Freerunner
Member
For some reason my laptop is running very slowly (use Win 8.1). All functions have slowed down, from opening Chrome and Word, to surfing. Not sure what happened. Below are the results of running the utilities:
# AdwCleaner v4.201 - Logfile created 21/09/2015 at 13:20:24
# Updated 08/04/2015 by Xplode
# Database : 2015-09-20.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Retired - SADIE
# Running from : C:\Users\Retired\Desktop\System Maintenance\adwcleaner_4.201.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v39.0 (x86 en-US)
-\\ Google Chrome v45.0.2454.93
*************************
AdwCleaner[R0].txt - [3233 bytes] - [11/05/2014 11:01:53]
AdwCleaner[R1].txt - [1859 bytes] - [13/07/2014 10:05:42]
AdwCleaner[R2].txt - [1510 bytes] - [01/09/2014 14:10:37]
AdwCleaner[R3].txt - [1299 bytes] - [01/09/2014 14:17:25]
AdwCleaner[R4].txt - [3390 bytes] - [12/01/2015 22:48:02]
AdwCleaner[R5].txt - [2472 bytes] - [26/01/2015 21:32:18]
AdwCleaner[R6].txt - [3567 bytes] - [16/04/2015 18:42:22]
AdwCleaner[R7].txt - [2523 bytes] - [18/09/2015 11:37:15]
AdwCleaner[R8].txt - [1125 bytes] - [21/09/2015 13:20:24]
AdwCleaner[S0].txt - [2919 bytes] - [11/05/2014 11:03:45]
AdwCleaner[S1].txt - [1902 bytes] - [13/07/2014 10:08:56]
AdwCleaner[S2].txt - [1486 bytes] - [01/09/2014 14:13:47]
AdwCleaner[S3].txt - [1361 bytes] - [01/09/2014 14:22:30]
AdwCleaner[S4].txt - [3473 bytes] - [12/01/2015 22:55:09]
AdwCleaner[S5].txt - [2559 bytes] - [26/01/2015 21:37:17]
AdwCleaner[S6].txt - [3667 bytes] - [16/04/2015 20:32:49]
AdwCleaner[S7].txt - [2605 bytes] - [18/09/2015 11:45:14]
########## EOF - C:\AdwCleaner\AdwCleaner[R8].txt - [1656 bytes] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 8.1 x64
Ran by Retired on Mon 09/21/2015 at 13:37:51.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Chrome
[C:\Users\Retired\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Retired\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Retired\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Retired\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 09/21/2015 at 14:03:43.50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 9/21/2015
Scan Time: 4:00 PM
Logfile: Malwarebytes.txt
Administrator: Yes
Version: 2.1.8.1057
Malware Database: v2015.09.21.07
Rootkit Database: v2015.09.18.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Retired
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 354777
Time Elapsed: 1 hr, 8 min, 24 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
OTL logfile created on: 9/21/2015 2:33:21 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Retired\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18036)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.89 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 65.27% Memory free
7.89 Gb Paging File | 6.54 Gb Available in Paging File | 82.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.69 Gb Total Space | 351.60 Gb Free Space | 78.36% Space Free | Partition Type: NTFS
Computer Name: SADIE | User Name: Retired | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Retired\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Foxit Software Inc.)
PRC - C:\Program Files\Microsoft Office 15\root\office15\msosync.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Acer\Acer Portal\ccd.exe (Acer Cloud Technology)
PRC - C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (TODO: <Company name>)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\AVAST Software\Avast\log.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AvastVBoxSvc) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe File not found
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (LMSvc) -- C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (Acer Incorporate)
SRV:64bit: - (RMSvc) -- C:\Program Files\Acer\Acer Quick Access\RMSvc.exe (Acer Incorporate)
SRV:64bit: - (QASvc) -- C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporate)
SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (ETDService) -- C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corp.)
SRV - (FoxitCloudUpdateService) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Foxit Software Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (CCDMonitorService) -- C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe (Acer Incorporated)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Windows (R) Win 7 DDK provider)
SRV - (GamesAppIntegrationService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (TODO: <Company name>)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (VBoxAswDrv) -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys File not found
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\Windows\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (RSBASTOR) -- C:\Windows\SysNative\drivers\RtsBaStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athwbx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeelamk) -- C:\Windows\SysNative\drivers\mfeelamk.sys (McAfee, Inc.)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (LMDriver) -- C:\Windows\SysNative\drivers\LMDriver.sys (Acer Incorporated)
DRV:64bit: - (RadioShim) -- C:\Windows\SysNative\drivers\RadioShim.sys (Acer Incorporated)
DRV:64bit: - (TXEIx64) -- C:\Windows\SysNative\drivers\TXEIx64.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL63a.SYS (Broadcom Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (DSI_SiUSBXp_3_1) -- C:\Windows\SysNative\drivers\DSI_SiUSBXp_3_1.sys (Silicon Laboratories)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{036614D3-EF21-4347-A6AB-227C3D85F3FD}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{036614D3-EF21-4347-A6AB-227C3D85F3FD}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Retired\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (Cisco)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin64: C:\Users\Retired\AppData\Local\DIRECTV Player\win64\npPlayerPlugin64.dll (Cisco)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Retired\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Retired\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (Cisco)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/09/18 06:38:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014/04/18 08:48:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Retired\AppData\Roaming\mozilla\Extensions
[2015/08/01 15:31:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/08/01 15:31:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [AcerCloud] C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe (Acer Incorporated)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Retired\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [HP ENVY 7640 series (NET)] C:\Program Files\HP\HP ENVY 7640 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKCU..\Run: [PCShowServer] C:\Users\Retired\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (Cisco)
O4 - HKCU..\Run: [QuickenScheduledUpdates] C:\Program Files (x86)\Quicken\bagent.exe (Intuit Inc.)
O4 - Startup: C:\Users\Retired\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook 2013.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 216.129.224.49 216.220.30.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B13BFB5-F43B-4E04-8EB8-EBE7881ED73D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D99D7549-9E18-45B6-8749-509FC82DC3E7}: DhcpNameServer = 216.129.224.49 216.220.30.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4c08d0ca-816f-11e4-8284-201a06dca4f0}\Shell - "" = AutoRun
O33 - MountPoints2\{4c08d0ca-816f-11e4-8284-201a06dca4f0}\Shell\AutoRun\command - "" = "D:\unlock.exe" autoplay=true
O33 - MountPoints2\{9de43185-e9bf-11e4-82b2-201a06dca4f0}\Shell - "" = AutoRun
O33 - MountPoints2\{9de43185-e9bf-11e4-82b2-201a06dca4f0}\Shell\AutoRun\command - "" = "D:\LaunchU3.exe" -a
O33 - MountPoints2\{b4a49c00-000c-11e5-82c5-201a06dca4f0}\Shell - "" = AutoRun
O33 - MountPoints2\{b4a49c00-000c-11e5-82c5-201a06dca4f0}\Shell\AutoRun\command - "" = "D:\LaunchU3.exe"
O33 - MountPoints2\{cfb0a190-9cc3-11e4-8296-201a06dca4f0}\Shell - "" = AutoRun
O33 - MountPoints2\{cfb0a190-9cc3-11e4-8296-201a06dca4f0}\Shell\AutoRun\command - "" = "E:\VZW_Software_upgrade_assistant.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015/09/21 14:31:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Retired\Desktop\OTL.exe
[2015/09/21 13:37:26 | 001,798,976 | ---- | C] (Malwarebytes) -- C:\Users\Retired\Desktop\JRT_NEW.exe
[2015/09/18 17:43:27 | 000,000,000 | ---D | C] -- C:\Users\Retired\Desktop\Sep 18 2015 Backup
[2015/09/18 06:38:54 | 000,378,880 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/09/18 06:38:46 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/08/22 19:51:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
========== Files - Modified Within 30 Days ==========
[2021/10/21 08:36:56 | 000,000,852 | ---- | M] () -- C:\Windows\SysNative\drivers\RTKHDRC.dat
[2021/10/04 02:34:42 | 000,000,712 | ---- | M] () -- C:\Windows\SysNative\drivers\RTMICEQ0.dat
[2015/09/21 14:49:38 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/09/21 14:31:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Retired\Desktop\OTL.exe
[2015/09/21 14:28:07 | 000,001,938 | ---- | M] () -- C:\Users\Retired\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
[2015/09/21 14:27:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/09/21 14:26:24 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/09/21 14:25:50 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/09/21 14:25:47 | 3338,108,928 | -HS- | M] () -- C:\hiberfil.sys
[2015/09/21 14:16:11 | 001,662,976 | ---- | M] () -- C:\Users\Retired\Desktop\AdwCleaner.exe
[2015/09/21 13:56:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/09/21 13:18:20 | 000,000,121 | ---- | M] () -- C:\Users\Retired\Desktop\-----------------please read before requesting malware removal help--------------.url
