YouTube) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-01]
CHR Extension: (Facebook) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2016-02-02]
CHR Extension: (Adblock Plus) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-07]
CHR Extension: (Google Search) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-01]
CHR Extension: (Google Sheets) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-01]
CHR Extension: (SiteAdvisor) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-02-01]
CHR Extension: (Google Docs Offline) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-02]
CHR Extension: (Vysor (Beta)) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2016-02-04]
CHR Extension: (AdBlock) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-08]
CHR Extension: (My Study Life) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnjdjjiobjicmlhnjlogfgbibihjhkeo [2016-02-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-01]
CHR Extension: (Gmail) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-02]
Opera:
=======
OPR Extension: (Adguard) - C:\Users\Stacie\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2016-02-08]
OPR Extension: (Youtube - Most Popular) - C:\Users\Stacie\AppData\Roaming\Opera Software\Opera Stable\Extensions\oldapoiohefbnmggejjodihigclfhnka [2015-12-21]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2016-02-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2016-02-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2016-02-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2016-02-11] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-01-14] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-05-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2016-02-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2016-02-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-02-11] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2016-02-11] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7524016 2014-01-07] (Broadcom Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [173384 2014-04-08] (ELAN Microelectronic Corp.)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-11 22:37 - 2016-02-11 22:37 - 00000554 _____ C:\Users\Stacie\Desktop\JRT.txt
2016-02-11 22:33 - 2016-02-11 22:33 - 01609032 _____ (Malwarebytes) C:\Users\Stacie\Downloads\JRT.exe
2016-02-11 22:17 - 2016-02-11 22:23 - 00000000 ____D C:\AdwCleaner
2016-02-11 22:17 - 2016-02-11 22:17 - 01508352 _____ C:\Users\Stacie\Downloads\AdwCleaner.exe
2016-02-11 22:15 - 2016-02-11 22:46 - 00013266 _____ C:\Users\Stacie\Documents\REPLY.txt
2016-02-11 22:12 - 2016-02-11 22:12 - 00001270 _____ C:\Users\Stacie\Documents\aswMBR.txt
2016-02-11 22:12 - 2016-02-11 22:12 - 00000512 _____ C:\Users\Stacie\Documents\MBR.dat
2016-02-11 22:07 - 2016-02-11 22:07 - 05200384 _____ (AVAST Software) C:\Users\Stacie\Downloads\aswmbr.exe
2016-02-11 21:56 - 2016-02-11 21:57 - 00007700 _____ C:\Users\Stacie\Downloads\Fixlog.txt
2016-02-11 20:41 - 2016-02-11 20:41 - 01112816 _____ (Microsoft Corporation) C:\Users\Stacie\Downloads\Setup.X86.en-US_O365ProPlusRetail_0937e379-9d62-40f1-be3d-5c20883de035_TX_PR_.exe
2016-02-10 20:09 - 2016-02-10 20:09 - 00002072 _____ C:\Users\Stacie\Desktop\Avira Free Antivirus Profile Scan for Rootkits and active malware.LNK
2016-02-10 20:05 - 2016-02-10 20:05 - 00002153 _____ C:\Users\Stacie\Desktop\Avira Free Setup.lnk
2016-02-09 04:26 - 2016-02-09 04:26 - 00001114 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-02-09 04:22 - 2016-02-11 15:48 - 00000000 ____D C:\Users\Stacie\AppData\Roaming\Avira
2016-02-09 04:20 - 2016-02-11 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-09 04:18 - 2016-02-11 15:36 - 00000000 ____D C:\ProgramData\Avira
2016-02-09 04:18 - 2016-02-11 15:24 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-02-09 04:18 - 2016-02-11 15:24 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-02-09 04:18 - 2016-02-11 15:24 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-02-09 04:18 - 2016-02-11 15:24 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-02-09 04:18 - 2016-02-09 04:26 - 00000000 ____D C:\Program Files (x86)\Avira
2016-02-09 04:02 - 2016-02-09 04:02 - 02001540 _____ C:\Users\Stacie\Downloads\pc-decrapifier-3.0.0.exe
2016-02-09 04:00 - 2016-02-09 04:01 - 01164184 _____ C:\Users\Stacie\Downloads\avira-free.exe
2016-02-09 03:23 - 2016-02-09 03:24 - 03901072 _____ (solvusoft Corporation ) C:\Users\Stacie\Downloads\WinThruster_2016_Setup.exe
2016-02-09 02:09 - 2016-02-11 21:57 - 00000000 ____D C:\Users\Stacie\AppData\LocalLow\Temp
