Inactive Possible virus on computer that won't connect to the internet

mom26gr8kids · May 5, 2018

I have two computers that need to be cleaned, so one moderator may want to help with both posts. I have a laptop that stopped connecting to the internet about 6 months ago, but I had purchased a new laptop, so I wasn't too concerned. I figured when I had some time this summer I would start moving files over to my new computer. Today I tried to troubleshoot the system that isn't working, which in the past says maybe my drivers are out of date. Whenever I turn the computer on Malware Bytes does come up saying that it can't update, but today it came up saying that some PUP's had been found on my system (which may be the real reason I can't connect to the internet). Anyway. I had to move some files last week, so now I think my new system may also be infected with something. But my son is graduating, so I need some files from the old computer. So, I need both a download to put on a flash drive to protect my newer laptop so that I can download the programs to clean that computer.

Can I download the virus cleaning software directly onto the flashdrive or do I need to copy them from my computer to the flashdrive.

I can run Avast on my old computer, but it's out of date. Let me know if you would like me to do that in addition to the FRST I need to run to get started

Broni · May 5, 2018

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

====================================

Just give me FRST logs so I can see if there is any infection involved.

mom26gr8kids · May 7, 2018

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.05.2018
Ran by songe_000 (06-05-2018 23:54:55)
Running from D:\
Windows 10 Home Version 1703 15063.674 (X64) (2017-10-01 02:37:51)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-634217685-3676121620-3412417090-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-634217685-3676121620-3412417090-503 - Limited - Disabled)
Guest (S-1-5-21-634217685-3676121620-3412417090-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-634217685-3676121620-3412417090-1003 - Limited - Enabled)
songe_000 (S-1-5-21-634217685-3676121620-3412417090-1001 - Administrator - Enabled) => C:\Users\songe_000