[2015/09/21 12:43:02 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1538860633-711943146-4208229341-1001UA.job
[2015/09/21 09:43:02 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1538860633-711943146-4208229341-1001Core.job
[2015/09/20 21:50:09 | 000,000,084 | ---- | M] () -- C:\Users\Retired\Desktop\Building Code for Steps - Home Guides - SF Gate.url
[2015/09/20 18:44:10 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/09/20 18:44:10 | 000,731,650 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/09/20 18:44:10 | 000,135,726 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/09/18 18:30:00 | 100,233,216 | ---- | M] () -- C:\Users\Retired\Desktop\QDATACPYCPY_20111118_20120408-2015-09-18.QDF-backup
[2015/09/18 10:19:57 | 000,113,880 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/09/18 06:38:52 | 000,448,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015/09/18 06:38:52 | 000,378,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/09/18 06:38:52 | 000,274,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015/09/18 06:38:52 | 000,153,744 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015/09/18 06:38:52 | 000,090,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015/09/18 06:38:52 | 000,065,224 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015/09/18 06:38:52 | 000,028,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015/09/18 06:38:51 | 000,093,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015/09/18 06:38:46 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/09/18 06:38:36 | 001,049,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015/09/15 14:03:54 | 001,798,976 | ---- | M] (Malwarebytes) -- C:\Users\Retired\Desktop\JRT_NEW.exe
[2015/09/10 06:29:55 | 000,481,880 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2015/09/21 14:16:08 | 001,662,976 | ---- | C] () -- C:\Users\Retired\Desktop\AdwCleaner.exe
[2015/09/21 13:18:20 | 000,000,121 | ---- | C] () -- C:\Users\Retired\Desktop\-----------------please read before requesting malware removal help--------------.url
[2015/09/20 21:50:09 | 000,000,084 | ---- | C] () -- C:\Users\Retired\Desktop\Building Code for Steps - Home Guides - SF Gate.url
[2015/09/18 18:29:59 | 100,233,216 | ---- | C] () -- C:\Users\Retired\Desktop\QDATACPYCPY_20111118_20120408-2015-09-18.QDF-backup
[2015/09/11 08:16:48 | 010,622,190 | ---- | C] () -- C:\Users\Retired\Desktop\Heide.JPG
[2015/09/09 08:22:03 | 000,411,455 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2015/04/16 21:15:51 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-SADIE-Windows-8.1-(64-bit).dat
[2015/03/04 14:16:31 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2015/03/04 14:12:39 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2014/12/11 14:44:50 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/11/23 16:04:37 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2014/05/06 12:18:51 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/04/18 09:11:55 | 000,000,082 | ---- | C] () -- C:\Users\Retired\AppData\Roaming\WB.CFG
[2014/04/18 05:40:36 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2014/02/08 22:45:06 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/27 21:29:10 | 000,317,440 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2013/11/27 21:29:10 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/11/27 21:29:09 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
========== ZeroAccess Check ==========
[2014/02/08 23:11:15 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/05/07 12:50:50 | 022,292,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/05/07 11:53:12 | 019,734,960 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/28 20:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/28 19:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/28 20:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/04/18 06:10:44 | 000,000,000 | ---D | M] -- C:\Users\Retired\AppData\Roaming\acer
[2014/04/18 09:32:20 | 000,000,000 | ---D | M] -- C:\Users\Retired\AppData\Roaming\AVAST Software
[2015/07/15 19:48:28 | 000,000,000 | ---D | M] -- C:\Users\Retired\AppData\Roaming\Foxit Software
[2015/04/18 13:29:49 | 000,000,000 | ---D | M] -- C:\Users\Retired\AppData\Roaming\Octoshape
[2015/01/19 15:33:45 | 000,000,000 | ---D | M] -- C:\Users\Retired\AppData\Roaming\Samsung
[2015/03/26 21:12:09 | 000,000,000 | ---D | M] -- C:\Users\Retired\AppData\Roaming\TeraCopy
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 220 bytes -> C:\Users\Retired\OneDrive:ms-properties
< End of report >
OTL Extras logfile created on: 9/21/2015 2:33:21 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Retired\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18036)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.89 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 65.27% Memory free
7.89 Gb Paging File | 6.54 Gb Available in Paging File | 82.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.69 Gb Total Space | 351.60 Gb Free Space | 78.36% Space Free | Partition Type: NTFS
Computer Name: SADIE | User Name: Retired | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\PROGRA~2\MICROS~1\OFFICE11\WORDVIEW.EXE" /n /dde
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Windows\SysWow64\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\PROGRA~2\MICROS~1\OFFICE11\WORDVIEW.EXE" /n /dde
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Windows\SysWow64\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D2B5FB-7E15-4C74-ADFF-BED1BBD7DD25}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{13F6865D-B4A2-4E0F-B5BF-245B1095C102}" = rport=445 | protocol=6 | dir=out | app=system |
"{14D19579-F9E4-4EFE-8D41-3F977F665A35}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{35B78E18-FF51-4A57-8073-7E72A043DC95}" = rport=138 | protocol=17 | dir=out | app=system |
"{36A595CA-9906-472A-B3F1-7510F6DBB266}" = rport=139 | protocol=6 | dir=out | app=system |
"{41B82908-E969-453B-86D2-E012F9FF8D41}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{50AA85DC-D18E-4F44-ACEB-6B95EDB9B31F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5205E68E-F08B-40D7-AC40-930D10C42668}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{58F06D40-F3D5-4F67-AF71-25F58B539DEF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5BC5DE27-2537-41D6-A341-634472B3E499}" = lport=5357 | protocol=6 | dir=in | name=ws-eventing tcp port 5357 |
"{6B8E5221-AC69-413B-A4A5-7670929ADDB5}" = lport=138 | protocol=17 | dir=in | app=system |
"{71B10768-CB79-454D-9A75-3946B0B6CBAB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{78DBE35E-B283-4ED6-B8B0-FA5B61744E1E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{86B0DA16-646D-4EE5-9B2A-C45925AE8B36}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{876CAD62-3263-4CD6-B68F-B5700896CC33}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90383611-6A45-45B2-A7CD-7A40D0BB839B}" = lport=139 | protocol=6 | dir=in | app=system |
"{921978D8-5C57-417B-B53F-F9E16B1BD75E}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{AD87A118-7885-4A89-8B44-5C6285C08B22}" = lport=445 | protocol=6 | dir=in | app=system |
"{B0E84760-34C8-4086-9290-E9C647ECC051}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B6D9CB8D-5635-4803-86A5-E239188E1F67}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{C52DB2A3-7C38-4CCD-852C-2A7ECCB2D4A5}" = lport=137 | protocol=17 | dir=in | app=system |
"{C7645DBA-B653-4238-AF4E-254F122C8FE1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{D0CD6903-B920-4E53-9663-611D0A3025A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D1AA0ECF-7752-46A8-8943-DD8D6904F74A}" = rport=137 | protocol=17 | dir=out | app=system |
"{D3A007FA-E42E-40A8-90E3-113400971D4A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F806AEC3-6E81-462D-A919-C2D6AF3832FB}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00824CB0-4001-4323-AFDD-56A4094A49B4}" = dir=out | name=@{microsoft.bingsports_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{012B0F12-D532-43EE-948F-6679AAE23D3F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{01E9A973-9DC4-4AF7-B842-03D3CFFC8BDF}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{02677430-6377-4ED2-87E7-9931C1DC9015}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media_\windowsupnpmv.exe |
"{035A62EA-35F4-4396-A672-B4BCCA106FDE}" = dir=in | app=c:\program files\hp\hp envy 7640 series\bin\faxapplications.exe |
"{03B68EBD-3B49-47CA-8294-7C54CB0E41E8}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\virtualdrive.exe |
"{04511FFA-78A0-4745-A7BF-850A239181DE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo_\dmcdaemon.exe |
"{048679F4-CBB4-4E0A-98F1-ACACFB4A0A23}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\sendafax.exe |
"{0629F55F-5BEE-4802-B97A-40292DB59841}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\digitalwizards.exe |
"{08752719-B9E1-472B-9B25-E0AA469A8CB5}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{08AF3D13-7B14-456F-9AB6-A89FAE191689}" = dir=out | name=@{microsoft.bingweather_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{09DBD671-C94D-40B2-B1A5-AA5DF1CEFAA4}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{0B4BF4D1-CBAB-47C2-97D4-FCFAB9852C0E}" = dir=in | name=acer explorer |
"{0C56FE8D-2D4C-4EC8-9F1D-B6805408CC88}" = dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{0FCD29F5-A3A4-491C-B73B-D2B36F2A7AA5}" = dir=out | name=@{magix.musicmakerjam_2.3.1044.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{1014480C-D71C-4423-9E1A-9F7BCA749AFD}" = dir=out | name=netflix |
"{10DD8C43-BC62-43FD-AE9E-3F844BB019C6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{11AC57A2-E2B9-4AD0-B6E6-95AADAC7126D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{120BEF27-BAB5-4749-BE59-2BC0F91F6192}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{1334A969-8BCD-4EAF-BB5F-E8105B6E5F67}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media_\dmcdaemon.exe |
