Amazon assistant aa.hta

By paulsma · 8 replies
Feb 16, 2018
Post New Reply
  1. I have been infected with this infuriating pop-up problem. I saw other people getting help with this on TechSpot, so I began the instructions. I have already run the Farbar scan.
     
  2. paulsma

    paulsma TS Rookie Topic Starter

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
    Ran by Mel (administrator) on LAPTOP-HR19R3JB (16-02-2018 22:03:31)
    Running from C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
    Loaded Profiles: Mel (Available Profiles: Mel)
    Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Edge)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
    ==================== Processes (Whitelisted) =================
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
    () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
    (Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe
    (Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
    (Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
    (Dashlane SAS) C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe
    (SweetLabs, Inc) C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
    (Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\odscanui.exe
    () C:\OEM\Preload\FubTracking\FubTracking.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    (Microsoft Corporation) C:\Windows\System32\browser_broker.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    ==================== Registry (Whitelisted) ===========================
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-02] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-02] (Realtek Semiconductor)
    HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [4909824 2016-06-01] (Advanced Micro Devices, Inc.)
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
    HKU\S-1-5-21-440005720-1384804578-157143609-1002\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732448 2015-10-15] (Acer)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2018-02-16]
    ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
    ==================== Internet (Whitelisted) ====================
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{2ac5b39f-5012-4143-90ca-088bfcff364d}: [DhcpNameServer] 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{9e480b2f-8432-441e-b813-5449dfec6cc6}: [DhcpNameServer] 40.30.1.66
    Internet Explorer:
    ==================
    HKU\S-1-5-21-440005720-1384804578-157143609-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://imp.searchetg.com/impression.do?source=732691&sub_id=20171124&user_id=b1c1174b-9816-42aa-ac22-b553977d2c57&traffic_source=Spigot&event=ro_homepage&implementation_id=Vuze+Core&redir=https%3A%2F%2Fsearch.yahoo.com%2F%3Ftype%3D732691%26fr%3Dspigot-yhp-ie
    HKU\S-1-5-21-440005720-1384804578-157143609-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.acer15.msn.com/?pc=ACTE
    HKU\S-1-5-21-440005720-1384804578-157143609-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.acer15.msn.com/?pc=ACTE
    SearchScopes: HKU\S-1-5-21-440005720-1384804578-157143609-1002 -> DefaultScope {842099BA-FF01-4208-8282-87E94984B1CE} URL = hxxp://imp.searchetg.com/impression.do?source=732691&sub_id=20171124&user_id=b1c1174b-9816-42aa-ac22-b553977d2c57&traffic_source=Spigot&event=ro_inb_search&implementation_id=Vuze+Core&redir=https%3A%2F%2Fsearch.yahoo.com%2Fsearch%3Ffr%3Dchr-greentree_ie%26ei%3Dutf-8%26ilc%3D12%26type%3D732691%26p%3D&st={searchTerms}
    SearchScopes: HKU\S-1-5-21-440005720-1384804578-157143609-1002 -> {842099BA-FF01-4208-8282-87E94984B1CE} URL = hxxp://imp.searchetg.com/impression.do?source=732691&sub_id=20171124&user_id=b1c1174b-9816-42aa-ac22-b553977d2c57&traffic_source=Spigot&event=ro_inb_search&implementation_id=Vuze+Core&redir=https%3A%2F%2Fsearch.yahoo.com%2Fsearch%3Ffr%3Dchr-greentree_ie%26ei%3Dutf-8%26ilc%3D12%26type%3D732691%26p%3D&st={searchTerms}
    BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
    BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-01-11] (Bitdefender)
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-18] (Microsoft Corporation)
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-18] (Microsoft Corporation)
    BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
    BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-01-11] (Bitdefender)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-01-18] (Microsoft Corporation)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-01-18] (Microsoft Corporation)
    Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-01-11] (Bitdefender)
    Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-01-11] (Bitdefender)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
    Edge:
    ======
    Edge HomeButtonPage: HKU\S-1-5-21-440005720-1384804578-157143609-1002 -> hxxp://google.com/?gws_rd=ssl
    FireFox:
    ========
    FF DefaultProfile: abzkzqz4.default
    FF ProfilePath: C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Mozilla\Firefox\Profiles\abzkzqz4.default [2018-02-14]
    FF Homepage: Mozilla\Firefox\Profiles\abzkzqz4.default -> hxxp://imp.searchetg.com/impression.do?source=732691&sub_id=20171124&user_id=b1c1174b-9816-42aa-ac22-b553977d2c57&traffic_source=Spigot&event=ro_homepage&implementation_id=Vuze+Core&redir=https%3A%2F%2Fsearch.yahoo.com%2F%3Ftype%3D732691%26fr%3Dspigot-yhp-ff
    hxxps://www.bing.com/?FORM=SLBRDF&PC=SL09
    FF Extension: (Amazon Assistant for Firefox) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Mozilla\Firefox\Profiles\abzkzqz4.default\Extensions\abb-acer@amazon.com [2017-09-14] [Legacy]