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
Ableton Live 9 Lite (HKLM-x32\...\{81C44E70-0F73-4BE5-B646-3C4F54C4F32A}) (Version: 9.0.0.0 - Ableton)
Ableton Live 9 Trial (HKLM-x32\...\{300E84D8-F6D1-4B58-906F-7E41F34E6D42}) (Version: 9.0.0.0 - Ableton)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer Screen Grasp (HKLM-x32\...\{84443E5D-0767-438B-B1C8-6A52FAB2101B}) (Version: 1.02.3002 - Acer Incorporated)
Acer Touch Tools (HKLM\...\{BB1F8130-3CB3-4896-9D28-770DFFFDE59C}) (Version: 1.01.3001 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.159 - Adobe Systems Incorporated)
Alice Greenfingers 2 (HKLM-x32\...\BFG-Alice Greenfingers 2) (Version: - )
Aloha TriPeaks (HKLM-x32\...\WTA-a0c80ba3-d5c9-49c0-8d1e-2df82fa89bd3) (Version: 2.2.0.98 - WildTangent) Hidden
Amazon Music (HKU\S-1-5-21-634217685-3676121620-3412417090-1001\...\Amazon Amazon Music) (Version: 5.4.2.1801 - Amazon Services LLC)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build-a-lot 2: Town of the Year (HKLM-x32\...\BFG-Build-a-lot 2 - Town of the Year) (Version: - )
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-66cb0f17-50fb-49ff-8924-bad585a1895e) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
Doro 1.85 (HKLM-x32\...\Doro_is1) (Version: - CompSoft)
Fishdom 3 (HKLM-x32\...\BFG-Fishdom 3) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-068bedf7-38fc-4849-bcd3-6ca159b577c0) (Version: 2.2.0.110 - WildTangent) Hidden
HP DeskJet 2600 series Basic Device Software (HKLM\...\{8DA7A239-79C2-49FC-826B-DD26A559FF60}) (Version: 43.2.2474.17192 - HP Inc.)
HP DeskJet 2600 series Help (HKLM-x32\...\{9A36A9D9-787C-4E75-914B-CF133FA88FC9}) (Version: 44.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{C68BD3B6-3CC4-4871-94D1-3412A571001F}) (Version: 36.0.100.66344 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{763E42DC-F6DB-49E5-AAFD-CC3273F858CB}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{1E02EFE9-1EDB-4EE4-B02F-1B23C9AF3CD5}) (Version: 43.0.0.0 - HP)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Google Drive Plugin (HKLM-x32\...\{ADA6C223-3EEA-4CAF-822A-5380A7A40342}) (Version: 36.0.100.66344 - HP)
HP Officejet 6700 Basic Device Software (HKLM\...\{A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP OneDrive Plugin (HKLM-x32\...\{16DB1A9B-1180-43E7-BE29-7201EE339206}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP SharePoint Plugin (HKLM-x32\...\{1F73FB9B-71BC-47F8-8AA6-DA9076E4E52B}) (Version: 43.0.0.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.2.424651.94 - Comodo)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Jojo's Fashion Show: World Tour (HKLM-x32\...\BFG-Jojo's Fashion Show - World Tour) (Version: - )
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Locklizard Safeguard - PDF Viewer (HKLM-x32\...\Locklizard Safeguard - PDF Viewer_sf) (Version: 2.6.41 - Locklizard Ltd.)
Luxor Evolved (HKLM-x32\...\WTA-3cb536ee-0c52-4c62-96d1-745290a647db) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-1ae77067-327d-44ce-8e91-ed114ced669a) (Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8431.2107 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-634217685-3676121620-3412417090-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Firefox 56.0 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0 (x64 en-US)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
NoteBurner M4V Converter 4.0.2 (HKLM-x32\...\NoteBurner M4V Converter_is1) (Version: - NoteBurner Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Peggle Nights (HKLM-x32\...\WTA-b8cce2f1-44d8-43e4-a1cd-08dd51375bc1) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-98f57e61-1788-4aad-8a81-305491c5a4cf) (Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden
Product Improvement Study for HP DeskJet 2600 series (HKLM\...\{DF44980B-A87A-4945-937A-4812C29F4F32}) (Version: 43.2.2474.17192 - HP Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
RogueKiller version 12.11.16.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.16.0 - Adlice Software)
Shop-N-Spree: Family Fortune (HKLM-x32\...\BFG-Shop-N-Spree Family Fortune) (Version: - )
Soluto (HKLM\...\{AD78441D-E016-4119-A0AE-9ECB763B6A3D}) (Version: 1.3.1500.2 - Soluto)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1158 - SUPERAntiSpyware.com)
Tapestry of Grace Year 2 Digital Edition (HKLM-x32\...\Tapestry of Grace Year 2 Digital Edition) (Version: 2016.0325 - Lampstand Press)
Tapestry Year 3 (HKLM-x32\...\Tapestry Year 3) (Version: 2016.0325 - Lampstand Press)
Tapestry Year 4 (HKLM-x32\...\Tapestry Year 4) (Version: 2016.0328 - Lampstand Press)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-59102d9c-31c7-4943-bf3b-0e338ee507d7) (Version: 3.0.2.32 - WildTangent) Hidden
TranscriptPro for Umbrella Schools (C:\Program Files (x86)\TranscriptPro Umbrella\) #10 (HKLM-x32\...\ST6UNST #10) (Version: - )
TranscriptPro for Umbrella Schools (C:\Program Files (x86)\TranscriptPro Umbrella\) #11 (HKLM-x32\...\ST6UNST #11) (Version: - )
TranscriptPro for Umbrella Schools (C:\Program Files (x86)\TranscriptPro Umbrella\) #12 (HKLM-x32\...\ST6UNST #12) (Version: - )
TranscriptPro for Umbrella Schools (C:\Program Files (x86)\TranscriptPro Umbrella\) #3 (HKLM-x32\...\ST6UNST #3) (Version: - )
TranscriptPro for Umbrella Schools (C:\Program Files (x86)\TranscriptPro Umbrella\) #4 (HKLM-x32\...\ST6UNST #4) (Version: - )
TranscriptPro for Umbrella Schools (C:\Program Files (x86)\TranscriptPro Umbrella\) #5 (HKLM-x32\...\ST6UNST #5) (Version: - )
TranscriptPro for Umbrella Schools (C:\Program Files (x86)\TranscriptPro Umbrella\) #6 (HKLM-x32\...\ST6UNST #6) (Version: - )
TranscriptPro for Umbrella Schools (C:\Program Files (x86)\TranscriptPro Umbrella\) #7 (HKLM-x32\...\ST6UNST #7) (Version: - )
TranscriptPro for Umbrella Schools (C:\Program Files (x86)\TranscriptPro Umbrella\) #8 (HKLM-x32\...\ST6UNST #8) (Version: - )
TranscriptPro for Umbrella Schools (C:\Program Files (x86)\TranscriptPro Umbrella\) #9 (HKLM-x32\...\ST6UNST #9) (Version: - )
TranscriptPro for Umbrella Schools (C:\Program Files (x86)\TranscriptPro Umbrella\) (HKLM-x32\...\ST6UNST #2) (Version: - )
TranscriptPro for Umbrella Schools (HKLM-x32\...\ST6UNST #1) (Version: - )
Trinklit Supreme (HKLM-x32\...\WTA-021203c5-41b1-47d6-8e5e-24191ded62f1) (Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-634217685-3676121620-3412417090-1001\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.10.20 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-08] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-08] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-08] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-08] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-08] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-08] (Acer Incorporated)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-05-09] (Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-30] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-09-30] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {031368AD-69FA-42F5-9836-00FC1C7A6873} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {036CC33F-9545-4394-9159-58C1BDED1546} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-09-20] (Acer Incorporated)
Task: {08FB1CFF-406B-4377-9C10-0364DEFA1615} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {0EE31A40-E7F5-4430-9CF1-4F70BF3FFC88} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-18] (Acer Incorporated)
Task: {16E0EE90-DC55-4921-99FD-69262DB1C64A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {1BA8203E-D888-4C65-87EC-ECDC370FE4C7} - System32\Tasks\Prelauncher => C:\Program Files (x86)\Acer\Screen Grasp\InputTask.exe [2013-12-19] (Acer Incorporated)
Task: {1C73E622-8FD6-4270-B5CF-4102D8871ADF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {1CEFCF95-37A5-4291-9AC6-4E6FCCF21D9C} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2016-08-15] ()