"{13C2AEA2-685B-4DB7-BF8B-C669A97CA6E0}" = dir=out | name=next issue magazines for acer |
"{13D4566C-ACEF-4A0F-8482-0553132D5DF6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{141E58DD-7892-46B6-8D57-BE632480BDCF}" = dir=out | name=kindle |
"{1788218E-FFB1-4A89-BCE9-CDEB7317FE8E}" = dir=in | name=@{magix.musicmakerjam_2.3.1044.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{19ABB354-76D9-42BB-9CD2-FBB6C28A3804}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{1B6BAE86-EA7F-40C7-8BB3-290862D81E09}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{1B7BC528-A71C-412A-85AF-4F77AFF9D887}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{1D0EAE55-0296-4285-A5C3-910303C97BA4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{1D95146D-8A5D-4E11-AF7F-953F715645BB}" = protocol=17 | dir=in | app=c:\program files (x86)\smartview2\smart view 2.0.exe |
"{2449F5B1-05AD-47FF-AAA6-7A229CACD01C}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{24E083F5-0E1F-470C-9ADE-151F0F635301}" = protocol=6 | dir=in | app=c:\program files (x86)\smartview2\smart view 2.0.exe |
"{27AC448E-8B8E-4072-A115-6F842BC90BF8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{27E68292-7A56-494B-92F8-CB96913F7988}" = dir=in | name=skype |
"{280D6A1F-8192-48CB-9B2C-7EAA6A12A7E5}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{2896DD9B-1C35-4818-A282-2770C4583714}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{28B63F80-0BBB-4602-AB7E-CB7DE014B1AB}" = dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{28E2400E-3980-4E99-BDCB-55BE6EA3FBB8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{290074EA-495F-4121-AFA3-8BA322109E20}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{2D3DBFF8-EA19-4A60-A4FE-C32989A9A699}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\devicesetup.exe |
"{33F71286-39F5-4D01-841E-225C29E767C4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\virtualdrive.exe |
"{34777DBF-24F9-465E-9BDF-5A6AE3C2BF17}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{35D6F2D6-C1D7-4987-B950-02B7B577A7D8}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{36C05227-F834-4EFA-AAC0-3E94A4A9DE69}" = dir=in | app=c:\users\retired\appdata\local\microsoft\onedrive\onedrive.exe |
"{383E798B-1107-41D5-979E-96E9CC13877D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{3945CC32-AB70-4C77-B97D-F6851C809E05}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3B9D1381-9839-45F6-B44C-C755AF911F6D}" = dir=in | name=hp all-in-one printer remote |
"{3C42B1C6-F8C6-4D6A-B498-3F3995E1E4BC}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{3C72BD61-5498-4A31-A94C-AE6711AFC24E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3D93C766-DBB8-4C83-8356-07C5B80F0A9B}" = dir=out | name=@{microsoft.bingnews_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{3E4028BA-6B21-4FFB-9509-C29B289E7DAE}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{3E43065B-6ABA-49A2-8ACB-FF7A3316353D}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{3ED3EFBA-6B3A-4BAA-913A-F3D642F98F2C}" = dir=out | name=booking.com partner edition |
"{400C6714-AE3E-476D-B042-B6686EA02ECA}" = dir=out | name=ebay |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{443B39A4-85A9-47E2-A487-7486E8AF820C}" = dir=out | name=@{microsoft.bingfinance_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{4637FF69-8517-4329-9AC6-A988C9F1185A}" = dir=out | name=hulu plus |
"{4B0B0C42-BFCC-4DFA-8C3C-EC12892BB50A}" = protocol=58 | dir=in | [email protected],-28545 |
"{4E7D9A50-88F6-4938-AC98-D3CC0B428E6F}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{4EC0B0F4-48E1-486E-818F-D9C0A12CC90A}" = dir=in | name=evernote touch |
"{4FB3530A-F0BB-434D-8E29-0435BAF841D5}" = protocol=17 | dir=in | app=c:\program files (x86)\smartview2\smart view 2.0.exe |
"{504CD1B8-5ACD-4817-B847-ECE656C9EBDA}" = protocol=58 | dir=out | [email protected],-28546 |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{54AE3F17-66FF-486C-84FF-D4BBA94DAD77}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{59A16CF6-399B-4B5D-9D55-3882F451E3B9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{59D2A9BF-4988-4ECB-9795-3A383E6B29F5}" = dir=out | name=windows_ie_ac_001 |
"{5AD9A266-D44E-44C4-AF3B-BD7E0A233B3F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo_\dmcdaemon.exe |
"{5C8E3C3C-D082-4432-945B-9A8D677DB6F0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo_\windowsupnp.exe |
"{5E0DD0D2-E920-4215-BC9D-C5A4AE2C272C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo_\windowsupnp.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{663E7EBE-A4CA-48AB-A041-B326001442F3}" = dir=in | app=c:\users\retired\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{69B466F4-90C8-49C2-A173-D9016BEDB76A}" = dir=out | name=amazon |
"{6BDFBC3A-9F82-4254-8DE2-49173DCDC4C5}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{6D70ACD8-6C4C-4038-8D5C-F2B46B0BD777}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{70CB0146-33A8-4EA2-8122-3E74C97DC597}" = dir=out | name=evernote touch |
"{72360EB9-8E93-4668-BB0E-4C21A4374C55}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{75B1DAB2-428D-47C3-AE84-DB71EF465783}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{76140424-2885-4639-9BD6-C0E3B41769A2}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{78BD1267-B5C3-4E06-8F63-6FFB7CCFFC9F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{79F091AE-69C3-4499-9549-B4B141697113}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media_\windowsupnpmv.exe |
"{7B862A58-7FAF-4705-93C8-EA9EABDC9C94}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\faxapplications.exe |
"{7D5BD826-9668-47B1-9D34-B7E4FD2F4777}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo_\windowsupnp.exe |
"{7DCD9C36-A35A-457E-BD68-9B7F7C14F898}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{7FE0F5D5-5B50-42AF-87BE-6740FD810DA6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{80F6EE01-FC9A-4B17-AFEA-C405F4772998}" = protocol=6 | dir=out | app=system |
"{8373C2FA-4C79-4A5D-AF8A-339345412138}" = dir=out | name=@{microsoft.zunevideo_2.6.441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{8384E57F-39CA-4E37-A2BF-4327048B2F91}" = dir=out | name=zinio |
"{84360E91-8B7B-4A5E-A1B7-E899BE5DECB9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{84784298-9810-497F-88B1-5D64135A31DA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{856942CB-81F3-4E42-AEE6-3098F3EC42DE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85F28F18-52DF-44F5-8805-0B4262DD2750}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{87D59B90-2469-4E58-8D9E-843F1EF82400}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8AC936B6-24AF-4E31-986E-CC788FD56434}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicatorcom.exe |
"{8BC08C0F-B0DB-4498-AB5D-D074AD4390A2}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{8C40F774-0CF1-4EDB-B004-FD03EE11206C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{8C6B1EDB-FA33-4139-812E-EDA0C13B392C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media_\dmcdaemon.exe |
"{8D20B664-0AEA-49F3-BE7C-AF41485F17F6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8DB91C7B-BEE4-4FE9-972E-6E73A5446EA5}" = dir=out | name=- games app - |
"{8F8E4C06-6FEC-4E05-878A-B7A5338AA765}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{9002B4AA-6174-4CF6-BC71-A4FE05D6E0C6}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{906F1545-4377-4005-BE49-D601E278E482}" = dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{977F6606-1C23-4EBF-8096-83546A4F539C}" = dir=in | app=c:\program files\soluto\soluto.exe |
"{9B235590-B9B0-4B99-B38A-F130A4713840}" = dir=in | name=next issue magazines for acer |
"{9CA45AFA-97E7-40C4-AA48-5BF372F5D554}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{9CFE7386-7692-480E-AD45-55A7360C2316}" = dir=in | name=evernote touch |
"{9DAD0E25-7A75-4643-A090-9034F663A38F}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9E49FFBD-7105-4182-8704-7163D5E1816B}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9EFBDF21-F778-4D77-BA0B-CF7C0002116A}" = dir=in | app=c:\program files\hp\hp envy 7640 series\bin\devicesetup.exe |
"{9FDB2032-BE08-43E7-8402-3F1636AFC300}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo_\dmcdaemon.exe |
"{A2D9B0A6-15C8-43B0-A736-BF3451AF4846}" = dir=out | name=chacha |
"{A4CBA7DD-43F6-4385-953E-4FACD12CE289}" = dir=in | app=c:\program files\hp\hp envy 7640 series\bin\digitalwizards.exe |
"{A91738FC-6358-422E-893F-4ED6B9F09663}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A945C952-8AE1-4D6A-8D90-DC68A37396C9}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe |
"{AAB72DE7-73EC-4D81-8561-5A9CBCB8B3E0}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{AB715C02-4192-4276-AEAA-970F23DDB79B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\sdd.exe |
"{ABBC7CDD-599C-43F7-9E81-524D5046061C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{AE564A24-5566-43B9-AE68-424C114ED604}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AE7741AE-366C-460F-8AC7-9F4CE7A05080}" = dir=out | name=stumbleupon |
"{AF909125-170B-4B09-BD0D-690F6AEFBBEA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{B05B72F8-F8A9-4113-9EC2-4103F2CA9D31}" = dir=out | name=acer explorer |
"{B0829FE9-6DE6-44B5-87C8-68B41BF771AF}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{B089400C-794A-409F-8D11-451DE91217AE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media_\windowsupnpmv.exe |
"{B30D8735-C407-4ED6-A8F0-966A201CED7E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{B93997AB-D78E-49CC-B006-B47780469F75}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B9FF7CFA-EA1D-484C-AF9E-A38F522793B9}" = dir=out | name=hp all-in-one printer remote |
"{BB8AB090-66AC-4C41-8064-878266FD410E}" = dir=in | name=evernote touch |
"{BE687F04-363D-4BD2-A96B-9D05946FE752}" = dir=out | name=skype |