    FF Extension: (English (US) Language Pack) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Mozilla\Firefox\Profiles\abzkzqz4.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2017-11-24] [Legacy]
    FF Extension: (Mozilla Partner Defaults) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Mozilla\Firefox\Profiles\abzkzqz4.default\Extensions\partnerdefaults@mozilla.com [2017-09-14] [Legacy]
    FF Extension: (Adblock Plus) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Mozilla\Firefox\Profiles\abzkzqz4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-14]
    FF Extension: (Disable Crash Auto Submit) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Mozilla\Firefox\Profiles\abzkzqz4.default\features\{3b30fafc-136c-4853-8520-6fc86d7fd598}\disable-crash-autosubmit@mozilla.org.xpi [2018-01-07] [Legacy]
    FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2016-07-14] [Legacy]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-ar@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-bg@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-da@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-de@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-el@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org [2016-07-14] [Legacy]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-es-ES@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-et@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-fi@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-fr@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-he@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-hu@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-it@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-ja@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-ko@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-lt@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-nb-NO@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-nl@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-pl@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-pt-BR@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-pt-PT@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-ru@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-sk@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-sl@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-sr@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-sv-SE@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-th@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-tr@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-uk@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-zh-CN@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-zh-TW@firefox.mozilla.org [2017-09-10] [not signed]
    FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-07-14] [Legacy]
    FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
    FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff [2018-01-25]
    FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
    FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2018-01-25] [Legacy] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
    FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-18] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-18] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-16] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.google.com
    CHR Profile: C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default [2018-02-14]
    CHR Extension: (Slides) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-14]
    CHR Extension: (Docs) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-14]
    CHR Extension: (Google Drive) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-14]
    CHR Extension: (YouTube) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-14]
    CHR Extension: (Avast SafePrice) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-02-14]
    CHR Extension: (Sheets) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-14]
    CHR Extension: (McAfee® WebAdvisor) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-02-14]
    CHR Extension: (Google Docs Offline) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-14]
    CHR Extension: (Avast Online Security) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-02-14]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-14]
    CHR Extension: (Gmail) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-14]
    CHR Extension: (Chrome Media Router) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-14]
    CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
    ==================== Services (Whitelisted) ====================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] ()
    S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-06-01] (Advanced Micro Devices) [File not signed]
    R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2119184 2017-09-26] (Bitdefender)
    R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2017-12-23] (Microsoft Corporation)
    R2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [81408 2015-10-14] (Dashlane SAS)
    R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [103584 2018-01-15] (Bitdefender)
    R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1282232 2018-01-19] (Bitdefender)
    R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-05-23] (Acer Incorporated)
    R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-05-23] (Acer Incorporated)
    R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-01] (acer)
    R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [118096 2018-01-15] (Bitdefender)
    R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [1170712 2018-01-15] (Bitdefender)
    R2 vsservp; C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe [524872 2016-08-25] (Bitdefender)
