Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware?


  • Please log in to reply

#1
Mikp00

Mikp00

    New Member

  • Member
  • Pip
  • 1 posts

I've been getting popups on websites that I usually don't get random popup ads on, and I'm not sure what to do to resolve this problem. I could barely get onto a page without being redirected to some survey or a prize scam, can anyone help?

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Elizabeth (administrator) on MELINASLAPPYTOP (17-02-2016 09:18:45)
Running from C:\Users\Elizabeth\Desktop
Loaded Profiles: Elizabeth (Available Profiles: Elizabeth & Guest)
Platform: Windows 8.1 Connected (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\Techsmart Computer\privoxy.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.8.203.0\McCSPServiceHost.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-20] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-05-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-732701740-4041966605-1373364186-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-08-29] (Spotify Ltd)
HKU\S-1-5-21-732701740-4041966605-1373364186-1001\...\Run: [join.me.launcher] => C:\Users\Elizabeth\AppData\Local\join.me.launcher\join.me.launcher.exe [176560 2015-10-27] (LogMeIn, Inc)
HKU\S-1-5-21-732701740-4041966605-1373364186-1001\...\MountPoints2: {4cf0d291-f012-11e4-82a7-f8a963e5303d} - "E:\windows\AutoRun.exe" {430A8AE3-8898-4DAB-8C5B-5E8ADA7D571E} 3.0.0.02 VID_19D2&PID_0358 {9B00E99F-83A4-40d4-B987-7EB04F722BB7}
HKU\S-1-5-21-732701740-4041966605-1373364186-1001\...\MountPoints2: {551ce3f4-f1f6-11e4-82aa-f8a963e5303d} - "E:\MotorolaDeviceManagerSetup.exe" -a
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.169.1
Tcpip\..\Interfaces\{A99C2E00-9C35-4C9F-A158-7A20D1235D20}: [DhcpNameServer] 192.168.169.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-732701740-4041966605-1373364186-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-732701740-4041966605-1373364186-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM-x32 -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-732701740-4041966605-1373364186-1001 -> {1DD3DEC1-1B84-461F-B819-CC9928B78A36} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US662D20141226&p={searchTerms}
SearchScopes: HKU\S-1-5-21-732701740-4041966605-1373364186-1001 -> {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL = 
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-28] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-28] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-12-02] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-12-02] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-12-02] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-12-02] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-01-08] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-01-08] (McAfee, Inc.)
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-28] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-04-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-12-30] ()
FF Plugin HKU\S-1-5-21-732701740-4041966605-1373364186-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Elizabeth\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-17] [not signed]
 
