Amazon assistant aa.hta

P

paulsma

Posts: 6   +0
I have been infected with this infuriating pop-up problem. I saw other people getting help with this on TechSpot, so I began the instructions. I have already run the Farbar scan.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by Mel (administrator) on LAPTOP-HR19R3JB (16-02-2018 22:03:31)
Running from C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Loaded Profiles: Mel (Available Profiles: Mel)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Dashlane SAS) C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe
(SweetLabs, Inc) C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\odscanui.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-02] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [4909824 2016-06-01] (Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-440005720-1384804578-157143609-1002\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732448 2015-10-15] (Acer)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2018-02-16]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{2ac5b39f-5012-4143-90ca-088bfcff364d}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{9e480b2f-8432-441e-b813-5449dfec6cc6}: [DhcpNameServer] 40.30.1.66
Internet Explorer:
==================
HKU\S-1-5-21-440005720-1384804578-157143609-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://imp.searchetg.com/impression.do?source=732691&sub_id=20171124&user_id=b1c1174b-9816-42aa-ac22-b553977d2c57&traffic_source=Spigot&event=ro_homepage&implementation_id=Vuze+Core&redir=https%3A%2F%2Fsearch.yahoo.com%2F%3Ftype%3D732691%26fr%3Dspigot-yhp-ie
HKU\S-1-5-21-440005720-1384804578-157143609-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-440005720-1384804578-157143609-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-440005720-1384804578-157143609-1002 -> DefaultScope {842099BA-FF01-4208-8282-87E94984B1CE} URL = hxxp://imp.searchetg.com/impression.do?source=732691&sub_id=20171124&user_id=b1c1174b-9816-42aa-ac22-b553977d2c57&traffic_source=Spigot&event=ro_inb_search&implementation_id=Vuze+Core&redir=https%3A%2F%2Fsearch.yahoo.com%2Fsearch%3Ffr%3Dchr-greentree_ie%26ei%3Dutf-8%26ilc%3D12%26type%3D732691%26p%3D&st={searchTerms}
SearchScopes: HKU\S-1-5-21-440005720-1384804578-157143609-1002 -> {842099BA-FF01-4208-8282-87E94984B1CE} URL = hxxp://imp.searchetg.com/impression.do?source=732691&sub_id=20171124&user_id=b1c1174b-9816-42aa-ac22-b553977d2c57&traffic_source=Spigot&event=ro_inb_search&implementation_id=Vuze+Core&redir=https%3A%2F%2Fsearch.yahoo.com%2Fsearch%3Ffr%3Dchr-greentree_ie%26ei%3Dutf-8%26ilc%3D12%26type%3D732691%26p%3D&st={searchTerms}
BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-01-11] (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-18] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-18] (Microsoft Corporation)
BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-01-11] (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-01-18] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-01-18] (Microsoft Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-01-11] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-01-11] (Bitdefender)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-440005720-1384804578-157143609-1002 -> hxxp://google.com/?gws_rd=ssl
FireFox:
========
FF DefaultProfile: abzkzqz4.default
FF ProfilePath: C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Mozilla\Firefox\Profiles\abzkzqz4.default [2018-02-14]
FF Homepage: Mozilla\Firefox\Profiles\abzkzqz4.default -> hxxp://imp.searchetg.com/impression.do?source=732691&sub_id=20171124&user_id=b1c1174b-9816-42aa-ac22-b553977d2c57&traffic_source=Spigot&event=ro_homepage&implementation_id=Vuze+Core&redir=https%3A%2F%2Fsearch.yahoo.com%2F%3Ftype%3D732691%26fr%3Dspigot-yhp-ff
hxxps://www.bing.com/?FORM=SLBRDF&PC=SL09
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Mozilla\Firefox\Profiles\abzkzqz4.default\Extensions\abb-acer@amazon.com [2017-09-14] [Legacy]
FF Extension: (English (US) Language Pack) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Mozilla\Firefox\Profiles\abzkzqz4.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2017-11-24] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Mozilla\Firefox\Profiles\abzkzqz4.default\Extensions\partnerdefaults@mozilla.com [2017-09-14] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Mozilla\Firefox\Profiles\abzkzqz4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-14]
FF Extension: (Disable Crash Auto Submit) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Mozilla\Firefox\Profiles\abzkzqz4.default\features\{3b30fafc-136c-4853-8520-6fc86d7fd598}\disable-crash-autosubmit@mozilla.org.xpi [2018-01-07] [Legacy]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2016-07-14] [Legacy]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-ar@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-bg@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-da@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-de@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-el@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org [2016-07-14] [Legacy]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-es-ES@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-et@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-fi@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-fr@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-he@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-hu@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-it@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-ja@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-ko@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-lt@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-nb-NO@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-nl@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-pl@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-pt-BR@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-pt-PT@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-ru@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-sk@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-sl@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-sr@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-sv-SE@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-th@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-tr@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-uk@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-zh-CN@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-zh-TW@firefox.mozilla.org [2017-09-10] [not signed]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-07-14] [Legacy]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff [2018-01-25]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2018-01-25] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-18] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default [2018-02-14]
CHR Extension: (Slides) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-14]
CHR Extension: (Docs) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-14]
CHR Extension: (Google Drive) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-14]
CHR Extension: (YouTube) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-14]
CHR Extension: (Avast SafePrice) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-02-14]
CHR Extension: (Sheets) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-14]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-02-14]
CHR Extension: (Google Docs Offline) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-14]
CHR Extension: (Avast Online Security) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-02-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-14]
CHR Extension: (Gmail) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-14]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] ()
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-06-01] (Advanced Micro Devices) [File not signed]
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2119184 2017-09-26] (Bitdefender)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-15] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2017-12-23] (Microsoft Corporation)
R2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [81408 2015-10-14] (Dashlane SAS)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [103584 2018-01-15] (Bitdefender)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1282232 2018-01-19] (Bitdefender)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-05-23] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-05-23] (Acer Incorporated)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-01] (acer)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [118096 2018-01-15] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [1170712 2018-01-15] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-02-16] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-02-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305968 2016-06-14] (Advanced Micro Devices)
R3 AmdGpio2; C:\WINDOWS\System32\drivers\AmdGpio2.sys [34032 2015-11-19] (Advanced Micro Devices, INC.)
R3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [48880 2015-11-19] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices, Inc. )
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices, Inc. )
R3 amduart; C:\WINDOWS\System32\drivers\amduart.sys [76304 2015-05-11] (Advanced Micro Devices, INC.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1058784 2017-12-08] (BitDefender S.R.L. Bucharest, ROMANIA)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-03-01] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1765336 2017-11-28] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [133088 2017-06-06] (BitDefender LLC)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [47376 2017-10-09] (© Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [185416 2015-09-06] (ELAN Microelectronic Corp.)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [187688 2017-05-11] (BitDefender LLC)
R0 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [338744 2017-11-29] (Bitdefender)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2016-05-23] (Acer Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2016-05-23] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-18] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-17] (Realsil Semiconductor Corporation)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [439576 2017-04-11] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-02-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2018-02-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-02-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-16 22:03 - 2018-02-16 22:03 - 000000000 ____D C:\FRST
2018-02-16 18:55 - 2018-02-16 18:55 - 000060932 _____ C:\ProgramData\dm.1518828895.bdinstall.bin
2018-02-16 18:55 - 2018-02-16 18:55 - 000000000 ____D C:\ProgramData\Bitdefender Device Management
2018-02-16 18:54 - 2018-02-16 20:11 - 000001623 _____ C:\bdlog.txt