"{C27EB2C4-B564-43A3-8169-6252EB93D1BB}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{C2D6AD93-142B-477B-AAB1-E95AE7B930DC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{C7B780D6-66E1-4434-9F43-655454A3E203}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CA40C3B1-7974-4C37-B29B-96D4052ED6F5}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media_\dmcdaemon.exe |
"{CC000E04-BCC1-4BE9-B09B-1E3242A8AEA6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo_\windowsupnp.exe |
"{CEE489F0-D64B-40A8-AA02-A4F4E759D6E7}" = dir=in | app=c:\program files\soluto\solutoservice.exe |
"{D10CFC8E-3101-4ECD-9050-22247D14396E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{D16B3148-CA03-497F-88A2-B731D10A8CD7}" = dir=out | name=evernote touch |
"{D305CFDA-B43B-4F89-B16D-F981AE1A10BB}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\sdd.exe |
"{D52400D2-15E1-4B97-91CC-FF9372258479}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D730E9D7-3EE8-4000-AAA4-E346E7FA1AE4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media_\dmcdaemon.exe |
"{D81E1C74-90B1-4DE0-B9C7-F3E17D38F34D}" = dir=out | name=icookbook se |
"{D9757A7C-378D-49D0-84F3-A0DFB023FABD}" = dir=in | name=zinio |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E048C0E0-5817-42D0-ABC7-0B8D5E8EB875}" = dir=in | app=c:\users\retired\appdata\local\microsoft\skydrive\skydrive.exe |
"{E7A06C43-60F6-4559-98F4-28203A9137EE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{EAE5313A-7691-42AA-95CA-AA5C65AA1FD7}" = protocol=1 | dir=in | [email protected],-28543 |
"{EB704AC9-6281-428A-A412-166192400BC9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB99E318-7823-414B-8DF5-4CE524595F86}" = dir=in | app=c:\program files\hp\hp envy 7640 series\bin\hpnetworkcommunicatorcom.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EDCC28AE-E907-4EDB-95DD-627122104F52}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{EF8BD9BB-5F84-4822-93E3-6930BECCE933}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{F3969A4B-57DD-497A-8102-57CD128C00D9}" = dir=in | app=c:\program files\hp\hp envy 7640 series\bin\sendafax.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F76AD43D-811B-4390-B550-CE8CEF13E38E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo_\dmcdaemon.exe |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F8BEE075-E858-4667-87BE-731676350307}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media_\windowsupnpmv.exe |
"{FBE4E037-58A0-4B03-8DC2-BC07313C61B9}" = protocol=1 | dir=out | [email protected],-28544 |
"{FBF99D2D-0267-4C0F-A5C0-CFBDCE29C571}" = protocol=6 | dir=in | app=c:\program files (x86)\smartview2\smart view 2.0.exe |
"{FD6B7591-E756-47D3-A3D3-3FC5F06F2BE2}" = dir=out | name=newsxpresso |
"{FE5C67AE-A0EF-4764-8542-1E7A9B85179C}" = dir=out | name=didlr |
"TCP Query User{46D000E9-8F0E-41EB-AA2E-56B059AE6FD2}C:\users\retired\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\retired\appdata\local\directv player\ndspcshowserver.exe |
"TCP Query User{FA5E86F6-191D-4E71-BF88-18DD4839375C}C:\users\retired\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\retired\appdata\local\directv player\ndspcshowserver.exe |
"UDP Query User{410F9EDD-D0CC-499E-B4CB-5BFCB00EDF8F}C:\users\retired\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\retired\appdata\local\directv player\ndspcshowserver.exe |
"UDP Query User{9C42A03C-F326-46CC-A625-E1B71BD1CD0D}C:\users\retired\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\retired\appdata\local\directv player\ndspcshowserver.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{13885028-098C-4799-9B71-27DAC96502D5}" = Acer Remote Files
"{176E2755-0A17-42C6-88E2-192AB2131278}" = Intel(R) Trusted Execution Engine
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{24BF3898-2667-4645-9448-8C6765B801A5}" = HP ENVY 7640 series Basic Device Software
"{3685B5E8-A0A8-494B-B035-B221547A4B63}" = Intel(R) Trusted Execution Engine Driver
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{791A06E2-340F-43B0-8FAB-62D151339362}" = HP Officejet Pro 8600 Basic Device Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{BCCACFE6-91A0-4F32-80A0-ADC0CA048C7B}" = Intel(R) Trusted Execution Engine
"{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}" = Acer Launch Manager
"{C1FA525F-D701-4B31-9D32-504FC0CF0B98}" = Acer Quick Access
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Elantech" = ETDWare PS/2-X64 11.6.24.203_WHQL
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"O365HomePremRetail - en-us" = Microsoft Office 365 - en-us
"TeraCopy_is1" = TeraCopy 2.3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C2D443-43D9-4550-ABEA-318288E23E57}" = Quicken 2015
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WLAN and Bluetooth Client Installation Program
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1" = Foxit Cloud
"{437f5443-c052-432c-b1e7-abd9bc5cabdb}" = DIRECTV Player
"{5845A5C9-AA03-4D91-9793-1A2563CE0129}" = HP ENVY 7640 series Help
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{72199E33-4F2A-4B7F-8E25-95DDDD50A678}" = Acer System Information
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{91589413-6675-4C27-8AFC-EFB9103B90A5}" = eBay Worldwide
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = Acer Portal
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = Acer Photo
"{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}" = HPDiagnosticAlert
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = Acer Docs
"{DCBF3379-246B-47E1-8173-639B63940838}" = Acer Docs Office AddIn
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = Acer Media
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}" = Smart View 2.0
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Avast" = Avast Free Antivirus
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.1.8.1057
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox 39.0 (x86 en-US)" = Mozilla Firefox 39.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.95
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WTA-098caa41-be4e-4161-8a2b-56de3b5d50e0" = Aloha TriPeaks
"WTA-20b0c29f-3978-4247-ab50-e36490a78aac" = Trinklit Supreme
"WTA-34705c7a-b964-405e-a8a6-88a29cf72377" = Peggle Nights
"WTA-40d2c2a3-dccf-48a0-81e7-fe439dc4d767" = Governor of Poker 2 Premium Edition
"WTA-7787ea8b-3471-4c9e-b626-3514f767314b" = Magic Academy
"WTA-8f1f12dc-3ea8-44df-a31e-909bf6a4b660" = The Chronicles of Emerland Solitaire
"WTA-a47b8aa3-c439-41b0-9675-94fb3a6cf8d3" = Plants vs. Zombies - Game of the Year
"WTA-bd62773c-a0e9-46ed-8b93-4ba3fca493a3" = Cradle Of Egypt Collector's Edition
"WTA-f3bed538-0eaf-48d5-9b32-0ced16de351d" = Luxor Evolved
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/24/2015 1:43:06 PM | Computer Name = Sadie | Source = Google Update | ID = 20
Description =
Error - 8/26/2015 7:11:32 AM | Computer Name = Sadie | Source = Desktop Window Manager | ID = 9020
Description = The Desktop Window Manager has encountered a fatal error (0x8898008d)
Error - 8/26/2015 7:43:05 PM | Computer Name = Sadie | Source = Google Update | ID = 20
Description =
Error - 9/1/2015 11:17:07 AM | Computer Name = Sadie | Source = Application Error | ID = 1000
Description = Faulting application name: delegate_execute.exe, version: 44.0.2403.157,
time stamp: 0x55d2960d Faulting module name: delegate_execute.exe, version: 44.0.2403.157,
time stamp: 0x55d2960d Exception code: 0xc0000005 Fault offset: 0x0002bbd3 Faulting
process id: 0x1694 Faulting application start time: 0x01d0e4c9260ec248 Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe
Faulting
module path: C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe
Report
Id: 81732390-50bc-11e5-82dc-201a06dca4f0 Faulting package full name: Faulting package-relative
application ID:
Error - 9/8/2015 1:43:05 PM | Computer Name = Sadie | Source = Google Update | ID = 20
Description =
Error - 9/10/2015 1:01:25 PM | Computer Name = Sadie | Source = Chrome | ID = 1
Description =
Error - 9/17/2015 7:24:22 AM | Computer Name = Sadie | Source = Application Hang | ID = 1002
Description = The program avastui.exe version 10.3.2225.1181 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1340 Start
Time: 01d0f139b25f8ce3 Termination Time: 60000 Application Path: C:\Program Files\AVAST
Software\Avast\avastui.exe Report Id: 61e37a9d-5d2e-11e5-82df-201a06dca4f0 Faulting
package full name: Faulting package-relative application ID:
Error - 9/18/2015 7:44:33 AM | Computer Name = Sadie | Source = Application Error | ID = 1000
Description = Faulting application name: OfficeClickToRun.exe, version: 15.0.4753.1000,
time stamp: 0x55a4b8ad Faulting module name: netprofm.dll_unloaded, version: 6.3.9600.17415,
time stamp: 0x5450411d Exception code: 0xc0000005 Fault offset: 0x0000000000002656
Faulting
process id: 0x638 Faulting application start time: 0x01d0f206fb71b7a5 Faulting application
path: C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe Faulting
module path: netprofm.dll Report Id: a089181b-5dfa-11e5-82e0-201a06dca4f0 Faulting
package full name: Faulting package-relative application ID:
Error - 9/18/2015 7:51:28 AM | Computer Name = Sadie | Source = Windows Search Service | ID = 3602
Description =
Error - 9/18/2015 7:51:29 AM | Computer Name = Sadie | Source = Windows Search Service | ID = 7042
Description =
[ System Events ]
Error - 3/1/2015 11:30:17 AM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/1/2015 11:30:47 AM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/2/2015 12:18:59 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/2/2015 12:19:29 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/3/2015 12:22:04 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/4/2015 1:37:21 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/4/2015 1:37:51 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/4/2015 1:42:17 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/4/2015 1:42:47 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/5/2015 1:50:58 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