2016-02-09 02:03 - 2016-02-09 02:12 - 00352256 _____ C:\Users\Stacie\Documents\Database1.accdb
2016-02-08 23:06 - 2016-02-08 23:09 - 00032411 _____ C:\Users\Stacie\Downloads\Addition.txt
2016-02-08 23:01 - 2016-02-11 22:45 - 00015201 _____ C:\Users\Stacie\Downloads\FRST.txt
2016-02-08 23:00 - 2016-02-11 22:45 - 00000000 ____D C:\FRST
2016-02-08 22:59 - 2016-02-08 22:59 - 00001432 _____ C:\Users\Stacie\Desktop\FRST64 - Shortcut.lnk
2016-02-08 22:54 - 2016-02-08 22:55 - 02370560 _____ (Farbar) C:\Users\Stacie\Downloads\FRST64 (1).exe
2016-02-08 22:53 - 2016-02-08 22:55 - 02370560 _____ (Farbar) C:\Users\Stacie\Downloads\FRST64.exe
2016-02-08 21:51 - 2016-02-08 21:51 - 00000000 ____D C:\Users\Stacie\AppData\Local\niemiro
2016-02-08 21:50 - 2016-02-08 21:50 - 00001470 _____ C:\Users\Stacie\Desktop\SFCFix (1) - Shortcut.lnk
2016-02-08 21:49 - 2016-02-08 21:49 - 02716160 _____ (niemiro) C:\Users\Stacie\Downloads\SFCFix (2).exe
2016-02-08 21:48 - 2016-02-08 21:49 - 02716160 _____ (niemiro) C:\Users\Stacie\Downloads\SFCFix.exe
2016-02-08 21:48 - 2016-02-08 21:49 - 02716160 _____ (niemiro) C:\Users\Stacie\Downloads\SFCFix (1).exe
2016-02-08 03:49 - 2016-02-08 03:50 - 00000000 ____D C:\Users\Stacie\Documents\COLLEGE WORK
2016-02-07 16:50 - 2016-02-07 16:50 - 00003334 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-02-07 16:50 - 2016-02-07 16:50 - 00001988 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2016-02-04 15:00 - 2016-02-04 15:00 - 00002283 _____ C:\Users\Stacie\Desktop\Chrome App Launcher.lnk
2016-02-04 15:00 - 2016-02-04 15:00 - 00000000 ____D C:\Users\Stacie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-02-04 15:00 - 2016-02-04 15:00 - 00000000 ____D C:\Users\Stacie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-02-04 14:36 - 2016-02-04 14:36 - 00000516 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2016-02-01 18:52 - 2016-02-11 16:00 - 00002196 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-01 18:52 - 2016-02-11 16:00 - 00002167 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-01 18:50 - 2016-02-11 22:25 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-01 18:50 - 2016-02-11 21:55 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-01 18:50 - 2016-02-02 12:58 - 00000000 ____D C:\Users\Stacie\AppData\Local\Google
2016-02-01 18:50 - 2016-02-01 18:51 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-01 18:50 - 2016-02-01 18:50 - 00003892 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 18:50 - 2016-02-01 18:50 - 00003656 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-30 03:58 - 2016-01-30 03:58 - 00000000 ____D C:\Users\Stacie\Documents\Custom Office Templates
2016-01-24 14:16 - 2016-02-11 22:28 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-24 14:16 - 2016-02-11 21:28 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-13 20:45 - 2015-12-07 10:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 20:45 - 2015-12-04 15:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 20:41 - 2015-12-30 19:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 20:41 - 2015-12-30 19:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-13 20:41 - 2015-12-30 19:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-13 11:42 - 2015-12-11 04:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-13 11:42 - 2015-12-11 04:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 11:42 - 2015-12-11 03:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 11:42 - 2015-12-11 03:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-13 11:42 - 2015-12-11 03:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-13 11:42 - 2015-12-11 03:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 11:42 - 2015-12-11 03:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-13 11:42 - 2015-12-11 03:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-01-13 11:42 - 2015-12-11 03:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-13 11:42 - 2015-12-11 03:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-13 11:42 - 2015-12-11 02:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-13 11:42 - 2015-12-11 02:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 11:42 - 2015-12-11 02:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-01-13 11:42 - 2015-12-11 02:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-13 11:42 - 2015-12-11 02:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-13 11:42 - 2015-12-11 02:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-13 11:42 - 2015-12-11 02:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-13 11:42 - 2015-12-11 02:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-01-13 11:42 - 2015-12-11 02:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-13 11:42 - 2015-12-11 02:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-13 11:42 - 2015-12-11 02:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-01-13 11:42 - 2015-12-05 05:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 11:42 - 2015-12-02 15:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 11:42 - 2015-12-02 15:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 01798480 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 11:41 - 2015-12-05 05:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-13 11:41 - 2015-12-05 05:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-13 11:41 - 2015-12-03 18:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 11:41 - 2015-12-03 18:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 11:41 - 2015-12-03 18:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 11:41 - 2015-12-03 18:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 11:41 - 2015-12-03 18:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 11:41 - 2015-12-03 17:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-13 11:41 - 2015-12-03 17:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 11:41 - 2015-12-03 17:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 11:41 - 2015-12-03 17:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 11:41 - 2015-12-03 17:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 11:41 - 2015-12-03 17:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-13 11:41 - 2015-12-03 17:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 11:41 - 2015-12-03 17:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-13 11:41 - 2015-12-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 11:41 - 2015-12-03 17:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-13 11:41 - 2015-12-03 16:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 11:41 - 2015-12-03 16:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 11:36 - 2015-12-03 19:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-13 11:36 - 2015-12-03 19:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-13 11:36 - 2015-12-03 19:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-13 11:36 - 2015-12-03 19:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-13 11:36 - 2015-12-03 19:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-13 11:36 - 2015-12-03 18:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-13 11:36 - 2015-12-03 18:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-13 11:36 - 2015-12-03 18:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-13 11:36 - 2015-12-03 18:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-01-13 11:36 - 2015-12-03 18:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-01-13 11:36 - 2015-12-03 17:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-01-13 11:36 - 2015-12-03 17:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-13 11:36 - 2015-12-03 17:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 11:36 - 2015-12-03 16:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 11:35 - 2015-12-03 17:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-01-12 23:09 - 2015-12-08 19:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 23:09 - 2015-12-08 19:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-11 22:30 - 2015-12-01 18:29 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-555111471-2403504220-3507946370-1001
2016-02-11 22:25 - 2013-08-22 14:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-11 21:59 - 2015-12-02 15:43 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-02-11 21:59 - 2013-08-22 13:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-11 21:56 - 2015-12-07 13:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2016-02-11 21:28 - 2015-12-02 15:43 - 00003862 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-02-11 21:01 - 2013-08-22 15:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-11 20:47 - 2015-12-02 01:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-11 20:38 - 2013-08-22 13:36 - 00000000 ____D C:\WINDOWS\Inf
2016-02-11 20:16 - 2013-08-22 15:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-11 20:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-11 05:32 - 2013-08-22 15:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-09 04:26 - 2015-04-07 15:43 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-08 20:59 - 2014-03-18 09:47 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-08 19:31 - 2015-12-01 18:23 - 00000000 ____D C:\Users\Stacie\AppData\Local\Packages