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-02-16] (Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-02-16] (Microsoft Corporation)
    ===================== Drivers (Whitelisted) ======================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305968 2016-06-14] (Advanced Micro Devices)
    R3 AmdGpio2; C:\WINDOWS\System32\drivers\AmdGpio2.sys [34032 2015-11-19] (Advanced Micro Devices, INC.)
    R3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [48880 2015-11-19] (Advanced Micro Devices, INC.)
    S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices, Inc. )
    R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices, Inc. )
    R3 amduart; C:\WINDOWS\System32\drivers\amduart.sys [76304 2015-05-11] (Advanced Micro Devices, INC.)
    R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1058784 2017-12-08] (BitDefender S.R.L. Bucharest, ROMANIA)
    R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-03-01] (Advanced Micro Devices)
    R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1765336 2017-11-28] (BitDefender)
    S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
    R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [133088 2017-06-06] (BitDefender LLC)
    R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [47376 2017-10-09] (© Bitdefender SRL)
    R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
    R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [185416 2015-09-06] (ELAN Microelectronic Corp.)
    R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [187688 2017-05-11] (BitDefender LLC)
    R0 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [338744 2017-11-29] (Bitdefender)
    R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2016-05-23] (Acer Incorporated)
    R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2016-05-23] (Acer Incorporated)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-18] (Realtek )
    R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-17] (Realsil Semiconductor Corporation)
    R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [439576 2017-04-11] (BitDefender S.R.L.)
    S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-02-16] (Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2018-02-16] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-02-16] (Microsoft Corporation)
    ==================== NetSvcs (Whitelisted) ===================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== One Month Created files and folders ========
    (If an entry is included in the fixlist, the file/folder will be moved.)
    2018-02-16 22:03 - 2018-02-16 22:03 - 000000000 ____D C:\FRST
    2018-02-16 18:55 - 2018-02-16 18:55 - 000060932 _____ C:\ProgramData\dm.1518828895.bdinstall.bin
    2018-02-16 18:55 - 2018-02-16 18:55 - 000000000 ____D C:\ProgramData\Bitdefender Device Management
    2018-02-16 18:54 - 2018-02-16 20:11 - 000001623 _____ C:\bdlog.txt
    2018-02-16 18:54 - 2018-02-16 18:54 - 000420314 _____ C:\ProgramData\cl.1518827776.bdinstall.bin
    2018-02-16 18:54 - 2018-02-16 18:54 - 000003420 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
    2018-02-16 18:46 - 2018-02-16 18:46 - 000000000 ____D C:\ProgramData\Atc
    2018-02-16 18:44 - 2018-02-16 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
    2018-02-16 18:44 - 2018-02-16 18:44 - 000002347 _____ C:\Users\Public\Desktop\Bitdefender.lnk
    2018-02-16 18:44 - 2018-02-16 18:44 - 000000000 ____D C:\ProgramData\BDLogging
    2018-02-16 18:43 - 2017-12-08 04:49 - 001058784 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
    2018-02-16 18:43 - 2017-11-28 04:57 - 001765336 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
    2018-02-16 18:43 - 2017-10-09 06:25 - 000047376 _____ (© Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
    2018-02-16 18:43 - 2016-03-14 21:04 - 000023672 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
    2018-02-16 18:43 - 2015-12-04 19:27 - 000087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
    2018-02-16 18:43 - 2007-04-11 10:11 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
    2018-02-16 18:42 - 2018-02-16 18:54 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Bitdefender
    2018-02-16 18:42 - 2017-11-29 00:17 - 000338744 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
    2018-02-16 18:39 - 2018-02-16 18:39 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\QuickScan
    2018-02-16 18:36 - 2018-02-16 18:54 - 000000000 ____D C:\Program Files\Bitdefender
    2018-02-16 18:36 - 2018-02-16 18:46 - 000000000 ____D C:\ProgramData\Bitdefender
    2018-02-16 18:36 - 2017-05-11 04:37 - 000187688 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
    2018-02-16 18:36 - 2017-04-11 03:19 - 000439576 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
    2018-02-16 18:34 - 2018-02-16 18:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
    2018-02-16 15:59 - 2018-02-16 18:36 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
    2018-02-16 15:46 - 2018-02-16 15:46 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
    2018-02-16 15:44 - 2018-02-16 18:55 - 000000000 ____D C:\Program Files\Bitdefender Agent
    2018-02-16 15:44 - 2018-02-16 15:44 - 000049135 _____ C:\ProgramData\agent.1518817459.bdinstall.bin
    2018-02-16 15:44 - 2018-02-16 15:44 - 000000000 ____D C:\ProgramData\Bitdefender Agent
    2018-02-14 15:30 - 2018-02-16 15:03 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-02-14 15:30 - 2018-02-16 15:03 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2018-02-14 15:29 - 2018-02-16 14:54 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2018-02-14 15:29 - 2018-02-16 14:54 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2018-02-14 15:29 - 2018-02-14 16:00 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google