< End of report >
# AdwCleaner v4.201 - Logfile created 21/09/2015 at 13:20:24
# Updated 08/04/2015 by Xplode
# Database : 2015-09-20.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Retired - SADIE
# Running from : C:\Users\Retired\Desktop\System Maintenance\adwcleaner_4.201.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v39.0 (x86 en-US)
-\\ Google Chrome v45.0.2454.93
*************************
AdwCleaner[R0].txt - [3233 bytes] - [11/05/2014 11:01:53]
AdwCleaner[R1].txt - [1859 bytes] - [13/07/2014 10:05:42]
AdwCleaner[R2].txt - [1510 bytes] - [01/09/2014 14:10:37]
AdwCleaner[R3].txt - [1299 bytes] - [01/09/2014 14:17:25]
AdwCleaner[R4].txt - [3390 bytes] - [12/01/2015 22:48:02]
AdwCleaner[R5].txt - [2472 bytes] - [26/01/2015 21:32:18]
AdwCleaner[R6].txt - [3567 bytes] - [16/04/2015 18:42:22]
AdwCleaner[R7].txt - [2523 bytes] - [18/09/2015 11:37:15]
AdwCleaner[R8].txt - [1125 bytes] - [21/09/2015 13:20:24]
AdwCleaner[S0].txt - [2919 bytes] - [11/05/2014 11:03:45]
AdwCleaner[S1].txt - [1902 bytes] - [13/07/2014 10:08:56]
AdwCleaner[S2].txt - [1486 bytes] - [01/09/2014 14:13:47]
AdwCleaner[S3].txt - [1361 bytes] - [01/09/2014 14:22:30]
AdwCleaner[S4].txt - [3473 bytes] - [12/01/2015 22:55:09]
AdwCleaner[S5].txt - [2559 bytes] - [26/01/2015 21:37:17]
AdwCleaner[S6].txt - [3667 bytes] - [16/04/2015 20:32:49]
AdwCleaner[S7].txt - [2605 bytes] - [18/09/2015 11:45:14]
########## EOF - C:\AdwCleaner\AdwCleaner[R8].txt - [1656 bytes] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 8.1 x64
Ran by Retired on Mon 09/21/2015 at 13:37:51.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Chrome
[C:\Users\Retired\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Retired\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Retired\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Retired\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 09/21/2015 at 14:03:43.50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 9/21/2015
Scan Time: 4:00 PM
Logfile: Malwarebytes.txt
Administrator: Yes
Version: 2.1.8.1057
Malware Database: v2015.09.21.07
Rootkit Database: v2015.09.18.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Retired
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 354777
Time Elapsed: 1 hr, 8 min, 24 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
OTL logfile created on: 9/21/2015 2:33:21 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Retired\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18036)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.89 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 65.27% Memory free
7.89 Gb Paging File | 6.54 Gb Available in Paging File | 82.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.69 Gb Total Space | 351.60 Gb Free Space | 78.36% Space Free | Partition Type: NTFS
Computer Name: SADIE | User Name: Retired | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Retired\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Foxit Software Inc.)
PRC - C:\Program Files\Microsoft Office 15\root\office15\msosync.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Acer\Acer Portal\ccd.exe (Acer Cloud Technology)
PRC - C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (TODO: <Company name>)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\AVAST Software\Avast\log.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AvastVBoxSvc) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe File not found
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (LMSvc) -- C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (Acer Incorporate)
SRV:64bit: - (RMSvc) -- C:\Program Files\Acer\Acer Quick Access\RMSvc.exe (Acer Incorporate)
SRV:64bit: - (QASvc) -- C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporate)
SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (ETDService) -- C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corp.)
SRV - (FoxitCloudUpdateService) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Foxit Software Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (CCDMonitorService) -- C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe (Acer Incorporated)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Windows (R) Win 7 DDK provider)
SRV - (GamesAppIntegrationService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (TODO: <Company name>)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (VBoxAswDrv) -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys File not found
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\Windows\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (RSBASTOR) -- C:\Windows\SysNative\drivers\RtsBaStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athwbx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeelamk) -- C:\Windows\SysNative\drivers\mfeelamk.sys (McAfee, Inc.)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (LMDriver) -- C:\Windows\SysNative\drivers\LMDriver.sys (Acer Incorporated)
DRV:64bit: - (RadioShim) -- C:\Windows\SysNative\drivers\RadioShim.sys (Acer Incorporated)
DRV:64bit: - (TXEIx64) -- C:\Windows\SysNative\drivers\TXEIx64.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL63a.SYS (Broadcom Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (DSI_SiUSBXp_3_1) -- C:\Windows\SysNative\drivers\DSI_SiUSBXp_3_1.sys (Silicon Laboratories)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{036614D3-EF21-4347-A6AB-227C3D85F3FD}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{036614D3-EF21-4347-A6AB-227C3D85F3FD}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Retired\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (Cisco)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin64: C:\Users\Retired\AppData\Local\DIRECTV Player\win64\npPlayerPlugin64.dll (Cisco)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Retired\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Retired\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (Cisco)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/09/18 06:38:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014/04/18 08:48:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Retired\AppData\Roaming\mozilla\Extensions
[2015/08/01 15:31:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/08/01 15:31:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Retired\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [AcerCloud] C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe (Acer Incorporated)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Retired\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [HP ENVY 7640 series (NET)] C:\Program Files\HP\HP ENVY 7640 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKCU..\Run: [PCShowServer] C:\Users\Retired\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (Cisco)
O4 - HKCU..\Run: [QuickenScheduledUpdates] C:\Program Files (x86)\Quicken\bagent.exe (Intuit Inc.)
O4 - Startup: C:\Users\Retired\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook 2013.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 216.129.224.49 216.220.30.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B13BFB5-F43B-4E04-8EB8-EBE7881ED73D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D99D7549-9E18-45B6-8749-509FC82DC3E7}: DhcpNameServer = 216.129.224.49 216.220.30.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4c08d0ca-816f-11e4-8284-201a06dca4f0}\Shell - "" = AutoRun
O33 - MountPoints2\{4c08d0ca-816f-11e4-8284-201a06dca4f0}\Shell\AutoRun\command - "" = "D:\unlock.exe" autoplay=true
O33 - MountPoints2\{9de43185-e9bf-11e4-82b2-201a06dca4f0}\Shell - "" = AutoRun
O33 - MountPoints2\{9de43185-e9bf-11e4-82b2-201a06dca4f0}\Shell\AutoRun\command - "" = "D:\LaunchU3.exe" -a
O33 - MountPoints2\{b4a49c00-000c-11e5-82c5-201a06dca4f0}\Shell - "" = AutoRun
O33 - MountPoints2\{b4a49c00-000c-11e5-82c5-201a06dca4f0}\Shell\AutoRun\command - "" = "D:\LaunchU3.exe"
O33 - MountPoints2\{cfb0a190-9cc3-11e4-8296-201a06dca4f0}\Shell - "" = AutoRun
O33 - MountPoints2\{cfb0a190-9cc3-11e4-8296-201a06dca4f0}\Shell\AutoRun\command - "" = "E:\VZW_Software_upgrade_assistant.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015/09/21 14:31:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Retired\Desktop\OTL.exe
[2015/09/21 13:37:26 | 001,798,976 | ---- | C] (Malwarebytes) -- C:\Users\Retired\Desktop\JRT_NEW.exe
[2015/09/18 17:43:27 | 000,000,000 | ---D | C] -- C:\Users\Retired\Desktop\Sep 18 2015 Backup
[2015/09/18 06:38:54 | 000,378,880 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/09/18 06:38:46 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/08/22 19:51:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
========== Files - Modified Within 30 Days ==========
[2021/10/21 08:36:56 | 000,000,852 | ---- | M] () -- C:\Windows\SysNative\drivers\RTKHDRC.dat
[2021/10/04 02:34:42 | 000,000,712 | ---- | M] () -- C:\Windows\SysNative\drivers\RTMICEQ0.dat
[2015/09/21 14:49:38 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/09/21 14:31:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Retired\Desktop\OTL.exe
[2015/09/21 14:28:07 | 000,001,938 | ---- | M] () -- C:\Users\Retired\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
[2015/09/21 14:27:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/09/21 14:26:24 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/09/21 14:25:50 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/09/21 14:25:47 | 3338,108,928 | -HS- | M] () -- C:\hiberfil.sys
[2015/09/21 14:16:11 | 001,662,976 | ---- | M] () -- C:\Users\Retired\Desktop\AdwCleaner.exe
[2015/09/21 13:56:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/09/21 13:18:20 | 000,000,121 | ---- | M] () -- C:\Users\Retired\Desktop\-----------------please read before requesting malware removal help--------------.url
[2015/09/21 12:43:02 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1538860633-711943146-4208229341-1001UA.job