Chrome: 
=======
CHR Profile: C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-17]
CHR Extension: (Google Search) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Retro Robots Theme) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ejiklfknjocjccolialojlfhliacoeoo [2015-12-13]
CHR Extension: (Google Sheets) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (SiteAdvisor) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-02]
CHR Extension: (Google Docs Offline) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-13]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-13]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 0285891454429128mcinstcleanup; C:\Windows\TEMP\028589~1.EXE [918056 2015-11-27] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows ® Win 7 DDK provider) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-01-14] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2577640 2013-12-04] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2014-12-30] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 Intel® TA SAM; C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18064 2015-04-18] ()
S2 Intel® Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel® Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel® Corporation)
S2 Intel® TechnologyAccessService; C:\Program Files\Intel Corporation\Intel® Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel® Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-12-02] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-01-08] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-01-08] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
R2 PrivoxyService; C:\Program Files (x86)\Techsmart Computer\privoxy.exe [371200 2016-01-02] (The Privoxy team - www.privoxy.org) [File not signed] <==== ATTENTION
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51712 2014-04-16] (Advanced Micro Devices, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-14] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Origin Client Service; "C:\Program Files (x86)\Origin\OriginClientService.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [85704 2014-04-16] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-11] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [230088 2014-04-16] (Advanced Micro Devices, Inc. )
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-19] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-12-31] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
U3 mfeaack01; no ImagePath
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
U3 mfehidk01; no ImagePath
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-12-02] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
S3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-17 09:18 - 2016-02-17 09:20 - 00023153 _____ C:\Users\Elizabeth\Desktop\FRST.txt
2016-02-17 09:15 - 2016-02-17 09:15 - 00001165 _____ C:\Users\Elizabeth\Downloads\FRST64.exe - Shortcut.lnk
2016-02-17 09:14 - 2016-02-17 09:18 - 00000000 ____D C:\FRST
2016-02-17 09:14 - 2016-02-17 09:14 - 02370560 _____ (Farbar) C:\Users\Elizabeth\Desktop\FRST64.exe
2016-02-17 09:07 - 2016-02-17 09:07 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\Elizabeth\Downloads\qkill (1).exe
2016-02-17 09:02 - 2016-02-17 09:08 - 00002362 _____ C:\Users\Elizabeth\Desktop\Rkill.txt
2016-02-17 09:02 - 2016-02-17 09:02 - 00000000 ____D C:\Users\Elizabeth\Desktop\rkill
2016-02-17 09:00 - 2016-02-17 09:00 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\Elizabeth\Downloads\qkill.exe
2016-02-17 07:48 - 2016-02-17 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-02-17 07:40 - 2016-02-17 07:40 - 00000000 ____D C:\ProgramData\Intel Security
2016-02-17 07:38 - 2016-02-17 07:38 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2016-02-17 07:37 - 2016-02-17 07:37 - 00002030 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2016-02-17 07:37 - 2016-02-17 07:37 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-02-17 07:26 - 2016-02-17 07:26 - 00003674 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-17 09:02 - 2014-12-26 16:21 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-732701740-4041966605-1373364186-1001
2016-02-17 09:01 - 2014-12-30 10:10 - 00001033 _____ C:\Users\Elizabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
2016-02-17 09:01 - 2014-12-30 10:10 - 00001025 _____ C:\Users\Elizabeth\Desktop\join.me.lnk
2016-02-17 09:01 - 2014-12-30 09:28 - 00000000 ____D C:\Users\Elizabeth\AppData\Local\join.me
2016-02-17 08:57 - 2015-06-29 14:12 - 00000000 ____D C:\Users\Elizabeth\AppData\Local\join.me.launcher
2016-02-17 08:46 - 2014-12-26 16:36 - 00000938 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-17 08:31 - 2015-08-27 08:25 - 00000938 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d02154c676c0e0.job
2016-02-17 08:21 - 2013-08-22 10:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-17 08:15 - 2014-12-26 16:39 - 00002356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-17 08:15 - 2014-12-26 16:39 - 00002327 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-17 07:48 - 2014-12-26 16:42 - 00000000 ____D C:\Users\Elizabeth\AppData\Local\CrashDumps
2016-02-17 07:46 - 2014-08-04 02:17 - 00000000 ____D C:\ProgramData\McAfee
2016-02-17 07:44 - 2015-08-27 08:21 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-17 07:43 - 2014-08-04 02:17 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-02-17 07:42 - 2013-08-22 10:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-02-17 07:40 - 2015-06-25 11:07 - 00003064 _____ C:\Windows\System32\Tasks\McAfeeLogon
2016-02-17 07:40 - 2015-06-25 11:07 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-02-17 07:37 - 2015-07-21 07:03 - 00003352 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2016-02-17 07:37 - 2014-08-04 02:03 - 00000000 ____D C:\Program Files (x86)\Acer
2016-02-17 07:36 - 2014-08-04 02:16 - 00000000 ___HD C:\OEM
2016-02-17 07:36 - 2013-08-22 08:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-02-17 07:34 - 2014-08-04 02:04 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-02-17 07:30 - 2014-12-26 16:30 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{44422025-95FC-4C30-84AC-DC9956243FF6}
2016-02-17 07:27 - 2015-07-21 19:38 - 00003344 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2016-02-17 07:26 - 2015-08-27 08:28 - 00003910 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d02154c676c0e0
2016-02-17 07:26 - 2014-12-26 16:17 - 00000000 ____D C:\Users\Elizabeth\AppData\Local\clear.fi
2016-02-17 07:23 - 2014-12-26 16:24 - 00000000 ___DO C:\Users\Elizabeth\OneDrive
2016-02-02 10:57 - 2015-12-28 16:27 - 00000000 ____D C:\Program Files (x86)\Techsmart Computer
2016-02-02 10:55 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\AppReadiness
 