    2018-02-14 15:29 - 2018-02-14 15:30 - 000000000 ____D C:\Program Files (x86)\Google
    2018-02-08 13:48 - 2018-02-08 13:48 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
    2018-01-21 18:42 - 2018-02-14 15:41 - 000000000 ____D C:\WINDOWS\Minidump
    ==================== One Month Modified files and folders ========
    (If an entry is included in the fixlist, the file/folder will be moved.)
    2018-02-16 21:40 - 2017-09-10 15:32 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\clear.fi
    2018-02-16 21:38 - 2017-09-29 02:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2018-02-16 21:37 - 2018-01-12 16:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2018-02-16 20:24 - 2017-09-29 07:37 - 000000000 ____D C:\WINDOWS\CbsTemp
    2018-02-16 20:16 - 2018-01-12 17:16 - 001078990 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2018-02-16 20:11 - 2018-01-12 17:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2018-02-16 20:11 - 2017-10-07 03:25 - 000065536 _____ C:\WINDOWS\psp_storage.bin
    2018-02-16 20:11 - 2017-09-29 02:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2018-02-16 18:44 - 2017-09-29 07:44 - 000000000 ____D C:\WINDOWS\INF
    2018-02-16 18:38 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
    2018-02-16 18:38 - 2017-09-10 15:28 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Host App Service
    2018-02-16 18:34 - 2016-07-14 12:31 - 000000000 ____D C:\ProgramData\McAfee
    2018-02-16 18:34 - 2016-07-14 12:31 - 000000000 ____D C:\Program Files\Common Files\McAfee
    2018-02-16 18:34 - 2016-07-14 12:31 - 000000000 ____D C:\Program Files (x86)\McAfee
    2018-02-16 16:13 - 2018-01-12 17:19 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
    2018-02-16 16:10 - 2018-01-12 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2018-02-16 16:10 - 2017-09-09 07:09 - 000000000 ____D C:\Users\Mel
    2018-02-16 16:10 - 2016-07-14 12:32 - 000000000 ____D C:\ProgramData\Intel Security
    2018-02-16 16:04 - 2017-11-21 15:27 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2018-02-16 15:03 - 2017-09-29 07:46 - 000000000 ___HD C:\Program Files\WindowsApps
    2018-02-16 15:03 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\AppReadiness
    2018-02-16 14:53 - 2018-01-12 17:19 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-440005720-1384804578-157143609-1002
    2018-02-16 14:52 - 2017-09-10 15:49 - 000002409 _____ C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2018-02-16 14:52 - 2017-09-10 15:49 - 000000000 ___RD C:\Users\Mel.LAPTOP-HR19R3JB\OneDrive
    2018-02-14 15:41 - 2016-12-05 12:15 - 000217802 ____N C:\WINDOWS\Minidump\021418-38828-01.dmp
    2018-02-14 15:39 - 2018-01-12 16:55 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB
    2018-02-14 15:39 - 2017-10-13 19:23 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
    2018-02-14 15:39 - 2017-09-24 18:39 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2018-02-14 15:30 - 2018-01-09 11:02 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
    2018-02-14 15:27 - 2017-11-24 17:32 - 000459952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswce003cf5d831c5d2.tmp
    2018-02-14 15:27 - 2017-11-24 17:32 - 000379448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3087a49269cab0d9.tmp
    2018-02-14 15:27 - 2017-11-24 17:32 - 000205464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw90335c14641401b0.tmp
    2018-02-14 15:27 - 2017-11-24 17:32 - 000192944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw27e4d37836ed0e2a.tmp
    2018-02-14 15:27 - 2017-11-24 17:32 - 000146648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw10efce87bacf4722.tmp
    2018-02-14 15:27 - 2017-11-24 17:32 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3cd22da15f97ecf1.tmp
    2018-02-14 15:27 - 2017-11-24 17:32 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw332fa7fffede578a.tmp
    2018-02-14 15:27 - 2017-11-24 17:32 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7cb91e7fc05e9ef4.tmp
    2018-02-14 15:26 - 2018-01-09 11:01 - 000190440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw561869419b132532.tmp
    2018-02-14 15:26 - 2017-11-24 17:32 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1cbf442aa040bd92.tmp
    2018-02-14 15:07 - 2018-01-12 16:56 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Packages
    2018-02-05 20:49 - 2018-01-13 01:20 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2018-02-05 20:49 - 2018-01-13 01:20 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2018-01-25 13:01 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\ELAMBKUP
    2018-01-23 22:45 - 2018-01-12 18:45 - 000000000 ____D C:\Windows.old
    2018-01-18 15:15 - 2017-09-29 07:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2018-01-18 15:13 - 2016-12-05 13:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
    Some files in TEMP:
    ====================
    2018-02-16 16:09 - 2017-08-09 13:12 - 001277584 _____ (McAfee, Inc.) C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Temp\0264661518818971mcinst.exe
    2017-05-30 19:21 - 2017-05-30 19:21 - 000243240 _____ (McAfee, Inc.) C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Temp\McCSPInstall.dll
    2018-02-16 16:11 - 2017-05-30 19:21 - 000208816 _____ (McAfee Inc.) C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Temp\mccspuninstall.exe
    ==================== Bamital & volsnap ======================
    (There is no automatic fix for files that do not pass verification.)
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
    LastRegBack: 2018-02-16 19:44
    ==================== End of FRST.txt ============================
     