Task: {1FD632AE-52AF-4024-B8A6-3BF3BC89FD46} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-21] (Acer Incorporate)
Task: {267662B5-1367-4E02-9FC6-99CD0B27701E} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: <Company name>)
Task: {2E83424C-07B1-4CCF-A360-627134EE6F72} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3546FB58-3758-4717-9B11-3E15CF872BA5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-21] (Microsoft Corporation)
Task: {4955BA3B-31C1-4FA7-9997-275944993DBB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-04] (Microsoft Corporation)
Task: {555A5627-076E-40FC-8957-D0FECA9D6473} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-10-10] (Microsoft Corporation)
Task: {56F5CB9E-9FFD-4AC7-9CC5-52A809E8A239} - System32\Tasks\Screen Grasp GestureDetection => C:\Program Files (x86)\Acer\Screen Grasp\GestureDetection.exe [2013-12-19] (Acer Incorporated)
Task: {575997F7-92DC-4DF0-B93A-8B443BA4BA4C} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {5B55EC7D-99CD-4686-9AE2-8A11BFBDD114} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-10-13] (Microsoft Corporation)
Task: {5C73D677-93C1-4193-AEC4-C4A920B0BB9B} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {65CB0CBC-62D9-46E8-AC63-0E1828D6EE45} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate)
Task: {6940B4D4-539C-4B45-A9EE-54B4DA9C94B9} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-21] (Microsoft Corporation)
Task: {7DB3C51D-D6F0-4E26-8ECF-96AA4CCC4620} - System32\Tasks\prelauncher_First => C:\Program Files (x86)\Acer\Screen Grasp\InputTask.exe [2013-12-19] (Acer Incorporated)
Task: {82327D8E-CE75-415E-82FC-6E8D6690898E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-10] (Adobe Systems Incorporated)
Task: {873C2673-DD8E-4D98-B35B-666860AC3DBB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-04] (Microsoft Corporation)
Task: {901FCF86-3E7D-4399-97B7-EB623EE975A6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-24] ()
Task: {9062A850-12C3-4B78-A7DB-D427C0C60BF2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-21] (Microsoft Corporation)
Task: {9876CF94-3A85-4133-AD1A-8B3CF2130063} - System32\Tasks\Launch Screen Grasp_First => C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe [2013-12-19] (Acer Incorporated)
Task: {9EA36F30-FFFE-41AC-B3AB-EB24FE697E7E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-07-21] (Microsoft)
Task: {C7C30F43-94AF-4101-BA90-E6E7A4A132F4} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-21] (Acer Incorporate)
Task: {D8E0E458-1F44-4E78-B1BF-AFF9AEB4786F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {D95000B4-AC3D-4280-B057-F26E5B42EBB0} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {D980A4CB-AA1C-4A00-BD09-85C5066B5BB0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-21] (Microsoft Corporation)
Task: {DAAAE835-B13C-4304-BE13-D2D213E6E54E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-24] ()
Task: {DFC1478C-747E-4EAD-94AB-66815E81BAA2} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-20] (Acer)
Task: {FD0BEFC6-75CB-42A7-A518-5276268AFD67} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [2017-07-11] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-10-13 14:41 - 2013-02-02 20:55 - 000500224 _____ () C:\Program Files (x86)\DoroPDFWriter\Doro.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-09-21 08:04 - 2017-10-09 15:27 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2014-07-31 04:27 - 2012-04-24 04:43 - 000254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-18 14:58 - 2017-03-18 14:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-09-30 21:39 - 2015-11-29 22:32 - 000415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-10-11 21:30 - 2017-10-11 21:30 - 000161280 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PCGAppContr9a4addef#\4939919e65272bfb4afa76e3f67acdbb\PCGAppControlPluginLoader.ni.exe
2017-08-28 23:34 - 2017-05-09 03:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-08-28 23:34 - 2017-05-09 03:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2016-08-15 15:24 - 2016-08-15 15:24 - 001769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2017-08-28 23:34 - 2017-05-09 03:04 - 000236856 _____ () C:\Program Files\iTunes\libxslt.dll
2013-12-18 17:02 - 2013-12-18 17:02 - 000124480 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2013-12-18 17:02 - 2013-12-18 17:02 - 000054848 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2017-10-11 21:29 - 2017-10-11 21:29 - 002863104 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PCGPreCompiled\d35ae1f0ad6b7c30639e6a4f4a2e88e8\PCGPreCompiled.ni.dll
2017-09-17 02:28 - 2017-09-17 02:29 - 003553704 ____N () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.30.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-05 22:02 - 2017-10-05 22:02 - 010634752 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.30.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-10-05 22:02 - 2017-10-05 22:02 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.30.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-08-26 20:39 - 2017-08-26 20:41 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-26 20:39 - 2017-08-26 20:41 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2014-03-05 15:44 - 2014-12-30 22:58 - 000274208 _____ () C:\Program Files (x86)\bfgclient\bfggameservices.exe
2017-09-27 16:41 - 2017-09-27 16:42 - 026118656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-09-27 16:41 - 2017-09-27 16:42 - 009162240 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-27 16:41 - 2017-09-27 16:42 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-09-27 16:41 - 2017-09-27 16:42 - 011470848 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\EntPlat.dll
2016-10-24 09:24 - 2017-09-24 09:46 - 008929480 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2014-07-31 04:34 - 2014-01-03 15:13 - 000111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2017-03-18 14:59 - 2017-03-18 20:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-07-31 04:02 - 2013-10-01 03:09 - 000078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-07-31 04:06 - 2013-12-09 17:27 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-07-13 20:51 - 2017-07-13 20:51 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-09 10:51 - 2016-09-09 10:51 - 000202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-09-09 10:51 - 2016-09-09 10:51 - 000119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-08-15 18:05 - 2016-08-15 18:05 - 000654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 18:05 - 2016-08-15 18:05 - 000641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 18:03 - 2016-08-15 18:03 - 000202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 18:04 - 2016-08-15 18:04 - 000119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2017-09-30 19:48 - 2017-09-30 19:48 - 000015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-30 15:09 - 2016-08-30 15:09 - 000013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-30 15:05 - 2016-08-30 15:05 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-03-05 15:44 - 2014-03-05 15:44 - 001568032 _____ () C:\Program Files (x86)\bfgclient\bfgcommon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coin97ip.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coin99ip.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dfp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DfpCommon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msvcp120.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ac3filter.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iconv.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvid.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\point64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:7A2101AB [460]
AlternateDataStreams: C:\ProgramData\Temp:BAC2F271 [229]
AlternateDataStreams: C:\ProgramData\Temp