==================== Files in the root of some directories =======
 
2014-08-29 21:04 - 2014-08-29 21:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Elizabeth\AppData\Local\Temp\6324.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\6BEB.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\bdfilters.dll
C:\Users\Elizabeth\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbzcicd.dll
C:\Users\Elizabeth\AppData\Local\Temp\F4CD.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\GPUpd56C467040.exe
C:\Users\Elizabeth\AppData\Local\Temp\InstallIMVU_518.0.exe
C:\Users\Elizabeth\AppData\Local\Temp\Intel_Technology_Access_Software.exe
C:\Users\Elizabeth\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Elizabeth\AppData\Local\Temp\MotorolaDeviceManager_2.2.28.exe
C:\Users\Elizabeth\AppData\Local\Temp\ochelper.dll
C:\Users\Elizabeth\AppData\Local\Temp\ochelper.exe
C:\Users\Elizabeth\AppData\Local\Temp\oct1054.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\oct119F.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\oct19C0.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\oct1CAD.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\oct2C50.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\oct3803.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\oct616D.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\oct9885.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\octF12D.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\octF642.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\octF8FA.tmp.exe
C:\Users\Elizabeth\AppData\Local\Temp\Quarantine.exe
C:\Users\Elizabeth\AppData\Local\Temp\sqlite3.dll
C:\Users\Elizabeth\AppData\Local\Temp\_is5168..dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-09 16:55
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Elizabeth (2016-02-17 09:22:33)
Running from C:\Users\Elizabeth\Desktop
Windows 8.1 Connected (X64) (2014-12-26 21:15:47)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-732701740-4041966605-1373364186-500 - Administrator - Disabled)
Elizabeth (S-1-5-21-732701740-4041966605-1373364186-1001 - Administrator - Enabled) => C:\Users\Elizabeth
Guest (S-1-5-21-732701740-4041966605-1373364186-501 - Limited - Enabled) => C:\Users\Guest
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3012 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{E438A632-CADC-49E4-9492-C9F50F9AE37F}) (Version: 7.01.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{FF0A904E-8827-4F6E-9A59-900D4C997AD1}) (Version: 1.0.8 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{E043161E-A691-B3C2-E60C-2FBBD8CFF720}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
IMVU Avatar Chat Software (HKU\S-1-5-21-732701740-4041966605-1373364186-1001\...\IMVU Avatar chat client software BETA) (Version:  - )
Intel® Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel® Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel® Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
join.me (HKU\S-1-5-21-732701740-4041966605-1373364186-1001\...\JoinMe) (Version: 2.12.0.1804 - LogMeIn, Inc.)
join.me.launcher (x32 Version: 1.0.624.0 - LogMeIn, Inc.) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.7080 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.170 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Motorola Device Software Update (x32 Version: 1.0.40 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0 - Motorola Inc.) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{C01EB132-6707-740E-6ED9-EAC3943918DB}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
PSP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21250 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-732701740-4041966605-1373364186-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {068E98EA-86A1-40C5-92FD-5983FA5A1714} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {0A3B33D7-A26B-491B-937C-B38AE6758A45} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-04-18] ()
Task: {1B90CA2A-7B63-4B9C-A080-33E87D38341C} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-11-03] (McAfee, Inc.)
Task: {1E468D98-CE2D-432B-905A-418DC8574CFE} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [2016-01-03] (McAfee, Inc.)
Task: {2F4EB7C7-C6EB-4838-B5F1-88D4D79D4372} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {31039DD0-AFED-487F-AD7E-238DFF898DB0} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel® Technology Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-04-18] ()
Task: {345EAF4F-52B9-43C4-9489-494584D1D1F0} - System32\Tasks\{6EBC26A2-147B-41F5-B525-F9A2F0667010} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/en/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {37534228-41CE-4594-849E-9641B7901810} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {53F46471-8510-4526-A47A-AEEBFC5E0A40} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {5CD14AA0-1EF1-465E-AA4B-9628FF7FD715} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {602C2005-0476-4CE2-9965-9C0120B0D9A5} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-01-19] (Acer)
Task: {6135B43E-0352-4EAE-B5F7-9F64F49B133E} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {75E4A40F-8D59-4F83-B09D-45464F5103AA} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {83FE2ECA-CA98-44E7-AA9F-53F6A575F510} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {853B04C4-5685-46BF-85D9-C6625C815D07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {879D8C23-9938-4AB2-9FBE-E81AFF9CFFAC} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {8BE8B358-CB43-4924-900E-2F21F478D2B8} - System32\Tasks\Techsmart Computer Cleaner => C:\Program Files (x86)\Techsmart Computer\ittask.exe <==== ATTENTION
Task: {9A592592-CC16-4C2D-AE13-E55707E8A3B7} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-732701740-4041966605-1373364186-1001