[2015/09/21 09:43:02 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1538860633-711943146-4208229341-1001Core.job
[2015/09/20 21:50:09 | 000,000,084 | ---- | M] () -- C:\Users\Retired\Desktop\Building Code for Steps - Home Guides - SF Gate.url
[2015/09/20 18:44:10 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/09/20 18:44:10 | 000,731,650 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/09/20 18:44:10 | 000,135,726 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/09/18 18:30:00 | 100,233,216 | ---- | M] () -- C:\Users\Retired\Desktop\QDATACPYCPY_20111118_20120408-2015-09-18.QDF-backup
[2015/09/18 10:19:57 | 000,113,880 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/09/18 06:38:52 | 000,448,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015/09/18 06:38:52 | 000,378,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/09/18 06:38:52 | 000,274,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015/09/18 06:38:52 | 000,153,744 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015/09/18 06:38:52 | 000,090,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015/09/18 06:38:52 | 000,065,224 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015/09/18 06:38:52 | 000,028,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015/09/18 06:38:51 | 000,093,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015/09/18 06:38:46 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/09/18 06:38:36 | 001,049,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015/09/15 14:03:54 | 001,798,976 | ---- | M] (Malwarebytes) -- C:\Users\Retired\Desktop\JRT_NEW.exe
[2015/09/10 06:29:55 | 000,481,880 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2015/09/21 14:16:08 | 001,662,976 | ---- | C] () -- C:\Users\Retired\Desktop\AdwCleaner.exe
[2015/09/21 13:18:20 | 000,000,121 | ---- | C] () -- C:\Users\Retired\Desktop\-----------------please read before requesting malware removal help--------------.url
[2015/09/20 21:50:09 | 000,000,084 | ---- | C] () -- C:\Users\Retired\Desktop\Building Code for Steps - Home Guides - SF Gate.url
[2015/09/18 18:29:59 | 100,233,216 | ---- | C] () -- C:\Users\Retired\Desktop\QDATACPYCPY_20111118_20120408-2015-09-18.QDF-backup
[2015/09/11 08:16:48 | 010,622,190 | ---- | C] () -- C:\Users\Retired\Desktop\Heide.JPG
[2015/09/09 08:22:03 | 000,411,455 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2015/04/16 21:15:51 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-SADIE-Windows-8.1-(64-bit).dat
[2015/03/04 14:16:31 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2015/03/04 14:12:39 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2014/12/11 14:44:50 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/11/23 16:04:37 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2014/05/06 12:18:51 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/04/18 09:11:55 | 000,000,082 | ---- | C] () -- C:\Users\Retired\AppData\Roaming\WB.CFG
[2014/04/18 05:40:36 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2014/02/08 22:45:06 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/27 21:29:10 | 000,317,440 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2013/11/27 21:29:10 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/11/27 21:29:09 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
========== ZeroAccess Check ==========
[2014/02/08 23:11:15 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/05/07 12:50:50 | 022,292,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/05/07 11:53:12 | 019,734,960 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/28 20:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/28 19:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/28 20:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/04/18 06:10:44 | 000,000,000 | ---D | M] -- C:\Users\Retired\AppData\Roaming\acer
[2014/04/18 09:32:20 | 000,000,000 | ---D | M] -- C:\Users\Retired\AppData\Roaming\AVAST Software
[2015/07/15 19:48:28 | 000,000,000 | ---D | M] -- C:\Users\Retired\AppData\Roaming\Foxit Software
[2015/04/18 13:29:49 | 000,000,000 | ---D | M] -- C:\Users\Retired\AppData\Roaming\Octoshape
[2015/01/19 15:33:45 | 000,000,000 | ---D | M] -- C:\Users\Retired\AppData\Roaming\Samsung
[2015/03/26 21:12:09 | 000,000,000 | ---D | M] -- C:\Users\Retired\AppData\Roaming\TeraCopy
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 220 bytes -> C:\Users\Retired\OneDrive:ms-properties
< End of report >
OTL Extras logfile created on: 9/21/2015 2:33:21 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Retired\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18036)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.89 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 65.27% Memory free
7.89 Gb Paging File | 6.54 Gb Available in Paging File | 82.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.69 Gb Total Space | 351.60 Gb Free Space | 78.36% Space Free | Partition Type: NTFS
Computer Name: SADIE | User Name: Retired | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\PROGRA~2\MICROS~1\OFFICE11\WORDVIEW.EXE" /n /dde
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Windows\SysWow64\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\PROGRA~2\MICROS~1\OFFICE11\WORDVIEW.EXE" /n /dde
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Windows\SysWow64\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D2B5FB-7E15-4C74-ADFF-BED1BBD7DD25}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{13F6865D-B4A2-4E0F-B5BF-245B1095C102}" = rport=445 | protocol=6 | dir=out | app=system |
"{14D19579-F9E4-4EFE-8D41-3F977F665A35}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{35B78E18-FF51-4A57-8073-7E72A043DC95}" = rport=138 | protocol=17 | dir=out | app=system |
"{36A595CA-9906-472A-B3F1-7510F6DBB266}" = rport=139 | protocol=6 | dir=out | app=system |
"{41B82908-E969-453B-86D2-E012F9FF8D41}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{50AA85DC-D18E-4F44-ACEB-6B95EDB9B31F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5205E68E-F08B-40D7-AC40-930D10C42668}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{58F06D40-F3D5-4F67-AF71-25F58B539DEF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5BC5DE27-2537-41D6-A341-634472B3E499}" = lport=5357 | protocol=6 | dir=in | name=ws-eventing tcp port 5357 |
"{6B8E5221-AC69-413B-A4A5-7670929ADDB5}" = lport=138 | protocol=17 | dir=in | app=system |
"{71B10768-CB79-454D-9A75-3946B0B6CBAB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{78DBE35E-B283-4ED6-B8B0-FA5B61744E1E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{86B0DA16-646D-4EE5-9B2A-C45925AE8B36}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{876CAD62-3263-4CD6-B68F-B5700896CC33}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90383611-6A45-45B2-A7CD-7A40D0BB839B}" = lport=139 | protocol=6 | dir=in | app=system |
"{921978D8-5C57-417B-B53F-F9E16B1BD75E}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{AD87A118-7885-4A89-8B44-5C6285C08B22}" = lport=445 | protocol=6 | dir=in | app=system |
"{B0E84760-34C8-4086-9290-E9C647ECC051}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B6D9CB8D-5635-4803-86A5-E239188E1F67}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{C52DB2A3-7C38-4CCD-852C-2A7ECCB2D4A5}" = lport=137 | protocol=17 | dir=in | app=system |
"{C7645DBA-B653-4238-AF4E-254F122C8FE1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{D0CD6903-B920-4E53-9663-611D0A3025A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D1AA0ECF-7752-46A8-8943-DD8D6904F74A}" = rport=137 | protocol=17 | dir=out | app=system |
"{D3A007FA-E42E-40A8-90E3-113400971D4A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F806AEC3-6E81-462D-A919-C2D6AF3832FB}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00824CB0-4001-4323-AFDD-56A4094A49B4}" = dir=out | name=@{microsoft.bingsports_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{012B0F12-D532-43EE-948F-6679AAE23D3F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{01E9A973-9DC4-4AF7-B842-03D3CFFC8BDF}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{02677430-6377-4ED2-87E7-9931C1DC9015}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media_\windowsupnpmv.exe |
"{035A62EA-35F4-4396-A672-B4BCCA106FDE}" = dir=in | app=c:\program files\hp\hp envy 7640 series\bin\faxapplications.exe |
"{03B68EBD-3B49-47CA-8294-7C54CB0E41E8}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\virtualdrive.exe |
"{04511FFA-78A0-4745-A7BF-850A239181DE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo_\dmcdaemon.exe |
"{048679F4-CBB4-4E0A-98F1-ACACFB4A0A23}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\sendafax.exe |
"{0629F55F-5BEE-4802-B97A-40292DB59841}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\digitalwizards.exe |
"{08752719-B9E1-472B-9B25-E0AA469A8CB5}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{08AF3D13-7B14-456F-9AB6-A89FAE191689}" = dir=out | name=@{microsoft.bingweather_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{09DBD671-C94D-40B2-B1A5-AA5DF1CEFAA4}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{0B4BF4D1-CBAB-47C2-97D4-FCFAB9852C0E}" = dir=in | name=acer explorer |
"{0C56FE8D-2D4C-4EC8-9F1D-B6805408CC88}" = dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{0FCD29F5-A3A4-491C-B73B-D2B36F2A7AA5}" = dir=out | name=@{magix.musicmakerjam_2.3.1044.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{1014480C-D71C-4423-9E1A-9F7BCA749AFD}" = dir=out | name=netflix |
"{10DD8C43-BC62-43FD-AE9E-3F844BB019C6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{11AC57A2-E2B9-4AD0-B6E6-95AADAC7126D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{120BEF27-BAB5-4749-BE59-2BC0F91F6192}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{1334A969-8BCD-4EAF-BB5F-E8105B6E5F67}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media_\dmcdaemon.exe |
"{13C2AEA2-685B-4DB7-BF8B-C669A97CA6E0}" = dir=out | name=next issue magazines for acer |