DEB08FD [194]
AlternateDataStreams: C:\Users\songe_000\Downloads\almedia-converter_full351.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\songe_000\Downloads\MaxUninstaller_Setup (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\songe_000\Downloads\MaxUninstaller_Setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\songe_000\Downloads\mbam-setup-2.0.4.1028.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\songe_000\Downloads\mbar-1.08.3.1004.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\songe_000\Downloads\noteburner-m4v-converter-plus.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\songe_000\Downloads\noteburner-m4v-converter.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\songe_000\Downloads\RS TEXAS Rsources.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\songe_000\Downloads\setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\songe_000\Downloads\Setup.X86.en-US_O365HomePremRetail_0c7d5447-a8b2-4030-b6eb-1526a3c73fb2_TX_PR_.exe:$CmdTcID [64]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-634217685-3676121620-3412417090-1001\...\sharepoint.com -> hxxps://studentcccsedu-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2013-08-22 07:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-634217685-3676121620-3412417090-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\songe_000\Pictures\desktop wallpaper\spring-flowers-growing-1366x768-13141629.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

mom26gr8kids · May 7, 2018

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CA5D0454-E33B-401E-93B1-2908B7D9E124}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E994CFD9-4634-47BD-A433-D7E340E7BB59}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{63553247-6B61-4F5D-AFCB-CE118BCC96C0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{44023B75-3E26-4795-BA47-332093B16390}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3EC34031-330B-4E42-9265-8C2147BB6037}] => (Allow) LPort=5357
FirewallRules: [{7B717414-CF85-4EC0-B519-66029E572F76}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\DeviceSetup.exe
FirewallRules: [{451DA80B-E915-476C-830D-56E30921C43D}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\bin\DigitalWizards.exe
FirewallRules: [{26D6BF27-AF8D-4333-B9B4-B8738DDE8340}] => (Allow) C:\Users\songe_000\AppData\Local\Temp\7zS66A8\HP.EasyStart.exe
FirewallRules: [{3C5A3D80-A288-440F-AB60-D5334547A2BA}] => (Allow) C:\Users\songe_000\AppData\Local\Temp\7zS5B6B\HP.EasyStart.exe
FirewallRules: [{35E260E3-96CC-4439-80B7-0B0B46F1AFF4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{35B83626-70B2-411E-8DCD-04A7B6921CA2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{B63B0D33-97C9-402C-9395-8BA9EBB66E26}C:\users\songe_000\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\songe_000\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [TCP Query User{0B520AD6-4A9C-4619-B0A6-AECFD6CE652E}C:\users\songe_000\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\songe_000\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{832D7CE9-F140-4072-8A22-5517DAC1C879}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [TCP Query User{5A1F0B58-0956-4365-8ABA-97AEF8041598}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [{D969EFD3-1DA9-4081-B160-E4EE6F6D9B16}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F726D270-20BF-4F90-A84B-87299766F45C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5988247A-E212-4CA2-A798-E72008A3661F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2AD03CDC-6E28-4FC5-AA47-DEF3236D1BF1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FD620598-A759-44CA-9F40-3840505D211F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FD83F711-2701-4CA0-80D7-96FF5464703B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{B2CCB2C9-DAF0-4B4B-A71D-B8A362388FF7}C:\users\songe_000\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\songe_000\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{FCAF4C16-D0DA-4F62-B702-7C460D5FE5CC}C:\users\songe_000\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\songe_000\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A2B33C06-38FB-4CAE-840E-20986BD50D95}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{302E624F-1143-4E7F-9EB5-AB3ABA4788D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{EF253CD6-7D3E-4BFA-AEE1-7809108E9827}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EF7E8372-6421-4F28-9BF8-4846F7D4ACBC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{16695FC9-695C-43E3-90AD-8634B496298C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{108F4A87-3C16-4038-80FB-69A54E83F113}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F9A050DB-DC5C-475F-8A1F-BE4A9F0A2CCA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1BACC9CB-EF38-47D7-B0B8-8E14E4D5C752}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C2925A1C-1A29-49CB-8809-DA8BAAC86911}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D57E921A-2B52-4030-873A-ED24230B865C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{050B935D-809B-4699-87B2-C2522F3BE30E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4C0CEC6D-A1C1-4793-B02B-71549A0D12DA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1A4C59F0-9084-4B6E-BD77-C7ED087523B9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C1082CBF-EEED-42D7-B1BF-AC353933445F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{893EC21B-B9C3-43B4-9F6F-BB9AC9D30E17}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{AD96EC36-0882-4125-8E38-86BA094E515D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{22BF4FE2-81AB-44F7-83B1-A4298744F4DC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{79E280B7-CC71-4947-B446-A56CF06FF8B6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{11BAD5E6-E6DD-462B-83E9-07787B02D14D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{60027485-8FB9-453D-ADD5-50165E3FB923}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{834784A6-B596-4244-A361-92BF06F7F38E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{ABC073FC-B542-4D13-B674-C3BD30616FEF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F0A48ABC-ABC8-4A8C-99A3-72E673F17979}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1BA4D898-8827-4D69-A194-2D34845A922D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0046F486-9951-45ED-AEB5-922FDA7EBC97}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B653A0BE-8BE3-4045-A586-0D322D749C06}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D87CA709-90E4-48BF-9F19-B220C41E2014}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C6B1CE5F-0453-4F16-B4B7-BC8689D26F72}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B69D2AA8-482F-4F43-90BF-298A5C6FB808}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{06F41FA4-6B70-4D01-9E36-7C35D035D955}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{5717E7B9-B007-4D32-8AD8-1E2E19BFD452}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{1FC0E619-31F8-428F-AD1A-930CC31C717F}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{0A5D90D3-4F76-481B-81BE-3A291F5B0B4B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{52B38A9A-D8E1-46FD-A5C1-2DED45F967ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{7C18D753-D319-40DB-88DF-FC30211EFE99}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{8C9111E4-07A7-4DAF-9098-BE8D8531E712}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [UDP