2016-02-08 06:43 - 2015-12-01 19:52 - 00000000 ____D C:\Users\Stacie\AppData\Local\CrashDumps
2016-02-08 03:53 - 2016-01-10 07:42 - 00000000 ____D C:\Users\Stacie\AppData\Roaming\Foxit Software
2016-02-08 02:32 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-07 20:11 - 2015-12-14 05:39 - 00000000 ___DO C:\Users\Stacie\OneDrive
2016-02-07 16:50 - 2015-12-06 14:48 - 00003352 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-02-07 16:49 - 2014-07-15 08:17 - 00000000 ___HD C:\OEM
2016-02-07 16:46 - 2015-04-07 15:43 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-02-07 16:43 - 2015-12-01 18:27 - 00000000 ____D C:\Users\Stacie\AppData\Local\clear.fi
2016-02-07 16:02 - 2015-12-02 01:07 - 00003850 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1449018443
2016-02-07 16:02 - 2015-12-02 01:07 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-07 16:02 - 2015-12-02 01:06 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-25 03:57 - 2015-12-01 18:22 - 00000000 ____D C:\Users\Stacie
2016-01-24 18:10 - 2015-12-02 15:37 - 00000000 ____D C:\Users\Stacie\AppData\Local\Adobe
2016-01-21 16:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\rescache
2016-01-15 22:57 - 2015-12-03 02:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-15 22:53 - 2015-12-03 02:57 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2015-12-02 01:13 - 2015-12-02 01:13 - 0007606 _____ () C:\Users\Stacie\AppData\Local\Resmon.ResmonCfg
2015-04-07 15:28 - 2015-04-07 15:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Stacie\AppData\Local\Temp\avgnt.exe
C:\Users\Stacie\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-02-04 15:15
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Stacie (2016-02-11 22:47:08)
Running from C:\Users\Stacie\Downloads
Windows 8.1 Connected (X64) (2015-12-01 18:22:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-555111471-2403504220-3507946370-500 - Administrator - Disabled)
Guest (S-1-5-21-555111471-2403504220-3507946370-501 - Limited - Disabled)
Stacie (S-1-5-21-555111471-2403504220-3507946370-1001 - Administrator - Enabled) => C:\Users\Stacie
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3006 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.221 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
ELAN HIDI2C Filter Driver X64 13.6.1.1_WHQL (HKLM\...\Elantech) (Version: 13.6.1.1 - ELAN Microelectronic Corp.)
Foxit PhantomPDF (HKLM-x32\...\{F74C595C-BEF2-4AF9-9C4E-68F3CD509C4D}) (Version: 6.0.120.609 - Foxit Corporation)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.1 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4797.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4797.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Opera Stable 35.0.2066.37 (HKLM-x32\...\Opera 35.0.2066.37) (Version: 35.0.2066.37 - Opera Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9350 - Broadcom Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-555111471-2403504220-3507946370-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C330B3C-3F0D-4679-9CE3-0CFDB5695EEB} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {0E84AAFA-2F52-4D56-B14B-A9D21E3AC99F} - System32\Tasks\Opera scheduled Autoupdate 1449018443 => C:\Program Files (x86)\Opera\launcher.exe [2016-02-01] (Opera Software)
Task: {11328C02-7F1B-40D9-92DC-E36DE7875B4F} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated)
Task: {11BE5489-2F52-4ED2-BC53-E959D6EE0741} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {3D610078-C4A5-47FF-A283-F2A13882CAB3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-02-11] (Microsoft Corporation)
Task: {4162566D-36C1-4B2B-B241-745AC79DE177} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {4349BE07-0895-4870-81A5-DA3AD735D791} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [2016-02-11] (Adobe Systems Incorporated)
Task: {49AAE883-A404-41E9-80D4-D0CC5F7E1D78} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-17] (Acer Incorporated)
Task: {4F9AAFBE-74E9-447A-8982-7D8997C91B05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-12-02] (Microsoft Corporation)
Task: {54241D0D-F5DE-443F-A0FC-B3A611A98D84} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-26] ()
Task: {5507224A-423C-4160-A6AF-802D0A5E5FF2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-11] (Adobe Systems Incorporated)
Task: {5932353E-9AB5-4A73-93CD-EF5F8521E0BE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {6E878EBE-4524-418F-A2FD-F4FDDEC7CEEC} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {6F5A56D8-D7F8-47D0-9F96-10D8D53B136B} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {7968C3A5-4F92-4D4A-B1DF-53DEF0471997} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-12-02] (Microsoft Corporation)