Task: {9C6DA90E-F17D-4630-8271-A9F1BC76831D} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A81C01CA-6487-4E44-A19D-9E791450B02C} - System32\Tasks\GoogleUpdateTaskMachineUA1d02154c676c0e0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {B6A98501-405B-459A-A89C-9ECD5CFF01CD} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {D3632B13-B62B-4C33-90D2-7D2C351D7A89} - System32\Tasks\Better Software => C:\Users\Elizabeth\AppData\Roaming\Better Software\Better Software.exe [2015-12-28] () <==== ATTENTION
Task: {D647C0E7-AEA7-45FC-A439-4621C9872332} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {D947E805-9988-44E2-A050-6A3F5B208635} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-12-04] (Acer Incorporated)
Task: {EE8CAD06-DD7F-4156-A2A0-FD04B50A05F9} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {F52F72BA-749A-4A97-B273-6CB2FFE068CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {FBFDEB0C-B52A-4989-987F-739C1DE68AAA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d02154c676c0e0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Public\Desktop\Booking.com.lnk -> C:\Program Files\Booking.COM\StartURL.exe () -> hxxp://www.booking.com/index.html?aid=379334
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-08-04 02:09 - 2012-04-24 05:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-02-26 00:14 - 2014-02-26 00:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 00:11 - 2014-02-26 00:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 00:17 - 2014-02-26 00:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-08-04 02:16 - 2014-07-01 16:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-11-23 18:44 - 2015-11-23 18:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-12-28 16:27 - 2016-01-02 17:04 - 00086528 _____ () C:\Program Files (x86)\Techsmart Computer\mgwz.dll
2016-02-02 12:29 - 2016-01-27 12:39 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libglesv2.dll
2016-02-02 12:28 - 2016-01-27 12:39 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libegl.dll
2015-11-16 19:55 - 2015-11-16 19:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-11-16 19:56 - 2015-11-16 19:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-02-17 07:37 - 2016-02-17 07:37 - 00015064 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-01-14 17:12 - 2016-01-14 17:12 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-01-14 17:11 - 2016-01-14 17:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-02-02 12:29 - 2016-01-27 12:39 - 16799048 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-732701740-4041966605-1373364186-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Elizabeth\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.169.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{AD5CCDC0-B48B-47C5-A993-CE0B655408D4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{FE1F3A97-5C0E-4B07-88D7-463B1BA41537}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{2CB9C9BA-100A-407E-8DC7-F20746C7A3A7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{463742E2-DAF0-4739-896D-7250CEA97533}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{61A35E38-490D-4F09-BCC3-A549ED263899}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A385F8D0-418A-4180-9ECF-567A8561E11E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{A2266C62-75C7-43F2-8C11-154EB08FEB7F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{538E7836-B471-4576-BB04-E71124908761}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{9CEF2E3E-5DA3-4DC0-A14A-03674ED8D2B6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{343CB8BF-59C3-4A84-A718-BC1F4744607A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{8FD4E251-0ED6-4BF9-A706-FD659A5FC077}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{E79D8A15-933A-4601-B76A-CC029FBBF533}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{D7FAAB03-EEAF-4944-B108-6E27BACB68AD}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{21D4292B-4D5C-4B92-A17B-F007E7759BAC}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{0D6A1B53-3D29-4037-B08E-62AEF4F68112}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{4BE7BFB3-A8CE-4089-91AD-6DA354192851}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{9E6477DF-C5E3-48BB-A2F1-D7D2D987FD5D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{28626B44-DDCD-4265-A3F5-DF15D95082B7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{2F843B4F-E521-4AA5-8D44-EEE13505E9D3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{C0424A78-EDF5-46B0-B544-9BA430EC7D49}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{1AFCC7F9-29D6-458F-B381-5711DD518215}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{18B9D736-3B5C-4CE5-870C-97F247DAD000}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5C17CAF9-F7BE-4E96-8FE4-BA771C769333}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A99F17C1-2100-4332-9E2D-BCE220AB8E49}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BAB5E453-CD06-4097-AB23-3AECAF955C6A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{540D1899-A528-407E-B7FA-296BCADF74C0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E0B73B30-79A7-440E-BCBC-C8213043F97B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0FF604C1-6B2E-4588-9670-11CF027A9E18}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{500D7A63-FF18-4C2C-8859-97EB03DF8AF6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BC65FB7F-D199-4FA9-B5B3-82948998BF31}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{0EF5F73B-EB40-4778-A049-30CF77AC1FFB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{C09354F5-80CC-46BA-9CE5-72B90A311759}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{F4A328F3-FB15-4AF2-B890-C24117FB87C2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{52E59840-CC26-4C30-962E-D168689A59A2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{99B45902-1D76-4F00-AF93-DB0872AE2774}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{18498AF2-00D4-4830-9D28-0A7227731320}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{0A7534D7-0036-4CFB-8129-4211686D284F}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{031A70EF-AE48-4681-BD3B-7A98C2874F10}