  3. paulsma

    paulsma TS Rookie Topic Starter

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
    Ran by Mel (16-02-2018 22:07:29)
    Running from C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
    Windows 10 Home Version 1709 16299.192 (X64) (2018-01-12 23:22:06)
    Boot Mode: Normal
    ==========================================================

    ==================== Accounts: =============================
    Administrator (S-1-5-21-440005720-1384804578-157143609-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-440005720-1384804578-157143609-503 - Limited - Disabled)
    Guest (S-1-5-21-440005720-1384804578-157143609-501 - Limited - Disabled)
    Mel (S-1-5-21-440005720-1384804578-157143609-1002 - Administrator - Enabled) => C:\Users\Mel.LAPTOP-HR19R3JB
    WDAGUtilityAccount (S-1-5-21-440005720-1384804578-157143609-504 - Limited - Disabled)
    ==================== Security Center ========================
    (If an entry is included in the fixlist, it will be removed.)
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
    AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
    FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
    ==================== Installed Programs ======================
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
    abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
    abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
    Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3021 - Acer Incorporated)
    Acer Configuration Manager (HKLM\...\{9A75E3DC-7F6E-47BD-8971-53CF527B96D6}) (Version: 1.00.3001 - Acer Incorporated)
    Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.08.2006 - Acer Incorporated)
    Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3004 - Acer Incorporated)
    Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.01.3001 - Acer Incorporated)
    ACP Application (HKLM\...\{FEB08F55-C810-A6B3-3FF9-57ED91CD5B91}) (Version: 2016.0601.1018.03 - Advanced Micro Devices, Inc.) Hidden
    Amazon Assistant (HKLM-x32\...\{EDA2A064-F600-47BA-9EBA-58BE807BF6D2}) (Version: 10.17.0926 - Amazon) <==== ATTENTION
    AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
    AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2000.2 - Acer Incorporated)
    App Explorer (HKU\S-1-5-21-440005720-1384804578-157143609-1002\...\Host App Service) (Version: 0.273.2.512 - SweetLabs) <==== ATTENTION
    Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 22.0.10.78 - Bitdefender)
    Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 22.0.18.224 - Bitdefender)
    Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 22.0.18.224 - Bitdefender)
    Catalyst Control Center Next Localization BR (HKLM\...\{41749F43-671D-8967-14E1-6689B7D216BC}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (HKLM\...\{34B6DC0F-19E6-8687-2339-26ECA3236967}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (HKLM\...\{909732DC-6E53-9ABD-1BAB-6950F6221922}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (HKLM\...\{59A1F6FF-CF3A-C11D-BA88-39E23005A35B}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (HKLM\...\{B842C9AF-ED3C-404B-8241-4060D41A5CC4}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (HKLM\...\{BBEDBA40-11B4-C2BD-50DF-F9E719E1B9F7}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (HKLM\...\{28923454-E082-CC7F-A74D-F124876999D0}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (HKLM\...\{E24F8AF7-66C2-6433-4312-5F08C39CEE00}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (HKLM\...\{3E68A7BB-4B8E-2DB4-DF58-944AA600B1A9}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (HKLM\...\{15C5D3CD-708B-DB7A-8475-B6AB27FE7301}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (HKLM\...\{3DE50CA9-668B-2786-69D9-14F009C61B74}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (HKLM\...\{A37E161B-439A-3DCA-395F-3D7899F561C5}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (HKLM\...\{6A813CBE-C428-61E4-D5FB-2B0AF75AB881}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (HKLM\...\{6B00C4BD-C896-6B62-F6AF-D8336D81179D}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (HKLM\...\{C8CEF28C-C9BC-0124-5174-F462C63B91F9}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (HKLM\...\{4C051079-7F01-465C-4347-8AC07B9EDC38}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (HKLM\...\{35C7907A-37BA-6509-F4F4-D39218620671}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (HKLM\...\{AD3AED2F-067E-070C-6947-FC1A39058118}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (HKLM\...\{BE34DFC9-387C-8644-0C2E-3DAE49E244F6}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (HKLM\...\{57783FEE-3807-55EB-F5AD-FADEFAF2D49B}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (HKLM\...\{666E1E9D-C9EF-3A16-D82F-F0EFB71074BD}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
    CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
    Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
    ELAN HIDI2C Filter Driver X64 13.6.4.1_WHQL (HKLM\...\Elantech) (Version: 13.6.4.1 - ELAN Microelectronic Corp.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.168 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
    Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8431.2153 - Microsoft Corporation)
    Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.8431.2153 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-440005720-1384804578-157143609-1002\...\OneDriveSetup.exe) (Version: 17.005.0107.0008 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Mozilla Firefox 57.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x64 en-US)) (Version: 57.0.4 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
    OEM Application Profile (HKLM-x32\...\{60499BF0-C3D1-40CC-8600-8A7246534466}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
    Polar Bowler 1st Frame (HKLM-x32\...\WTA-96e475e2-a293-4d16-a2f9-dbc6f19d3f39) (Version: 3.0.2.59 - WildTangent) Hidden
    Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10198 - Qualcomm Atheros)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1F3E59DD-7DCE-4103-9528-57DA43134312}) (Version: 2.9.0.0 - Microsoft Corporation)
    UpdateAssistant (HKLM-x32\...\{DE45508F-369E-4476-8F19-088F4933340E}) (Version: 1.8.0.0 - Microsoft Corporation) Hidden
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
    Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
    ==================== Custom CLSID (Whitelisted): ==========================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-14] (Acer Incorporated)
    ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-14] (Acer Incorporated)
    ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-14] (Acer Incorporated)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-06-01] (Advanced Micro Devices, Inc.)
    ==================== Scheduled Tasks (Whitelisted) =============
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    Task: {0BF7B1A7-4C0D-4241-BB28-2F06FA97192A} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-04-11] ()
    Task: {18895FC3-B192-45BC-B2F8-1F017D9DD040} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
    Task: {18B0032D-5349-401F-8F86-94CEA2277A1E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-16] (Google Inc.)
    Task: {26516655-054F-4D53-87B6-02436933677F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-18] (Microsoft Corporation)
    Task: {32E33239-E27F-44E7-91B6-ED2D65606DE3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-18] ()
    Task: {4773B928-75B8-4C44-AAE1-4F77F63F0376} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-01-18] (Microsoft Corporation)
    Task: {52EB9F33-4666-4745-951C-6C9EB8B75152} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)
    Task: {602A5F65-0240-4BC9-A07B-6190E6CE9A46} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-05-23] (Acer Incorporated)
    Task: {65E6D3E8-1327-4811-8A3C-65A4F563F71A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)
    Task: {6920C442-D8E7-410A-B72A-2F95FE157BE8} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-05-23] (Acer Incorporated)
    Task: {69329AC7-A10C-4FF3-B7D4-BFD38112DE8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-16] (Google Inc.)
    Task: {69B5F439-5076-42D6-966A-9295B05C08DA} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-05-23] (Acer Incorporated)
    Task: {90574F9F-7D24-4709-A54F-F50C35764219} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2018-01-15] (Bitdefender)
    Task: {95EEE2D1-9CDD-495B-9D3A-ED5FF8F5A195} - \User_Feed_Synchronization-{5B645760-AAB8-4F77-A996-2BB399D58ABE} -> No File <==== ATTENTION
    Task: {A06CFAA9-2179-4152-BB25-70A6020424A2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-18] ()
    Task: {B0ED772C-A0FE-445B-94CC-5F8A3BDB1216} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
    Task: {C17E1CC4-E4DD-4C8D-859C-75DA9C6092A8} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-01-19] (Bitdefender)
    Task: {D60260C2-CC6C-468B-AEAE-7F996F44BC49} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {D9674AA0-6178-46D0-AC48-1618AB3E179A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-18] (Microsoft Corporation)
    Task: {DF3AFB3E-DC5F-46BC-9D65-E2FE722B3549} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2016-04-11] ()
    Task: {E41DCC73-5350-49A1-B273-327A85B1A13E} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-15] (Acer Incorporated)
    Task: {E57A03E3-58B6-48AA-8333-20877FA5D10F} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-04-11] ()
    Task: {EFC161E3-1F91-4B2B-922D-F7D11131C122} - System32\Tasks\App Explorer => C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2017-12-21] (SweetLabs, Inc) <==== ATTENTION
    Task: {F19D2431-68ED-4724-9623-82BE7F23A861} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-10-15] (Acer)
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    ==================== Shortcuts & WMI ========================
    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============
    2017-09-29 07:41 - 2017-09-29 07:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
    2018-02-16 18:43 - 2017-02-07 12:34 - 001008448 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpbr.mdl
    2018-02-16 18:43 - 2017-02-07 12:34 - 000541952 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpdsp.mdl
    2018-02-16 18:43 - 2017-02-07 12:34 - 003243920 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpph.mdl
    2018-02-16 18:43 - 2017-02-07 12:34 - 001544568 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttprbl.mdl
    2017-10-04 12:06 - 2017-10-04 12:06 - 000105136 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
    2016-12-05 13:22 - 2018-01-18 15:11 - 008929480 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
    2018-01-12 18:33 - 2018-01-12 18:33 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2018-01-12 18:33 - 2018-01-12 18:33 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2018-02-02 11:13 - 2018-02-02 11:16 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    2018-02-02 11:13 - 2018-02-02 11:16 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
    2018-02-02 11:13 - 2018-02-02 11:17 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
    2018-02-02 11:13 - 2018-02-02 11:16 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
    2015-06-25 19:34 - 2015-06-25 19:34 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
    2015-06-25 19:37 - 2015-06-25 19:37 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
    2015-06-25 19:35 - 2015-06-25 19:35 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
    2015-06-25 19:38 - 2015-06-25 19:38 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
    2015-06-25 18:53 - 2015-06-25 18:53 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
    2015-06-25 18:51 - 2015-06-25 18:51 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
    2016-12-05 15:42 - 2015-05-14 01:10 - 000030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
    2016-04-11 20:16 - 2016-04-11 20:16 - 004644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
    2015-10-15 12:56 - 2015-10-15 12:56 - 000201568 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
    2015-10-15 12:56 - 2015-10-15 12:56 - 000118112 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
    2016-08-15 17:03 - 2016-08-15 17:03 - 000202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
    2016-08-15 17:05 - 2016-08-15 17:05 - 000654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
    2016-08-15 17:05 - 2016-08-15 17:05 - 000641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
    2016-08-15 17:04 - 2016-08-15 17:04 - 000119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
    2018-01-12 16:58 - 2018-01-12 16:58 - 000015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
    2016-08-15 13:36 - 2016-08-15 13:36 - 000013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
    2016-08-15 13:33 - 2016-08-15 13:33 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
    ==================== Alternate Data Streams (Whitelisted) =========
    (If an entry is included in the fixlist, only the ADS will be removed.)