Task: {7B78FE8E-3939-43D1-BA11-94C5F5C8EB89} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {85AD32FE-1559-48F6-9EE2-A93F09E9C659} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {88EE1A87-BE93-40E7-9EB6-627D36D9E487} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {90E8D422-1B78-4DF9-8F5D-971768044F13} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-17] ()
Task: {959795E2-A6D8-451B-9E3E-7010C8676679} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-17] ()
Task: {97CDDB60-BD70-4D99-9A8D-B0FA054A35F1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {BF100BEE-13EF-4E5C-9E59-096985C221C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-01] (Google Inc.)
Task: {E62055D6-62C8-4C36-BE7E-D0ACEE1762CA} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {EBA3D7EA-0B18-404C-B186-2D355EF4A5E8} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-01-19] (Acer)
Task: {F29A9F72-B784-424D-93AF-9DDF3436E067} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-01] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Public\Desktop\Dropbox.lnk -> C:\Program Files\Dropbox\StartURL.exe () -> hxxps://www.dropbox.com/partners/acer2014/download
==================== Loaded Modules (Whitelisted) ==============
2014-02-18 19:02 - 2014-02-18 19:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2015-12-02 01:42 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-04-07 15:53 - 2012-04-24 10:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-02-07 16:02 - 2016-02-07 16:01 - 62319736 _____ () C:\Program Files (x86)\Opera\35.0.2066.37\opera.dll
2016-02-07 16:02 - 2016-02-07 15:58 - 02074232 _____ () C:\Program Files (x86)\Opera\35.0.2066.37\libglesv2.dll
2016-02-07 16:02 - 2016-02-07 15:58 - 00081528 _____ () C:\Program Files (x86)\Opera\35.0.2066.37\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\sharepoint.com -> hxxps://livewarringtonac.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-555111471-2403504220-3507946370-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\StartupApproved\Run: => "AcerCloud"
HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\StartupApproved\Run: => "Pokki"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{90B92C0A-6338-4BEA-B3E0-70B268BEEAA7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{40243A71-8361-44D7-BAAF-4DBA813683DC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{6FCF0307-B9FD-4AAA-AF20-0BB0132C75F4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{20640A13-C5DA-44E6-ACA6-8013DAD31BF3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{12540755-9904-4A07-9D3C-6497F026D0DF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{AFCAE119-E91B-4BE3-8357-49049F455C7A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D75DA9B0-4ED3-4E61-8D46-A09FEFE4FFAE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{669AE168-E614-46BE-9A2A-9A05FE5B2666}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{5C8C44A7-493B-45AA-BEEF-DAFBE07F9688}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{BD4E59F5-2653-4761-A333-1D9D844ABF94}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{ED0E24D3-5B83-42D5-94BF-8887CE957173}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5B695D04-B49D-4FDB-A804-81F872EC0E7B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F8CC59B7-B283-4981-B1AD-65C659D9E864}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{601CDA19-79B0-4C1E-B39E-3090D6C9ADC8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8A9B6D73-363B-4C27-9F3F-F54546D9D526}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{80A1CE7B-C391-4CF8-8818-94B902E5DA2E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4F871BD4-7D01-4918-A998-EB4DAA629BE2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1951CCAF-A610-464F-8A78-3DD7D5E18869}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{0C253499-155E-4838-8ED7-BD67F9C03D5F}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{B2FF5CD7-E30D-41CC-A95E-CB61A5D57793}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{90FEEB2B-39A8-4BEA-B4BE-798D31D21A30}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{42D1521A-842D-4707-80E7-2D5C78EE42E5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C2031A88-3D4C-4A08-96D6-973E0DD71ABE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{29826C50-EE04-4858-BCE4-755EEF715639}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9439D569-EAFE-4FCC-B8A8-108AEE58422F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{82F9C