2018-02-16 18:54 - 2018-02-16 18:54 - 000420314 _____ C:\ProgramData\cl.1518827776.bdinstall.bin
2018-02-16 18:54 - 2018-02-16 18:54 - 000003420 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2018-02-16 18:46 - 2018-02-16 18:46 - 000000000 ____D C:\ProgramData\Atc
2018-02-16 18:44 - 2018-02-16 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2018-02-16 18:44 - 2018-02-16 18:44 - 000002347 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2018-02-16 18:44 - 2018-02-16 18:44 - 000000000 ____D C:\ProgramData\BDLogging
2018-02-16 18:43 - 2017-12-08 04:49 - 001058784 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2018-02-16 18:43 - 2017-11-28 04:57 - 001765336 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2018-02-16 18:43 - 2017-10-09 06:25 - 000047376 _____ (© Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2018-02-16 18:43 - 2016-03-14 21:04 - 000023672 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2018-02-16 18:43 - 2015-12-04 19:27 - 000087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2018-02-16 18:43 - 2007-04-11 10:11 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2018-02-16 18:42 - 2018-02-16 18:54 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Bitdefender
2018-02-16 18:42 - 2017-11-29 00:17 - 000338744 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2018-02-16 18:39 - 2018-02-16 18:39 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\QuickScan
2018-02-16 18:36 - 2018-02-16 18:54 - 000000000 ____D C:\Program Files\Bitdefender
2018-02-16 18:36 - 2018-02-16 18:46 - 000000000 ____D C:\ProgramData\Bitdefender
2018-02-16 18:36 - 2017-05-11 04:37 - 000187688 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2018-02-16 18:36 - 2017-04-11 03:19 - 000439576 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2018-02-16 18:34 - 2018-02-16 18:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-16 15:59 - 2018-02-16 18:36 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2018-02-16 15:46 - 2018-02-16 15:46 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2018-02-16 15:44 - 2018-02-16 18:55 - 000000000 ____D C:\Program Files\Bitdefender Agent
2018-02-16 15:44 - 2018-02-16 15:44 - 000049135 _____ C:\ProgramData\agent.1518817459.bdinstall.bin
2018-02-16 15:44 - 2018-02-16 15:44 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2018-02-14 15:30 - 2018-02-16 15:03 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-14 15:30 - 2018-02-16 15:03 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-14 15:29 - 2018-02-16 14:54 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-14 15:29 - 2018-02-16 14:54 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-14 15:29 - 2018-02-14 16:00 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Google
2018-02-14 15:29 - 2018-02-14 15:30 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-08 13:48 - 2018-02-08 13:48 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-01-21 18:42 - 2018-02-14 15:41 - 000000000 ____D C:\WINDOWS\Minidump
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-16 21:40 - 2017-09-10 15:32 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\clear.fi
2018-02-16 21:38 - 2017-09-29 02:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-02-16 21:37 - 2018-01-12 16:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-16 20:24 - 2017-09-29 07:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-16 20:16 - 2018-01-12 17:16 - 001078990 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-16 20:11 - 2018-01-12 17:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-16 20:11 - 2017-10-07 03:25 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2018-02-16 20:11 - 2017-09-29 02:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-16 18:44 - 2017-09-29 07:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-16 18:38 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-16 18:38 - 2017-09-10 15:28 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Host App Service
2018-02-16 18:34 - 2016-07-14 12:31 - 000000000 ____D C:\ProgramData\McAfee
2018-02-16 18:34 - 2016-07-14 12:31 - 000000000 ____D C:\Program Files\Common Files\McAfee
2018-02-16 18:34 - 2016-07-14 12:31 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-02-16 16:13 - 2018-01-12 17:19 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-02-16 16:10 - 2018-01-12 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-02-16 16:10 - 2017-09-09 07:09 - 000000000 ____D C:\Users\Mel
2018-02-16 16:10 - 2016-07-14 12:32 - 000000000 ____D C:\ProgramData\Intel Security
2018-02-16 16:04 - 2017-11-21 15:27 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-02-16 15:03 - 2017-09-29 07:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-16 15:03 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-16 14:53 - 2018-01-12 17:19 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-440005720-1384804578-157143609-1002
2018-02-16 14:52 - 2017-09-10 15:49 - 000002409 _____ C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-16 14:52 - 2017-09-10 15:49 - 000000000 ___RD C:\Users\Mel.LAPTOP-HR19R3JB\OneDrive
2018-02-14 15:41 - 2016-12-05 12:15 - 000217802 ____N C:\WINDOWS\Minidump\021418-38828-01.dmp
2018-02-14 15:39 - 2018-01-12 16:55 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB
2018-02-14 15:39 - 2017-10-13 19:23 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 15:39 - 2017-09-24 18:39 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-14 15:30 - 2018-01-09 11:02 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-02-14 15:27 - 2017-11-24 17:32 - 000459952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswce003cf5d831c5d2.tmp
2018-02-14 15:27 - 2017-11-24 17:32 - 000379448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3087a49269cab0d9.tmp
2018-02-14 15:27 - 2017-11-24 17:32 - 000205464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw90335c14641401b0.tmp
2018-02-14 15:27 - 2017-11-24 17:32 - 000192944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw27e4d37836ed0e2a.tmp
2018-02-14 15:27 - 2017-11-24 17:32 - 000146648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw10efce87bacf4722.tmp
2018-02-14 15:27 - 2017-11-24 17:32 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3cd22da15f97ecf1.tmp
2018-02-14 15:27 - 2017-11-24 17:32 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw332fa7fffede578a.tmp
2018-02-14 15:27 - 2017-11-24 17:32 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7cb91e7fc05e9ef4.tmp
2018-02-14 15:26 - 2018-01-09 11:01 - 000190440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw561869419b132532.tmp
2018-02-14 15:26 - 2017-11-24 17:32 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1cbf442aa040bd92.tmp
2018-02-14 15:07 - 2018-01-12 16:56 - 000000000 ____D C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Packages
2018-02-05 20:49 - 2018-01-13 01:20 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-05 20:49 - 2018-01-13 01:20 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-25 13:01 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\ELAMBKUP
2018-01-23 22:45 - 2018-01-12 18:45 - 000000000 ____D C:\Windows.old
2018-01-18 15:15 - 2017-09-29 07:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-01-18 15:13 - 2016-12-05 13:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
Some files in TEMP:
====================
2018-02-16 16:09 - 2017-08-09 13:12 - 001277584 _____ (McAfee, Inc.) C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Temp\0264661518818971mcinst.exe
2017-05-30 19:21 - 2017-05-30 19:21 - 000243240 _____ (McAfee, Inc.) C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Temp\McCSPInstall.dll
2018-02-16 16:11 - 2017-05-30 19:21 - 000208816 _____ (McAfee Inc.) C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Temp\mccspuninstall.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-16 19:44
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by Mel (16-02-2018 22:07:29)
Running from C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Windows 10 Home Version 1709 16299.192 (X64) (2018-01-12 23:22:06)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-440005720-1384804578-157143609-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-440005720-1384804578-157143609-503 - Limited - Disabled)
Guest (S-1-5-21-440005720-1384804578-157143609-501 - Limited - Disabled)
Mel (S-1-5-21-440005720-1384804578-157143609-1002 - Administrator - Enabled) => C:\Users\Mel.LAPTOP-HR19R3JB
WDAGUtilityAccount (S-1-5-21-440005720-1384804578-157143609-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3021 - Acer Incorporated)
Acer Configuration Manager (HKLM\...\{9A75E3DC-7F6E-47BD-8971-53CF527B96D6}) (Version: 1.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.08.2006 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3004 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.01.3001 - Acer Incorporated)
ACP Application (HKLM\...\{FEB08F55-C810-A6B3-3FF9-57ED91CD5B91}) (Version: 2016.0601.1018.03 - Advanced Micro Devices, Inc.) Hidden
Amazon Assistant (HKLM-x32\...\{EDA2A064-F600-47BA-9EBA-58BE807BF6D2}) (Version: 10.17.0926 - Amazon) <==== ATTENTION
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2000.2 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-440005720-1384804578-157143609-1002\...\Host App Service) (Version: 0.273.2.512 - SweetLabs) <==== ATTENTION
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 22.0.10.78 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 22.0.18.224 - Bitdefender)
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 22.0.18.224 - Bitdefender)
Catalyst Control Center Next Localization BR (HKLM\...\{41749F43-671D-8967-14E1-6689B7D216BC}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{34B6DC0F-19E6-8687-2339-26ECA3236967}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{909732DC-6E53-9ABD-1BAB-6950F6221922}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{59A1F6FF-CF3A-C11D-BA88-39E23005A35B}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{B842C9AF-ED3C-404B-8241-4060D41A5CC4}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{BBEDBA40-11B4-C2BD-50DF-F9E719E1B9F7}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{28923454-E082-CC7F-A74D-F124876999D0}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{E24F8AF7-66C2-6433-4312-5F08C39CEE00}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{3E68A7BB-4B8E-2DB4-DF58-944AA600B1A9}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{15C5D3CD-708B-DB7A-8475-B6AB27FE7301}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{3DE50CA9-668B-2786-69D9-14F009C61B74}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A37E161B-439A-3DCA-395F-3D7899F561C5}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{6A813CBE-C428-61E4-D5FB-2B0AF75AB881}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{6B00C4BD-C896-6B62-F6AF-D8336D81179D}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{C8CEF28C-C9BC-0124-5174-F462C63B91F9}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{4C051079-7F01-465C-4347-8AC07B9EDC38}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{35C7907A-37BA-6509-F4F4-D39218620671}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{AD3AED2F-067E-070C-6947-FC1A39058118}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{BE34DFC9-387C-8644-0C2E-3DAE49E244F6}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{57783FEE-3807-55EB-F5AD-FADEFAF2D49B}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{666E1E9D-C9EF-3A16-D82F-F0EFB71074BD}) (Version: 2016.0601.1137.19043 - Advanced Micro Devices, Inc.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
ELAN HIDI2C Filter Driver X64 13.6.4.1_WHQL (HKLM\...\Elantech) (Version: 13.6.4.1 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.168 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8431.2153 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.8431.2153 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-440005720-1384804578-157143609-1002\...\OneDriveSetup.exe) (Version: 17.005.0107.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 57.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x64 en-US)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
OEM Application Profile (HKLM-x32\...\{60499BF0-C3D1-40CC-8600-8A7246534466}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2153 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-96e475e2-a293-4d16-a2f9-dbc6f19d3f39) (Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10198 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1F3E59DD-7DCE-4103-9528-57DA43134312}) (Version: 2.9.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{DE45508F-369E-4476-8F19-088F4933340E}) (Version: 1.8.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-14] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-14] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-14] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-06-01] (Advanced Micro Devices, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BF7B1A7-4C0D-4241-BB28-2F06FA97192A} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-04-11] ()
Task: {18895FC3-B192-45BC-B2F8-1F017D9DD040} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {18B0032D-5349-401F-8F86-94CEA2277A1E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-16] (Google Inc.)
Task: {26516655-054F-4D53-87B6-02436933677F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-18] (Microsoft Corporation)
Task: {32E33239-E27F-44E7-91B6-ED2D65606DE3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-18] ()
Task: {4773B928-75B8-4C44-AAE1-4F77F63F0376} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-01-18] (Microsoft Corporation)
Task: {52EB9F33-4666-4745-951C-6C9EB8B75152} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)
Task: {602A5F65-0240-4BC9-A07B-6190E6CE9A46} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-05-23] (Acer Incorporated)
Task: {65E6D3E8-1327-4811-8A3C-65A4F563F71A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-23] (Microsoft Corporation)
Task: {6920C442-D8E7-410A-B72A-2F95FE157BE8} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-05-23] (Acer Incorporated)
Task: {69329AC7-A10C-4FF3-B7D4-BFD38112DE8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-16] (Google Inc.)
Task: {69B5F439-5076-42D6-966A-9295B05C08DA} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-05-23] (Acer Incorporated)
Task: {90574F9F-7D24-4709-A54F-F50C35764219} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2018-01-15] (Bitdefender)
Task: {95EEE2D1-9CDD-495B-9D3A-ED5FF8F5A195} - \User_Feed_Synchronization-{5B645760-AAB8-4F77-A996-2BB399D58ABE} -> No File <==== ATTENTION
Task: {A06CFAA9-2179-4152-BB25-70A6020424A2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-18] ()
Task: {B0ED772C-A0FE-445B-94CC-5F8A3BDB1216} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {C17E1CC4-E4DD-4C8D-859C-75DA9C6092A8} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-01-19] (Bitdefender)
Task: {D60260C2-CC6C-468B-AEAE-7F996F44BC49} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D9674AA0-6178-46D0-AC48-1618AB3E179A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-01-18] (Microsoft Corporation)
Task: {DF3AFB3E-DC5F-46BC-9D65-E2FE722B3549} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2016-04-11] ()
Task: {E41DCC73-5350-49A1-B273-327A85B1A13E} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-15] (Acer Incorporated)
Task: {E57A03E3-58B6-48AA-8333-20877FA5D10F} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-04-11] ()
Task: {EFC161E3-1F91-4B2B-922D-F7D11131C122} - System32\Tasks\App Explorer => C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2017-12-21] (SweetLabs, Inc) <==== ATTENTION
Task: {F19D2431-68ED-4724-9623-82BE7F23A861} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-10-15] (Acer)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============
2017-09-29 07:41 - 2017-09-29 07:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-02-16 18:43 - 2017-02-07 12:34 - 001008448 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpbr.mdl
2018-02-16 18:43 - 2017-02-07 12:34 - 000541952 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpdsp.mdl
2018-02-16 18:43 - 2017-02-07 12:34 - 003243920 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpph.mdl
2018-02-16 18:43 - 2017-02-07 12:34 - 001544568 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttprbl.mdl
2017-10-04 12:06 - 2017-10-04 12:06 - 000105136 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2016-12-05 13:22 - 2018-01-18 15:11 - 008929480 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2018-01-12 18:33 - 2018-01-12 18:33 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-01-12 18:33 - 2018-01-12 18:33 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-02 11:13 - 2018-02-02 11:16 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-02-02 11:13 - 2018-02-02 11:16 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-02-02 11:13 - 2018-02-02 11:17 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-02-02 11:13 - 2018-02-02 11:16 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2015-06-25 19:34 - 2015-06-25 19:34 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 19:37 - 2015-06-25 19:37 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 19:35 - 2015-06-25 19:35 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 19:38 - 2015-06-25 19:38 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 18:53 - 2015-06-25 18:53 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 18:51 - 2015-06-25 18:51 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-12-05 15:42 - 2015-05-14 01:10 - 000030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
2016-04-11 20:16 - 2016-04-11 20:16 - 004644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2015-10-15 12:56 - 2015-10-15 12:56 - 000201568 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-10-15 12:56 - 2015-10-15 12:56 - 000118112 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-08-15 17:03 - 2016-08-15 17:03 - 000202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 17:05 - 2016-08-15 17:05 - 000654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 17:05 - 2016-08-15 17:05 - 000641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 17:04 - 2016-08-15 17:04 - 000119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2018-01-12 16:58 - 2018-01-12 16:58 - 000015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-15 13:36 - 2016-08-15 13:36 - 000013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-15 13:33 - 2016-08-15 13:33 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-440005720-1384804578-157143609-1002\...\sharepoint.com -> hxxps://midsouthcommunitycollege-files.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 01:24 - 2018-02-16 21:37 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-440005720-1384804578-157143609-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Mel.LAPTOP-HR19R3JB\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\101.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{54AFA598-F635-4C5C-A7D5-B6AB97F2AB58}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{9C07656F-11AD-4160-B93D-0465510A23B7}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{5EE534D0-56D8-4271-A573-3F0150C3BBF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E1E61A7-F7E0-4BE6-8B02-F98048E869D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FE941C80-8607-41BF-9FD7-13AAEAE0DB56}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{FCD5886B-63D0-42EA-86F8-8718EED4CFDA}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{12F03D8A-47D6-47DF-9C31-EF7A0DE13DB2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{79A0C5EB-7CC8-4918-A973-F4891D31C889}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{207E686D-E3BB-4F8C-84D1-9BE9BD0DDD33}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{69115E0B-112F-4CBD-B64B-8B47163A6C24}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{875CA1B0-A024-4C59-9737-67376601DBAC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{A8955A4B-7CC0-4BF1-A3CF-0B8D7DE244A9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{23136A1E-2B0A-4273-B9F0-F755059EDA3C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{3B5CE5D2-6A79-4098-BFAA-424C0C00DFEF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{E898A77C-C1DA-4A26-974E-DCF073692C09}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{269864D5-BA70-4754-962D-94BF98E86305}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{41FCCBD7-ECFA-418A-9D90-0DF17222AA97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2E3B25F6-BAB1-4BB2-ADE8-5307B8B2C897}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{995CDFDB-9825-4456-99AC-11CC77E9438F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3F4D0CE8-7523-46F7-A6E7-C85A0F68DC2F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{68586680-8ECE-46CB-A322-3D9B1FBE2BCE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{2C7707CE-B640-4321-BEC5-74891B42138B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
07-02-2018 10:55:01 Windows Update
14-02-2018 15:24:23 Windows Update
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (02/16/2018 06:54:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bdagent.exe, version: 22.0.18.216, time stamp: 0x5a5cc880
Faulting module name: combase.dll, version: 10.0.16299.15, time stamp: 0x3db461b4
Exception code: 0xc0000005
Fault offset: 0x000000000002f288
Faulting process id: 0xa04
Faulting application start time: 0x01d3a7891eaa3f2f
Faulting application path: C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
Faulting module path: C:\WINDOWS\System32\combase.dll
Report Id: 5ef4e733-29e6-49a5-aa55-29ea0038d616
Faulting package full name:
Faulting package-relative application ID:
Error: (02/16/2018 06:46:40 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.
Error: (02/16/2018 06:46:35 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.
Error: (02/16/2018 06:46:35 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.
Error: (02/16/2018 06:45:37 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (02/16/2018 02:55:41 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (02/14/2018 03:08:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (02/14/2018 03:02:25 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

System errors:
=============
Error: (02/16/2018 10:02:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WarpJITSvc service terminated unexpectedly. It has done this 1 time(s).
Error: (02/16/2018 09:53:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/16/2018 09:38:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/16/2018 09:38:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/16/2018 08:12:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070bc2: 2018-02 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4074588).
Error: (02/16/2018 08:11:03 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service UsoSvc with arguments "Unavailable" in order to run the server:
{B91D5831-B1BD-4608-8198-D72E155020F7}
Error: (02/16/2018 08:11:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Update Orchestrator Service service terminated with the following error:
This operation returned because the timeout period expired.
Error: (02/16/2018 07:46:58 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x9000000000009. The name of the file is "<unable to determine file name>".

CodeIntegrity:
===================================
Date: 2018-02-16 20:12:05.304
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-02-16 19:34:09.618
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-02-16 18:44:19.316
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD A10-9600P RADEON R5, 10 COMPUTE CORES 4C+6G
Percentage of memory in use: 80%
Total physical RAM: 7637.18 MB
Available physical RAM: 1494.56 MB
Total Virtual: 15317.18 MB
Available Virtual: 7998.35 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:850.94 GB) NTFS
\\?\Volume{16b7e359-4a95-4c23-8c27-ff9ce77700a7}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
\\?\Volume{fe131071-48b5-4790-bec7-f150279af2c5}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.59 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0B71B067)
Partition: GPT.
==================== End of Addition.txt ============================
 
Error: (02/16/2018 07:46:58 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x9000000000009. The name of the file is "<unable to determine file name>".
Click to expand...

This means you need to run CHKDSK C: /F /R asap
 
Thank you.

I need more instructions.
I opened run. I typed that exactly. I hit ok, but the window closed and nothing happened.

Amazon assistant aa.hta is still running.
 
Last edited:
Seemed to have fixed the problem now. Could not uninstall amazon assistant through settings, but managed to through the control panel.
Thank you.
 
You must log in or register to reply here.

Similar threads

orangeshadow
Games lag and freeze in 15-20 minute intervals.
Replies
0
Views
458
orangeshadow
orangeshadow
raxusplays
Is there a way to use a mouse and keyboard and switch safely between Xbox and Laptop?
Replies
0
Views
445
raxusplays
raxusplays
Shawn Knight
Amazon's generative AI can create product pages based on other online listings
Replies
8
Views
187
OortCloud
O

Latest posts

Back