Query User{8F81D309-ED55-470A-9D8C-465E9F3DD7C1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{970CE1B8-1AD2-461B-AF8E-C33665CBEEE5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{1A72FBB1-2786-417C-B83E-37F759C34E73}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{502BD199-955F-40B5-B834-8751A00D075E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{50C116BE-F057-435A-AB21-2AAAA556FD90}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{00812894-7509-42B8-80BA-90B1A5436DB4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B2D43925-0DB1-4E26-BA48-4FA49613FEC6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{42EFD9D8-A1F5-4E06-BF93-EDD086F877BF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{202E60DA-C480-48FA-8BEE-9D749454ADFA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A21E2346-4210-4911-A270-F994A7970F37}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{83F4D3FF-0047-4F0E-95F6-7F059EBF6C23}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F90A2635-C6AE-4489-86E2-A6CEEC3EB240}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{0A490A81-03F1-429D-BFAE-F890253976EB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{E86F153E-1082-4DF0-A826-22F276BA7A61}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{D58E4BCB-4548-4680-BD8B-511FC992C02E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{5689A824-1CDF-4C15-A3DD-E844711E7A04}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{FFC80977-D188-4634-9A80-E942AFA506BF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C8B6E443-CE15-4E1B-A9BB-FBE5A40CA136}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0383FCA1-B573-4107-81E6-C5289D3B30B8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4EF4DADA-E14F-4EE5-905B-AAD1F2E946BE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{40C74F0B-5914-4B66-B921-060B7B04F9DD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B8011E13-D5D2-4555-8605-4B1478491DB1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B59ECFBB-80F4-42E6-B9DF-E44F03F2A553}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2519A1DF-B16D-4C73-BC42-254711584A0E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{AB86E766-0963-44A5-8C40-26722B898A2A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{70ED23CC-346C-4872-AEF6-379805B432EC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4A00C396-E7AA-4FAD-A457-08B98729E84F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D704FC1F-E959-4AA0-8E68-4026A5E9CBC2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0C13D7C8-AF0F-4385-AA5D-BD2CA1E2FA91}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{7507D646-3A42-48AC-9AFF-82492AAD5A86}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{F4C2A124-642A-4F35-8FBF-A47FC3A87F11}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{F8993880-EC36-42EF-9B25-80ADAD21190D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{B31AB466-2234-4560-B053-C049F02D302C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C8098A4A-FD4B-4EA1-85EA-A2F49F0CA64A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{678003C3-8AF4-4AB3-B4FC-93EBC73AE2C2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{31741EF3-A886-45A4-B92A-4CF5E85C1670}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{DFCEACDA-092A-4A55-9942-549F974C3D65}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{138FFF1D-F20C-4F6A-86D9-1307290C51AD}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
FirewallRules: [{98B2DFB3-C03F-4223-BE51-B86487471B09}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
FirewallRules: [{1B6E200F-3865-4F73-BBD8-DEC53F29D2E3}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
FirewallRules: [{F056919F-1BA2-40C4-A168-9935E4BB2796}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
FirewallRules: [{9C81E31D-1FB0-4BB3-9824-BD5F22CC185D}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
FirewallRules: [{43A9D858-8EB2-4D2C-B546-D9A8C65688BC}] => (Allow) C:\Users\songe_000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [UDP Query User{F3EBBBFF-1560-466C-991B-B6B05B6CDD37}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{5C24F2A6-8FB8-4736-A723-D9091A00F642}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{01E8A7C1-B69E-4D61-B528-95F1933452BF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2AC5E4CE-DF7B-48F4-AB50-B0E882C3BD2D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3ED60866-5EE2-4382-A788-2648A03216E7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9AA4F94A-35B8-46DA-8F3C-D4D3CA2B97E6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{24DD4180-2FF4-4489-BECC-A0B75990A875}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{814D7CDE-92D7-45B9-8016-26E503FEB4F2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{EC87B11F-1667-4B5F-BA70-4048A7E23BF8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1624C5C2-8284-447E-8853-6712189171CC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BAF9A487-642E-4D99-A217-EF9A8052C634}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{1B3683A4-B449-4D6C-9252-72E7DA494F9E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{99C2F080-43BB-4DF9-81E5-219381284ACE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{1343D175-4BF6-4E90-90AB-E56BA1F2311C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{646F6972-AA14-4723-8192-E52D82C4F992}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{D3C689FC-2F31-43D7-BC1D-23548AC10842}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{1ABA8D1C-3966-42E8-9FD7-438F94A46FA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{D9ADAFBA-88C9-4225-BE10-12F894082EFA}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [UDP Query