9C3-1802-4CEC-8EC4-91949017C51F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{35C00FB3-CAB2-4972-A7E7-C2A36A01DAE6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4264D767-5DCA-45A1-A9E4-FF50B883D1C4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D96F06E1-829B-417F-AC9A-0CA1B18516D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{28483B6A-2A3B-4A56-895F-94254BB8BCA0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E8DBA5DB-DA00-48CC-9F84-3368584491AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{170EBBAA-F10F-42D4-A6FC-BF46B5F75B35}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C2E4DDD2-EB7A-4B0B-A931-17F8BB383451}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{05B778B9-1CDC-4A8E-8BC0-46B34E45CD72}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{69927736-1404-4995-A164-6F384A7612B5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C7F20675-8286-40E1-ADB4-D594B76E0FB0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
23-01-2016 02:24:09 Scheduled Checkpoint
30-01-2016 13:54:58 Scheduled Checkpoint
04-02-2016 14:52:54 Installed Project My Screen App
08-02-2016 04:44:36 Removed Project My Screen App
11-02-2016 22:34:34 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/11/2016 10:03:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (02/11/2016 08:39:04 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (02/09/2016 01:58:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: StacesAcer)
Description: Activation of application winstore_cw5n1h2txyewy!Windows.Store failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/09/2016 01:57:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: StacesAcer)
Description: Activation of application winstore_cw5n1h2txyewy!Windows.Store failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (02/08/2016 03:29:03 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (02/08/2016 04:39:28 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (02/08/2016 01:18:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: delegate_execute.exe, version: 48.0.2564.103, time stamp: 0x56b11bc1
Faulting module name: delegate_execute.exe, version: 48.0.2564.103, time stamp: 0x56b11bc1
Exception code: 0x80000003
Fault offset: 0x00007f91
Faulting process ID: 0x114c
Faulting application start time: 0xdelegate_execute.exe0
Faulting application path: delegate_execute.exe1
Faulting module path: delegate_execute.exe2
Report ID: delegate_execute.exe3
Faulting package full name: delegate_execute.exe4
Faulting package-relative application ID: delegate_execute.exe5
Error: (02/05/2016 02:00:06 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2143485936
Error: (02/05/2016 02:00:06 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {3671B6F1-A959-406A-81B4-B0AB5971DED6}
Error: (02/05/2016 02:00:06 PM) (Source: Microsoft Office 15) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {3671B6F1-A959-406A-81B4-B0AB5971DED6}
System errors:
=============
Error: (02/11/2016 10:24:48 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error: (02/11/2016 10:24:48 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error: (02/11/2016 10:24:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error: (02/11/2016 10:23:51 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056
Error: (02/11/2016 10:23:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The User Experience Improvement Program service terminated unexpectedly. It has done this 1 time(s).
Error: (02/11/2016 10:23:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Quick Access RadioMgr Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/11/2016 10:23:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (02/11/2016 10:23:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Quick Access Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/11/2016 10:23:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Service Host service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (02/11/2016 10:23:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ePower Service service terminated unexpectedly. It has done this 1 time(s).
==================== Memory info ===========================
Processor: Intel® Celeron® CPU N2840 @ 2.16GHz
Percentage of memory in use: 58%
Total physical RAM: 1929.7 MB
Available physical RAM: 804.49 MB
Total Virtual: 3209.7 MB
Available Virtual: 1564.61 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:449.76 GB) (Free:416.14 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 9BFAE307)
Partition: GPT.
==================== End of Addition.txt ============================