    ==================== Safe Mode (Whitelisted) ===================
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
    ==================== Association (Whitelisted) ===============
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    ==================== Internet Explorer trusted/restricted ===============
    (If an entry is included in the fixlist, it will be removed from the registry.)
    IE trusted site: HKU\S-1-5-21-440005720-1384804578-157143609-1002\...\sharepoint.com -> hxxps://midsouthcommunitycollege-files.sharepoint.com
    ==================== Hosts content: ===============================
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
    2015-10-30 01:24 - 2018-02-16 21:37 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

    ==================== Other Areas ============================
    (Currently there is no automatic fix for this section.)
    HKU\S-1-5-21-440005720-1384804578-157143609-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\101.jpg
    DNS Servers: 75.75.75.75 - 75.75.76.76
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.
    ==================== MSCONFIG/TASK MANAGER disabled items ==

    ==================== FirewallRules (Whitelisted) ===============
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    FirewallRules: [{54AFA598-F635-4C5C-A7D5-B6AB97F2AB58}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{9C07656F-11AD-4160-B93D-0465510A23B7}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{5EE534D0-56D8-4271-A573-3F0150C3BBF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{4E1E61A7-F7E0-4BE6-8B02-F98048E869D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{FE941C80-8607-41BF-9FD7-13AAEAE0DB56}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
    FirewallRules: [{FCD5886B-63D0-42EA-86F8-8718EED4CFDA}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
    FirewallRules: [{12F03D8A-47D6-47DF-9C31-EF7A0DE13DB2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
    FirewallRules: [{79A0C5EB-7CC8-4918-A973-F4891D31C889}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
    FirewallRules: [{207E686D-E3BB-4F8C-84D1-9BE9BD0DDD33}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
    FirewallRules: [{69115E0B-112F-4CBD-B64B-8B47163A6C24}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
    FirewallRules: [{875CA1B0-A024-4C59-9737-67376601DBAC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
    FirewallRules: [{A8955A4B-7CC0-4BF1-A3CF-0B8D7DE244A9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
    FirewallRules: [{23136A1E-2B0A-4273-B9F0-F755059EDA3C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
    FirewallRules: [{3B5CE5D2-6A79-4098-BFAA-424C0C00DFEF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
    FirewallRules: [{E898A77C-C1DA-4A26-974E-DCF073692C09}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
    FirewallRules: [{269864D5-BA70-4754-962D-94BF98E86305}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
    FirewallRules: [{41FCCBD7-ECFA-418A-9D90-0DF17222AA97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{2E3B25F6-BAB1-4BB2-ADE8-5307B8B2C897}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{995CDFDB-9825-4456-99AC-11CC77E9438F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{3F4D0CE8-7523-46F7-A6E7-C85A0F68DC2F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{68586680-8ECE-46CB-A322-3D9B1FBE2BCE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
    FirewallRules: [{2C7707CE-B640-4321-BEC5-74891B42138B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    ==================== Restore Points =========================
    07-02-2018 10:55:01 Windows Update
    14-02-2018 15:24:23 Windows Update
    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================
    Application errors:
    ==================
    Error: (02/16/2018 06:54:31 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: bdagent.exe, version: 22.0.18.216, time stamp: 0x5a5cc880
    Faulting module name: combase.dll, version: 10.0.16299.15, time stamp: 0x3db461b4
    Exception code: 0xc0000005
    Fault offset: 0x000000000002f288
    Faulting process id: 0xa04
    Faulting application start time: 0x01d3a7891eaa3f2f
    Faulting application path: C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
    Faulting module path: C:\WINDOWS\System32\combase.dll
    Report Id: 5ef4e733-29e6-49a5-aa55-29ea0038d616
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (02/16/2018 06:46:40 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.
    Error: (02/16/2018 06:46:35 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.
    Error: (02/16/2018 06:46:35 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.
    Error: (02/16/2018 06:45:37 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
    Error: (02/16/2018 02:55:41 PM) (Source: SideBySide) (EventID: 35) (User: )
    Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
    Component identity found in manifest does not match the identity of the component requested.
    Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
    Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
    Please use sxstrace.exe for detailed diagnosis.
    Error: (02/14/2018 03:08:06 PM) (Source: Perflib) (EventID: 1008) (User: )
    Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
    Error: (02/14/2018 03:02:25 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
    Description: Event-ID 0

    System errors:
    =============
    Error: (02/16/2018 10:02:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The WarpJITSvc service terminated unexpectedly. It has done this 1 time(s).
    Error: (02/16/2018 09:53:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    Error: (02/16/2018 09:38:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    Error: (02/16/2018 09:38:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    Error: (02/16/2018 08:12:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070bc2: 2018-02 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4074588).
    Error: (02/16/2018 08:11:03 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
    Description: DCOM got error "1115" attempting to start the service UsoSvc with arguments "Unavailable" in order to run the server:
    {B91D5831-B1BD-4608-8198-D72E155020F7}
    Error: (02/16/2018 08:11:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Update Orchestrator Service service terminated with the following error:
    This operation returned because the timeout period expired.
    Error: (02/16/2018 07:46:58 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
    Description: A corruption was discovered in the file system structure on volume ??.
    The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x9000000000009. The name of the file is "<unable to determine file name>".

    CodeIntegrity:
    ===================================
    Date: 2018-02-16 20:12:05.304
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
    Date: 2018-02-16 19:34:09.618
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
    Date: 2018-02-16 18:44:19.316
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
    ==================== Memory info ===========================
    Processor: AMD A10-9600P RADEON R5, 10 COMPUTE CORES 4C+6G
    Percentage of memory in use: 80%
    Total physical RAM: 7637.18 MB
    Available physical RAM: 1494.56 MB
    Total Virtual: 15317.18 MB
    Available Virtual: 7998.35 MB
    ==================== Drives ================================
    Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:850.94 GB) NTFS
    \\?\Volume{16b7e359-4a95-4c23-8c27-ff9ce77700a7}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
    \\?\Volume{fe131071-48b5-4790-bec7-f150279af2c5}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.59 GB) NTFS
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: 0B71B067)
    Partition: GPT.
    ==================== End of Addition.txt ============================
     
  4. jobeard

    jobeard TS Ambassador Posts: 11,800   +1,255

    This means you need to run CHKDSK C: /F /R asap
     
  5. paulsma

    paulsma TS Rookie Topic Starter

    Thank you.

    I need more instructions.
    I opened run. I typed that exactly. I hit ok, but the window closed and nothing happened.

    Amazon assistant aa.hta is still running.
     
  6. holdum323

    holdum323 Banned Posts: 1,725   +453

    Last edited: Feb 17, 2018
  7. paulsma

    paulsma TS Rookie Topic Starter

    Thank you.

    Ran check disk and no errors were found. Please advise.
     
  8. paulsma

    paulsma TS Rookie Topic Starter

    Seemed to have fixed the problem now. Could not uninstall amazon assistant through settings, but managed to through the control panel.
    Thank you.
     
  9. holdum323

    holdum323 Banned Posts: 1,725   +453

    If the scan didn't find any integrity errors, nothing you need to do.
    Do you need further advise?? Let us know!
     

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...