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{5AFA43B4-688C-4B48-B4C6-02182DE94818}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{5EAD6941-181F-469A-8B46-9313475B66C9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7E49D747-F8CD-4ECB-B7F0-0D95CCBC779C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CA898C13-7105-48C4-A649-3175C57E6149}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{18EFA188-1AC0-4422-AA90-8616EDC5D61F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0E7D6DAB-CCA1-45F7-8979-8A8A1757B647}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E8D2D944-AD1E-47DF-8BEC-B65FC73D94C5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3774AA6B-26C5-416D-822D-75E5EA607A7D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F16AB3EB-037B-4253-A409-59EDC42EDAAD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A76BF0AF-D205-4420-9F72-44AF6FAFCE32}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{12EE06DE-DFCA-4475-9A28-99DFA5F5B9AD}] => (Allow) LPort=2869
FirewallRules: [{86751798-632B-4DEB-9309-C54A212D090F}] => (Allow) LPort=1900
FirewallRules: [{CC1A4743-CB93-4425-8801-4673AA71816D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A8306DF2-61BC-44E2-ACC7-9C9BCAFA10F3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{76567F88-28E9-43CC-8E32-76FD456D491D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{384DBF53-7A18-4B96-A829-2AB345C465D8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{02CC633C-DA04-4F3E-8A2C-D68E931F03F4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{17958B5C-F36B-4005-8A9A-D92FE7875C3E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{4653EE55-3706-48B2-9974-6C151BFAF8C1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{81DA4494-CA97-4394-BF4D-E05A2F221146}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{C7C2EC47-2B48-46BD-84B8-B0C5B3CCFBF0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9F928D50-C6A4-4023-A36F-643E83E2089F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{31523FB2-FC5C-4C7B-8DA2-BA15094E0878}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{31F14714-CF61-499B-8E5C-1C29AB2CCBC7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D15CD409-D676-41BA-B1F5-B9BECDE74927}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D25CC3F0-498C-4353-A250-8426C39C718E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B587E0AB-728F-438D-B186-68CFF35E9F97}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6B79ABA7-4EA5-473B-9D21-CEA534710A79}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{01587EDF-BFB7-42DE-9C8D-D9BE0F6E79D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{728AFE61-3925-47A9-BAFF-B194B493099F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{766C39B1-B2A0-40C1-B076-ACA27EB19F52}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{65F3B1A7-9EE4-402A-8F30-192FEEE17471}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5B78EF78-EF1F-4C11-A4A1-5253FA936654}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A679399D-4923-4D0C-9823-2BD72CF38913}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{46498B7C-2EA8-459D-ACE2-ADEB208B1F25}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3169DDCB-F355-4DAB-96F7-052A3E56F9A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4259EECC-F722-4B99-8FCB-E2A53EA5BBE9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B458ED4D-4FC7-4398-A3F9-40AD73F38AF4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9CC56EBE-10CE-4F26-81EB-BC125394FD08}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2886C9CD-3874-4223-9B3D-880A6823F5EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A5E2382B-639B-4834-91B1-BA3F8AEB8B32}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{02F7E010-EE7A-4A55-94F8-A4DF174D023A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{941A2166-4759-457A-961E-C70A42A2602E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{88A28297-0DAB-4E60-AAF4-E0931F6A450A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B733EEF1-1FBD-49B4-A5C6-2E46A067E3D9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D5ECD1D1-EB70-4D43-9343-5787C40E1CA5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2B6B45E5-6F91-4C19-A1CD-FA58BAC02929}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B4906905-2055-4C21-B55A-BEB2BD6793E9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CB573616-F220-4E2B-963E-4125DD011C20}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AD13D210-6986-4A70-892E-88C06DA3816C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{89AD2F48-8575-47C2-AB1C-F60630D595A9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{13EF76F6-EC86-4D9A-8983-5B60AA21744E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B885FDD0-2114-41D9-BFAC-7833E115C0B5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{73B1AAAF-D353-4CAD-980D-F61F5BC46360}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{BC4638FF-B223-4AD0-8812-4E5C4FAE9962}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{50F0D61A-5861-49EC-B538-620F2A0A4959}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7C7A3411-51C2-4F49-AF52-0D98149C201C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F69FCF2E-F3FF-49B1-8F53-3168F38C5F28}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5B273DB8-8A51-44F0-A452-8ED679872575}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7B4EDCB5-F50B-4D59-B21E-0408C3CE2F7C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{094853C0-0DEF-4026-8182-4C64C2774AEB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
25-10-2015 16:48:36 Intel® Technology Access
07-11-2015 17:24:59 Windows Update
12-12-2015 06:12:59 Windows Update
18-12-2015 05:00:53 Windows Update
26-12-2015 13:19:43 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
26-12-2015 13:21:39 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
31-12-2015 07:53:55 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/17/2016 08:12:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18124 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1350
 