"{13D4566C-ACEF-4A0F-8482-0553132D5DF6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{141E58DD-7892-46B6-8D57-BE632480BDCF}" = dir=out | name=kindle |
"{1788218E-FFB1-4A89-BCE9-CDEB7317FE8E}" = dir=in | name=@{magix.musicmakerjam_2.3.1044.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{19ABB354-76D9-42BB-9CD2-FBB6C28A3804}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{1B6BAE86-EA7F-40C7-8BB3-290862D81E09}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{1B7BC528-A71C-412A-85AF-4F77AFF9D887}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{1D0EAE55-0296-4285-A5C3-910303C97BA4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{1D95146D-8A5D-4E11-AF7F-953F715645BB}" = protocol=17 | dir=in | app=c:\program files (x86)\smartview2\smart view 2.0.exe |
"{2449F5B1-05AD-47FF-AAA6-7A229CACD01C}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{24E083F5-0E1F-470C-9ADE-151F0F635301}" = protocol=6 | dir=in | app=c:\program files (x86)\smartview2\smart view 2.0.exe |
"{27AC448E-8B8E-4072-A115-6F842BC90BF8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{27E68292-7A56-494B-92F8-CB96913F7988}" = dir=in | name=skype |
"{280D6A1F-8192-48CB-9B2C-7EAA6A12A7E5}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{2896DD9B-1C35-4818-A282-2770C4583714}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{28B63F80-0BBB-4602-AB7E-CB7DE014B1AB}" = dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{28E2400E-3980-4E99-BDCB-55BE6EA3FBB8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{290074EA-495F-4121-AFA3-8BA322109E20}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{2D3DBFF8-EA19-4A60-A4FE-C32989A9A699}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\devicesetup.exe |
"{33F71286-39F5-4D01-841E-225C29E767C4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\virtualdrive.exe |
"{34777DBF-24F9-465E-9BDF-5A6AE3C2BF17}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{35D6F2D6-C1D7-4987-B950-02B7B577A7D8}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{36C05227-F834-4EFA-AAC0-3E94A4A9DE69}" = dir=in | app=c:\users\retired\appdata\local\microsoft\onedrive\onedrive.exe |
"{383E798B-1107-41D5-979E-96E9CC13877D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{3945CC32-AB70-4C77-B97D-F6851C809E05}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3B9D1381-9839-45F6-B44C-C755AF911F6D}" = dir=in | name=hp all-in-one printer remote |
"{3C42B1C6-F8C6-4D6A-B498-3F3995E1E4BC}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{3C72BD61-5498-4A31-A94C-AE6711AFC24E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3D93C766-DBB8-4C83-8356-07C5B80F0A9B}" = dir=out | name=@{microsoft.bingnews_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{3E4028BA-6B21-4FFB-9509-C29B289E7DAE}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{3E43065B-6ABA-49A2-8ACB-FF7A3316353D}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{3ED3EFBA-6B3A-4BAA-913A-F3D642F98F2C}" = dir=out | name=booking.com partner edition |
"{400C6714-AE3E-476D-B042-B6686EA02ECA}" = dir=out | name=ebay |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{443B39A4-85A9-47E2-A487-7486E8AF820C}" = dir=out | name=@{microsoft.bingfinance_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{4637FF69-8517-4329-9AC6-A988C9F1185A}" = dir=out | name=hulu plus |
"{4B0B0C42-BFCC-4DFA-8C3C-EC12892BB50A}" = protocol=58 | dir=in | [email protected],-28545 |
"{4E7D9A50-88F6-4938-AC98-D3CC0B428E6F}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{4EC0B0F4-48E1-486E-818F-D9C0A12CC90A}" = dir=in | name=evernote touch |
"{4FB3530A-F0BB-434D-8E29-0435BAF841D5}" = protocol=17 | dir=in | app=c:\program files (x86)\smartview2\smart view 2.0.exe |
"{504CD1B8-5ACD-4817-B847-ECE656C9EBDA}" = protocol=58 | dir=out | [email protected],-28546 |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{54AE3F17-66FF-486C-84FF-D4BBA94DAD77}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{59A16CF6-399B-4B5D-9D55-3882F451E3B9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{59D2A9BF-4988-4ECB-9795-3A383E6B29F5}" = dir=out | name=windows_ie_ac_001 |
"{5AD9A266-D44E-44C4-AF3B-BD7E0A233B3F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo_\dmcdaemon.exe |
"{5C8E3C3C-D082-4432-945B-9A8D677DB6F0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo_\windowsupnp.exe |
"{5E0DD0D2-E920-4215-BC9D-C5A4AE2C272C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo_\windowsupnp.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{663E7EBE-A4CA-48AB-A041-B326001442F3}" = dir=in | app=c:\users\retired\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{69B466F4-90C8-49C2-A173-D9016BEDB76A}" = dir=out | name=amazon |
"{6BDFBC3A-9F82-4254-8DE2-49173DCDC4C5}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{6D70ACD8-6C4C-4038-8D5C-F2B46B0BD777}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{70CB0146-33A8-4EA2-8122-3E74C97DC597}" = dir=out | name=evernote touch |
"{72360EB9-8E93-4668-BB0E-4C21A4374C55}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{75B1DAB2-428D-47C3-AE84-DB71EF465783}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{76140424-2885-4639-9BD6-C0E3B41769A2}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{78BD1267-B5C3-4E06-8F63-6FFB7CCFFC9F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{79F091AE-69C3-4499-9549-B4B141697113}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media_\windowsupnpmv.exe |
"{7B862A58-7FAF-4705-93C8-EA9EABDC9C94}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\faxapplications.exe |
"{7D5BD826-9668-47B1-9D34-B7E4FD2F4777}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo_\windowsupnp.exe |
"{7DCD9C36-A35A-457E-BD68-9B7F7C14F898}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{7FE0F5D5-5B50-42AF-87BE-6740FD810DA6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{80F6EE01-FC9A-4B17-AFEA-C405F4772998}" = protocol=6 | dir=out | app=system |
"{8373C2FA-4C79-4A5D-AF8A-339345412138}" = dir=out | name=@{microsoft.zunevideo_2.6.441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{8384E57F-39CA-4E37-A2BF-4327048B2F91}" = dir=out | name=zinio |
"{84360E91-8B7B-4A5E-A1B7-E899BE5DECB9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{84784298-9810-497F-88B1-5D64135A31DA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{856942CB-81F3-4E42-AEE6-3098F3EC42DE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85F28F18-52DF-44F5-8805-0B4262DD2750}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{87D59B90-2469-4E58-8D9E-843F1EF82400}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8AC936B6-24AF-4E31-986E-CC788FD56434}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicatorcom.exe |
"{8BC08C0F-B0DB-4498-AB5D-D074AD4390A2}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{8C40F774-0CF1-4EDB-B004-FD03EE11206C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{8C6B1EDB-FA33-4139-812E-EDA0C13B392C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media_\dmcdaemon.exe |
"{8D20B664-0AEA-49F3-BE7C-AF41485F17F6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8DB91C7B-BEE4-4FE9-972E-6E73A5446EA5}" = dir=out | name=- games app - |
"{8F8E4C06-6FEC-4E05-878A-B7A5338AA765}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{9002B4AA-6174-4CF6-BC71-A4FE05D6E0C6}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{906F1545-4377-4005-BE49-D601E278E482}" = dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{977F6606-1C23-4EBF-8096-83546A4F539C}" = dir=in | app=c:\program files\soluto\soluto.exe |
"{9B235590-B9B0-4B99-B38A-F130A4713840}" = dir=in | name=next issue magazines for acer |
"{9CA45AFA-97E7-40C4-AA48-5BF372F5D554}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{9CFE7386-7692-480E-AD45-55A7360C2316}" = dir=in | name=evernote touch |
"{9DAD0E25-7A75-4643-A090-9034F663A38F}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9E49FFBD-7105-4182-8704-7163D5E1816B}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9EFBDF21-F778-4D77-BA0B-CF7C0002116A}" = dir=in | app=c:\program files\hp\hp envy 7640 series\bin\devicesetup.exe |
"{9FDB2032-BE08-43E7-8402-3F1636AFC300}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo_\dmcdaemon.exe |
"{A2D9B0A6-15C8-43B0-A736-BF3451AF4846}" = dir=out | name=chacha |
"{A4CBA7DD-43F6-4385-953E-4FACD12CE289}" = dir=in | app=c:\program files\hp\hp envy 7640 series\bin\digitalwizards.exe |
"{A91738FC-6358-422E-893F-4ED6B9F09663}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A945C952-8AE1-4D6A-8D90-DC68A37396C9}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe |
"{AAB72DE7-73EC-4D81-8561-5A9CBCB8B3E0}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{AB715C02-4192-4276-AEAA-970F23DDB79B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\sdd.exe |
"{ABBC7CDD-599C-43F7-9E81-524D5046061C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{AE564A24-5566-43B9-AE68-424C114ED604}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AE7741AE-366C-460F-8AC7-9F4CE7A05080}" = dir=out | name=stumbleupon |
"{AF909125-170B-4B09-BD0D-690F6AEFBBEA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe |
"{B05B72F8-F8A9-4113-9EC2-4103F2CA9D31}" = dir=out | name=acer explorer |
"{B0829FE9-6DE6-44B5-87C8-68B41BF771AF}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{B089400C-794A-409F-8D11-451DE91217AE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media_\windowsupnpmv.exe |
"{B30D8735-C407-4ED6-A8F0-966A201CED7E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{B93997AB-D78E-49CC-B006-B47780469F75}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B9FF7CFA-EA1D-484C-AF9E-A38F522793B9}" = dir=out | name=hp all-in-one printer remote |
"{BB8AB090-66AC-4C41-8064-878266FD410E}" = dir=in | name=evernote touch |
"{BE687F04-363D-4BD2-A96B-9D05946FE752}" = dir=out | name=skype |
"{C27EB2C4-B564-43A3-8169-6252EB93D1BB}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{C2D6AD93-142B-477B-AAB1-E95AE7B930DC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe |
"{C7B780D6-66E1-4434-9F43-655454A3E203}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CA40C3B1-7974-4C37-B29B-96D4052ED6F5}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media_\dmcdaemon.exe |
"{CC000E04-BCC1-4BE9-B09B-1E3242A8AEA6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo_\windowsupnp.exe |
"{CEE489F0-D64B-40A8-AA02-A4F4E759D6E7}" = dir=in | app=c:\program files\soluto\solutoservice.exe |
"{D10CFC8E-3101-4ECD-9050-22247D14396E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{D16B3148-CA03-497F-88A2-B731D10A8CD7}" = dir=out | name=evernote touch |
"{D305CFDA-B43B-4F89-B16D-F981AE1A10BB}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\sdd.exe |
"{D52400D2-15E1-4B97-91CC-FF9372258479}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D730E9D7-3EE8-4000-AAA4-E346E7FA1AE4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media_\dmcdaemon.exe |
"{D81E1C74-90B1-4DE0-B9C7-F3E17D38F34D}" = dir=out | name=icookbook se |
"{D9757A7C-378D-49D0-84F3-A0DFB023FABD}" = dir=in | name=zinio |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E048C0E0-5817-42D0-ABC7-0B8D5E8EB875}" = dir=in | app=c:\users\retired\appdata\local\microsoft\skydrive\skydrive.exe |
"{E7A06C43-60F6-4559-98F4-28203A9137EE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe |
"{EAE5313A-7691-42AA-95CA-AA5C65AA1FD7}" = protocol=1 | dir=in | [email protected],-28543 |
"{EB704AC9-6281-428A-A412-166192400BC9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB99E318-7823-414B-8DF5-4CE524595F86}" = dir=in | app=c:\program files\hp\hp envy 7640 series\bin\hpnetworkcommunicatorcom.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EDCC28AE-E907-4EDB-95DD-627122104F52}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe |
"{EF8BD9BB-5F84-4822-93E3-6930BECCE933}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe |
"{F3969A4B-57DD-497A-8102-57CD128C00D9}" = dir=in | app=c:\program files\hp\hp envy 7640 series\bin\sendafax.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F76AD43D-811B-4390-B550-CE8CEF13E38E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo_\dmcdaemon.exe |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F8BEE075-E858-4667-87BE-731676350307}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media_\windowsupnpmv.exe |
"{FBE4E037-58A0-4B03-8DC2-BC07313C61B9}" = protocol=1 | dir=out | [email protected],-28544 |
"{FBF99D2D-0267-4C0F-A5C0-CFBDCE29C571}" = protocol=6 | dir=in | app=c:\program files (x86)\smartview2\smart view 2.0.exe |
"{FD6B7591-E756-47D3-A3D3-3FC5F06F2BE2}" = dir=out | name=newsxpresso |
"{FE5C67AE-A0EF-4764-8542-1E7A9B85179C}" = dir=out | name=didlr |
"TCP Query User{46D000E9-8F0E-41EB-AA2E-56B059AE6FD2}C:\users\retired\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\retired\appdata\local\directv player\ndspcshowserver.exe |
"TCP Query User{FA5E86F6-191D-4E71-BF88-18DD4839375C}C:\users\retired\appdata\local\directv player\ndspcshowserver.exe" = protocol=6 | dir=in | app=c:\users\retired\appdata\local\directv player\ndspcshowserver.exe |
"UDP Query User{410F9EDD-D0CC-499E-B4CB-5BFCB00EDF8F}C:\users\retired\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\retired\appdata\local\directv player\ndspcshowserver.exe |
"UDP Query User{9C42A03C-F326-46CC-A625-E1B71BD1CD0D}C:\users\retired\appdata\local\directv player\ndspcshowserver.exe" = protocol=17 | dir=in | app=c:\users\retired\appdata\local\directv player\ndspcshowserver.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{13885028-098C-4799-9B71-27DAC96502D5}" = Acer Remote Files
"{176E2755-0A17-42C6-88E2-192AB2131278}" = Intel(R) Trusted Execution Engine
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{24BF3898-2667-4645-9448-8C6765B801A5}" = HP ENVY 7640 series Basic Device Software
"{3685B5E8-A0A8-494B-B035-B221547A4B63}" = Intel(R) Trusted Execution Engine Driver
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{791A06E2-340F-43B0-8FAB-62D151339362}" = HP Officejet Pro 8600 Basic Device Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{BCCACFE6-91A0-4F32-80A0-ADC0CA048C7B}" = Intel(R) Trusted Execution Engine
"{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}" = Acer Launch Manager
"{C1FA525F-D701-4B31-9D32-504FC0CF0B98}" = Acer Quick Access
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Elantech" = ETDWare PS/2-X64 11.6.24.203_WHQL
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"O365HomePremRetail - en-us" = Microsoft Office 365 - en-us
"TeraCopy_is1" = TeraCopy 2.3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C2D443-43D9-4550-ABEA-318288E23E57}" = Quicken 2015
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WLAN and Bluetooth Client Installation Program
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1" = Foxit Cloud
"{437f5443-c052-432c-b1e7-abd9bc5cabdb}" = DIRECTV Player
"{5845A5C9-AA03-4D91-9793-1A2563CE0129}" = HP ENVY 7640 series Help
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{72199E33-4F2A-4B7F-8E25-95DDDD50A678}" = Acer System Information
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{91589413-6675-4C27-8AFC-EFB9103B90A5}" = eBay Worldwide
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = Acer Portal
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = Acer Photo
"{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}" = HPDiagnosticAlert
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = Acer Docs
"{DCBF3379-246B-47E1-8173-639B63940838}" = Acer Docs Office AddIn
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = Acer Media
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}" = Smart View 2.0
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Avast" = Avast Free Antivirus
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.1.8.1057
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox 39.0 (x86 en-US)" = Mozilla Firefox 39.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.95
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WTA-098caa41-be4e-4161-8a2b-56de3b5d50e0" = Aloha TriPeaks
"WTA-20b0c29f-3978-4247-ab50-e36490a78aac" = Trinklit Supreme
"WTA-34705c7a-b964-405e-a8a6-88a29cf72377" = Peggle Nights
"WTA-40d2c2a3-dccf-48a0-81e7-fe439dc4d767" = Governor of Poker 2 Premium Edition
"WTA-7787ea8b-3471-4c9e-b626-3514f767314b" = Magic Academy
"WTA-8f1f12dc-3ea8-44df-a31e-909bf6a4b660" = The Chronicles of Emerland Solitaire
"WTA-a47b8aa3-c439-41b0-9675-94fb3a6cf8d3" = Plants vs. Zombies - Game of the Year
"WTA-bd62773c-a0e9-46ed-8b93-4ba3fca493a3" = Cradle Of Egypt Collector's Edition
"WTA-f3bed538-0eaf-48d5-9b32-0ced16de351d" = Luxor Evolved
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/24/2015 1:43:06 PM | Computer Name = Sadie | Source = Google Update | ID = 20
Description =
Error - 8/26/2015 7:11:32 AM | Computer Name = Sadie | Source = Desktop Window Manager | ID = 9020
Description = The Desktop Window Manager has encountered a fatal error (0x8898008d)
Error - 8/26/2015 7:43:05 PM | Computer Name = Sadie | Source = Google Update | ID = 20
Description =
Error - 9/1/2015 11:17:07 AM | Computer Name = Sadie | Source = Application Error | ID = 1000
Description = Faulting application name: delegate_execute.exe, version: 44.0.2403.157,
time stamp: 0x55d2960d Faulting module name: delegate_execute.exe, version: 44.0.2403.157,
time stamp: 0x55d2960d Exception code: 0xc0000005 Fault offset: 0x0002bbd3 Faulting
process id: 0x1694 Faulting application start time: 0x01d0e4c9260ec248 Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe
Faulting
module path: C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe
Report
Id: 81732390-50bc-11e5-82dc-201a06dca4f0 Faulting package full name: Faulting package-relative
application ID:
Error - 9/8/2015 1:43:05 PM | Computer Name = Sadie | Source = Google Update | ID = 20
Description =
Error - 9/10/2015 1:01:25 PM | Computer Name = Sadie | Source = Chrome | ID = 1
Description =
Error - 9/17/2015 7:24:22 AM | Computer Name = Sadie | Source = Application Hang | ID = 1002
Description = The program avastui.exe version 10.3.2225.1181 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1340 Start
Time: 01d0f139b25f8ce3 Termination Time: 60000 Application Path: C:\Program Files\AVAST
Software\Avast\avastui.exe Report Id: 61e37a9d-5d2e-11e5-82df-201a06dca4f0 Faulting
package full name: Faulting package-relative application ID:
Error - 9/18/2015 7:44:33 AM | Computer Name = Sadie | Source = Application Error | ID = 1000
Description = Faulting application name: OfficeClickToRun.exe, version: 15.0.4753.1000,
time stamp: 0x55a4b8ad Faulting module name: netprofm.dll_unloaded, version: 6.3.9600.17415,
time stamp: 0x5450411d Exception code: 0xc0000005 Fault offset: 0x0000000000002656
Faulting
process id: 0x638 Faulting application start time: 0x01d0f206fb71b7a5 Faulting application
path: C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe Faulting
module path: netprofm.dll Report Id: a089181b-5dfa-11e5-82e0-201a06dca4f0 Faulting
package full name: Faulting package-relative application ID:
Error - 9/18/2015 7:51:28 AM | Computer Name = Sadie | Source = Windows Search Service | ID = 3602
Description =
Error - 9/18/2015 7:51:29 AM | Computer Name = Sadie | Source = Windows Search Service | ID = 7042
Description =
[ System Events ]
Error - 3/1/2015 11:30:17 AM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/1/2015 11:30:47 AM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/2/2015 12:18:59 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/2/2015 12:19:29 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/3/2015 12:22:04 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/4/2015 1:37:21 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/4/2015 1:37:51 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/4/2015 1:42:17 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/4/2015 1:42:47 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
Error - 3/5/2015 1:50:58 PM | Computer Name = Sadie | Source = DCOM | ID = 10010
Description =
< End of report >