User{D5F409BF-8A9F-47D0-802D-116B76665B69}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{5B522B84-DF1F-4CE2-B113-8C1F69F32FE5}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{2BB3DBE6-91AB-46E8-AF0C-BF4A7B0CA04B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{318CECFA-D32D-48AB-8A81-CE985D8CE539}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{42D6CA32-D9D2-41D9-B7CE-4F2FC9D9A83C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A5F43AA4-DD7B-429A-9C28-5A4193D66627}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6F633001-09A5-4859-8FA0-D6D5803D4DA5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6ED28BD2-A969-4B35-8E12-BB80B9605C17}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B049E71A-59E5-42B7-AD7D-2F1F556BD488}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4E897D40-E6AC-4B6E-BA94-1DAE00C4E192}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C03B7854-7BAD-486C-A091-8C8C8997D418}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{AAC31940-E5C7-468A-9E3F-65F4F9845731}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DAB56AD2-B2EA-4BFB-8CCB-217F67022528}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{862EF299-342E-4255-98EC-89B02044CF19}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{0797C174-7686-488C-A944-2D4C77F4FC79}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{292AC2E5-5F18-4EAD-AC73-EC05D8D2695C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{487A07D8-3374-4DFD-AC5B-753AF1596829}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{F64A059C-30FF-41AD-A425-189CE24C68F4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{087C7601-8720-45BD-8447-AD5254C91DAC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{5B16D34A-BDE4-4761-B960-83F3A988E93E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{F1DD69A2-519A-4BB1-9F12-F578B2F4AA42}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C6A1C400-85F1-4DC5-A059-AE2F3DF325DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{88E207CF-08D8-4A64-8C9A-0D51CF4F3333}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1F685178-EA4D-4AA3-BBF8-C4C8E20932B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8AAED861-7B16-459D-8ED6-13A33C8600CF}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{83B83E5C-AAB5-4A6C-97F9-5164F9ED193C}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{CBCD7F61-1B35-46F6-97EA-815F9F82BA58}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{D9555367-7BFA-4AA6-982F-8B42357225FD}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{1D67F0DF-34D4-447D-9440-263584BA3932}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{69446298-6357-443B-8251-DCABB696B4AB}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{A8573D83-3F62-4B63-8F72-25BC95DE1FE3}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{CA212984-C696-49A8-AE50-B087954C39EE}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{D47B7414-60D1-4252-931D-6DE0E3B83698}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{8B489C99-EFED-4EA5-A3E4-669318A95753}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{B2CB0BF9-8ABF-4098-896C-D1D77F1FB73A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{CBE73F58-AB6C-4FF7-A5AA-CB1EE0114910}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{A8CC1775-D679-4C99-85EA-324560AA6292}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{81AD1F53-D770-4C1D-BA7A-4F2DCBA344FA}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{C243A41F-FBA1-4674-84FE-ECFDD2CBA840}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{0861019B-875B-4A10-9D3B-213164B67BA9}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{4BF74386-68AA-4104-ABA6-8F7D80142BB0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{53C87CE3-47A8-4F93-B0BD-520F1A21B2B1}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{3DD3649E-E7D5-4AED-9E4A-6833D37AFBD6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{057DC14D-EFDB-4A07-A145-AA644A742B2D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{E0F07D32-362A-42ED-97E1-2A1D3865FFDD}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{79E8EE5B-0B90-4ED6-B332-9F3DFF41F7AF}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{AB0F8975-BA91-45AA-8389-E538AF6033F3}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{CEFCBC5D-294D-48FD-B250-9584842DE192}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{34912F3A-F2D0-4438-9420-CC762555A183}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{5B845775-762B-40A0-BB1D-F61FDF22BB8A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C0A50D40-4FBC-4225-A75A-0F9FD9A3A385}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{8583C492-5FAC-4950-B27D-85673B8A59F1}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{622F8DA1-E917-4525-82F4-95CE89573A91}] => (Allow) C:\Program Files\Soluto\SolutoService.exe
FirewallRules: [{0F557B47-74C5-41DD-A6DF-EC7019C28C0A}] => (Allow) C:\Program Files\Soluto\SolutoUpdateService.exe
FirewallRules: [{F06DBE26-DCDC-43DB-923B-84922C3D7501}] => (Allow) C:\Program Files\Soluto\SolutoConsole.exe
FirewallRules: [{A86C510D-1FBE-4A07-B7D3-6688972260BF}] => (Allow) C:\Program Files\Soluto\SolutoCleanup.exe
FirewallRules: [{27BC92BA-C0DF-4F0A-B402-803DE4B8C650}] => (Allow) C:\Program Files\Soluto\Soluto.exe
FirewallRules: [{0CDEF45C-EBCE-40DD-A906-4D8A19357239}] => (Allow) C:\Program Files\Soluto\SolutoRemoteDirect.exe
FirewallRules: [{83EAA9C5-13AE-4379-8A7A-1A451DE149F1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{AF759300-2CFA-4E92-AD98-B0387D63750E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{C4246184-B078-4136-AEC0-71242368BFE7}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{A444437B-4F85-4F41-82F0-BC52DFE26483}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{6205C4D2-344D-4018-91EC-FAF3F248C18A}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{DEB2B719-34B1-4048-978D-DAD7C684F6CF}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{3AB8CC6A-C717-46B7-B02F-04EC2D30F3D0}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{C126C04E-B406-446D-AE77-BB740DBCD0E0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C2DF89AD-13A8-46C2-B844-4DCD20ADFA9F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{ABA8D62E-80BA-4575-B8C1-5EE854EEE873}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{11BFEBD7-9DE0-4224-B213-631A3ACCDE70}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D1A9301C-E3E4-434A-8082-E052D833D6D7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{57AE1212-BECB-49B5-9031-5B746C6A1619}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{2024B434-269F-4F96-8A9E-BC29D2116955}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{00236EC4-B65A-40A4-A24F-F3E873934C15}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe

==================== Restore Points =========================

18-04-2018 12:31:57 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/05/2018 04:48:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10815750

Error: (05/05/2018 04:48:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10815750

Error: (05/05/2018 04:48:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/05/2018 04:47:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MOMSPC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/30/2018 03:31:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7208672

Error: (04/30/2018 03:31:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7208672

Error: (04/30/2018 03:31:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/29/2018 10:27:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MOMSPC)
Description: Package Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

System errors:
=============
Error: (05/06/2018 11:55:16 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/06/2018 11:55:13 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/06/2018 11:55:09 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/06/2018 11:55:06 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/06/2018 11:55:02 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/06/2018 11:49:54 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/06/2018 11:48:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Error: (05/06/2018 11:47:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Windows Defender:
===================================
Date: 2018-05-05 13:24:42.113
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A58AEAFE-CA25-4D6F-B5CE-3F007ECD4E1A}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-04-18 11:46:26.619
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7F1376C5-B71A-469F-AAA3-1EF0F7205F41}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-11-10 11:13:48.838
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {2C0989B4-3E5A-41A3-89EE-618B35F0CFB4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-05-06 23:57:21.173
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.253.723.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14202.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-05-06 23:57:21.172
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 118.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.14202.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-05-06 23:57:20.983
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.253.723.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14202.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-05-06 23:57:20.982
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.253.723.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14202.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-05-06 23:57:20.981
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.253.723.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14202.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===================================

Date: 2017-10-13 13:44:16.268
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-13 13:44:16.266
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-13 13:34:15.895
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-13 13:34:14.403
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-13 13:30:41.815
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-13 13:23:00.365
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-13 13:23:00.357
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-13 13:21:46.749
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 68%
Total physical RAM: 4019.27 MB
Available physical RAM: 1253.34 MB
Total Virtual: 7576.3 MB
Available Virtual: 1742.64 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.4 GB) (Free:264.81 GB) NTFS
Drive d: (FLASH DISK) (Fixed) (Total:0.06 GB) (Free:0 GB) FAT32

\\?\Volume{1483fa63-b499-4f04-91d9-17de2e092b5f}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.31 GB) NTFS
\\?\Volume{14660226-7418-4167-837e-ad728e5d13ca}\ (Push Button Reset) (Fixed) (Total:16.36 GB) (Free:1.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CEE1CD6E)

Partition: GPT.

========================================================
Disk: 1 (Size: 62.5 MB) (Disk ID: BE085346)
Partition 1: (Active) - (Size=62 MB) - (Type=0B)

==================== End of Addition.txt ============================

mom26gr8kids · May 7, 2018

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.05.2018
Ran by songe_000 (administrator) on MOMSPC (06-05-2018 23:51:19)
Running from D:\
Loaded Profiles: songe_000 (Available Profiles: songe_000)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\songe_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Amazon Services LLC) C:\Users\songe_000\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(CompSoft) C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Screen Grasp\GestureDetection.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.30.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\bfgclient\bfggameservices.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2016-08-15] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-11-18] (Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-07] (COMODO)
HKLM-x32\...\Run: [DoroServer] => C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe [196608 2013-08-01] (CompSoft)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit,
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-634217685-3676121620-3412417090-1001\...\Run: [Spotify Web Helper] => C:\Users\songe_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-21] (Spotify Ltd)
HKU\S-1-5-21-634217685-3676121620-3412417090-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964064 2017-08-28] (SUPERAntiSpyware)
HKU\S-1-5-21-634217685-3676121620-3412417090-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-634217685-3676121620-3412417090-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-634217685-3676121620-3412417090-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-634217685-3676121620-3412417090-1001\...\Run: [Spotify] => C:\Users\songe_000\AppData\Roaming\Spotify\Spotify.exe [7153264 2016-12-21] (Spotify Ltd)
HKU\S-1-5-21-634217685-3676121620-3412417090-1001\...\Run: [Amazon Music] => C:\Users\songe_000\AppData\Local\Amazon Music\Amazon Music Helper.exe [3694056 2017-04-18] (Amazon Services LLC)
HKU\S-1-5-21-634217685-3676121620-3412417090-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [148992 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [391040 2017-03-18] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{38b4d2fa-70d2-409b-9b63-bf9c1c74bad1}: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{dee13008-c737-4ac5-9444-f2960207d42f}: [DhcpNameServer] 192.168.0.1 205.171.2.25

Internet Explorer:
==================
HKU\S-1-5-21-634217685-3676121620-3412417090-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-13] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-24] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-24] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-24] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-24] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-24] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\songe_000\AppData\Roaming\Mozilla\Firefox\Profiles\2lsg6gue.default [2017-10-04]
FF Extension: (Avira Browser Safety) - C:\Users\songe_000\AppData\Roaming\Mozilla\Firefox\Profiles\2lsg6gue.default\Extensions\abs@avira.com.xpi [2017-09-30]
FF Extension: (WOT) - C:\Users\songe_000\AppData\Roaming\Mozilla\Firefox\Profiles\2lsg6gue.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2017-10-04] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_159.dll [2017-10-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_159.dll [2017-10-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-634217685-3676121620-3412417090-1001: @citrixonline.com/appdetectorplugin -> C:\Users\songe_000\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-05-11] (Citrix Online)
FF Plugin HKU\S-1-5-21-634217685-3676121620-3412417090-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\songe_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-03] (Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\songe_000\AppData\Local\Google\Chrome\User Data\Default [2018-03-27]
CHR Extension: (Slides) - C:\Users\songe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\songe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\songe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\songe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-07-11]
CHR Extension: (YouTube) - C:\Users\songe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\songe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Sheets) - C:\Users\songe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\songe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\songe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Gmail) - C:\Users\songe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\songe_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-23] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-09-20] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2017-10-04] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-06-30] (Hewlett-Packard Company)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-11-29] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-07] (COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-21] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [221728 2013-12-18] (Soluto)
S3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1942016 2013-12-18] (GlavSoft LLC.) [File not signed]
R2 TouchToolsLaunchService; C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe [250624 2014-01-08] (Acer Incorporated)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cpuz136; C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [23856 2017-09-30] (CPUID)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-10-12] (Samsung Electronics Co., Ltd.)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-13] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
R1 MpKsl4188eeaa; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{51995503-B0F3-451A-8588-7333E08F3E37}\MpKsl4188eeaa.sys [58120 2017-11-26] (Microsoft Corporation)
R1 MpKslc91a6be5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{51995503-B0F3-451A-8588-7333E08F3E37}\MpKslc91a6be5.sys [58120 2017-10-13] (Microsoft Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [1735584 2017-03-18] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-24] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S1 cmderd; System32\DRIVERS\cmderd.sys [X]
S1 cmdGuard; system32\DRIVERS\cmdguard.sys [X]
S1 cmdhlp; \SystemRoot\system32\DRIVERS\cmdhlp.sys [X]
S1 inspect; \SystemRoot\system32\DRIVERS\inspect.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-06 23:49 - 2018-05-06 23:51 - 000000000 ____D C:\FRST
2018-05-06 23:48 - 2018-05-06 23:48 - 000001448 _____ C:\Users\songe_000\Documents\mbam.txt
2018-05-05 12:58 - 2018-05-05 12:58 - 000064444 _____ C:\Users\songe_000\Documents\MandyRoush.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-05 13:46 - 2014-07-31 04:24 - 000000000 ____D C:\ProgramData\Temp
2018-05-05 13:25 - 2017-02-28 23:38 - 000063541 _____ C:\Users\songe_000\Documents\SydneyWeese.pdf
2018-05-05 13:16 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-05-05 13:08 - 2017-03-18 15:01 - 000000000 ____D C:\WINDOWS\INF
2018-05-05 13:06 - 2016-11-18 22:55 - 000000000 ____D C:\Users\songe_000\AppData\Local\ElevatedDiagnostics
2018-05-04 12:56 - 2017-09-30 19:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-04-26 19:51 - 2017-02-08 12:02 - 000064907 _____ C:\Users\songe_000\Documents\CaedenObrecht.pdf
2018-04-18 13:07 - 2016-02-09 22:06 - 000064660 _____ C:\Users\songe_000\Documents\DoranLee.pdf

==================== Files in the root of some directories =======

2017-10-13 13:44 - 2017-08-28 22:56 - 000365248 _____ (COMODO) C:\ProgramData\cmdres.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-05 13:23

==================== End of FRST.txt ============================

Broni · May 7, 2018

I don't see anything malicious, so your issue is not caused by any infection.
In your Event Viewer I see quite a few of these:

Error: (05/06/2018 11:55:16 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

You may have hard drive issue.

In any case since this is not malware related I suggest new topic in Window forum.

Inactive Possible virus on computer that won't connect to the internet

mom26gr8kids

Posts: 574 +0

Broni

Posts: 56,041 +516

mom26gr8kids

Posts: 574 +0

mom26gr8kids

Posts: 574 +0

mom26gr8kids

Posts: 574 +0

Broni

Posts: 56,041 +516

Similar threads

Latest posts