Start Time: 01d169848cebdd20
 
Termination Time: 104
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id: 1d697189-d578-11e5-82fb-f8a963e5303d
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/17/2016 07:48:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18124, time stamp: 0x5641278d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000409
Fault offset: 0x00000000
Faulting process id: 0x1d70
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (02/02/2016 04:04:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MELINASLAPPYTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/02/2016 04:04:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MELINASLAPPYTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.People failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/02/2016 12:55:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 20c
 
Start Time: 01d15de224d2ccce
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 18b85e4a-c9d6-11e5-82fb-f8a963e5303d
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (02/02/2016 11:58:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BtvStack.exe, version: 8.0.1.318, time stamp: 0x530d851e
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2bcac
Exception code: 0x40000015
Fault offset: 0x00000000000761c9
Faulting process id: 0x7d4
Faulting application start time: 0xBtvStack.exe0
Faulting application path: BtvStack.exe1
Faulting module path: BtvStack.exe2
Report Id: BtvStack.exe3
Faulting package full name: BtvStack.exe4
Faulting package-relative application ID: BtvStack.exe5
 
Error: (12/31/2015 11:47:17 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (12/31/2015 11:47:17 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (12/31/2015 11:46:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: c10
 
Start Time: 01d143e9ff7ca0c4
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: f4d10914-afdd-11e5-82fb-f8a963e5303d
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (12/31/2015 08:00:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1608
 
Start Time: 01d143ca78c93dd1
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 70cf42ce-afbe-11e5-82f9-f8a963e5303d
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
 
System errors:
=============
Error: (02/17/2016 07:46:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error: 
%%1
 
Error: (02/17/2016 07:38:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Boot Delay Start Service service failed to start due to the following error: 
%%1053
 
Error: (02/17/2016 07:38:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee Boot Delay Start Service service to connect.
 
Error: (02/02/2016 04:04:42 PM) (Source: DCOM) (EventID: 10010) (User: MELINASLAPPYTOP)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4
 
Error: (02/02/2016 04:04:42 PM) (Source: DCOM) (EventID: 10010) (User: MELINASLAPPYTOP)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.3
 
Error: (01/02/2016 05:04:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Privoxy (PrivoxyService) service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (12/31/2015 11:52:47 AM) (Source: DCOM) (EventID: 10010) (User: MELINASLAPPYTOP)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (12/31/2015 11:52:47 AM) (Source: DCOM) (EventID: 10010) (User: MELINASLAPPYTOP)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (12/31/2015 11:39:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® Technology Access Service service failed to start due to the following error: 
%%1053
 
Error: (12/31/2015 11:39:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Technology Access Service service to connect.
 
 
==================== Memory info =========================== 
 
Processor: AMD E2-6110 APU with AMD Radeon R2 Graphics 
Percentage of memory in use: 70%
Total physical RAM: 3288.23 MB
Available physical RAM: 959.75 MB
Total Virtual: 4120.23 MB
Available Virtual: 1439.61 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:916.32 GB) (Free:853.24 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0094E489)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,012 posts
  • MVP
 
Download the attached fixlist.txt to the same location as FRST
 
[attachment=80366:fixlist.txt]
 
Run FRST and press Fix
A fix log will be generated please post that 
 

 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
    Run a FRST scan again with the Addition.txt boxed checked and post both logs.  Remember to right click and Run As Admin to start FRST.   Is it any better now?

     


    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP