No internet from taskbar

[novicegeek]

Slight problem; our computer has Windows 10, out of the blue, when we'd click on an icon for IE or Chrome in the taskbar, nothing would happen. Well, the wheel would spin, but then nothing. When I checked the task manager, IE and Chrome would be there showing as a process running, but no window would open.

In addition, I noticed that when I pulled up the command prompt, the window would pop up, but the cursor didn't flash and I could type nothing in.

We can type in "google" and that Corona woman would pull up a "trusted windows store ap", and that's how I'm entering this now, but the regular IE or Chrome from the taskbar won't open a window.

I've ran an antivirus scan (nothing) and Malwarebytes (found 35 things, all quarantined), but it still won't work.

Any suggestions? For right now, I guess I'll just mow the yard.

Thanks.

 

[johnb35]

If Malwarebytes found 35 things then can assume you aren't clean yet.

Run the following skipping step 3 and post the logs.

1.

Please download AdwCleaner by Xplode onto your Desktop.



•Please close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Scan.
•After the scan you will need to click on clean for it to delete the adware.
•Your computer will be rebooted automatically. A text file will open after the restart.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

2.

Please download Junkware Removal Tool to your desktop.

•Shutdown your antivirus to avoid any conflicts.
•Very important that you run the tool in this manner:
Right-mouse click JRT.exe and select Run as administrator
Do NOT just double-click it.
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Post the contents of JRT.txt in your next message.

3.

Please download Malwarebytes' Anti-Malware and save it to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to
  • Update Malwarebytes' Anti-Malware
  • and Launch Malwarebytes' Anti-Malware
• then click Finish.
• If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
• Once the program has loaded, select Perform quick scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.

Please post the log that Malwarebytes displays on your screen.

4.

Download OTL to your Desktop


•Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
•Click on Minimal Output at the top
•Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
◦When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Just post the OTL.txt file in your reply.

Then post the logs from the following 4 programs.

1. Adwcleaner
2. Junkware removal tool
3. Malwarebytes
4. OTL

 

[novicegeek]

Johnb35, thank you for the reply. Under normal circumstances, I think this would reap some answers (I actually found out about Malwarebytes from you, and I should have downloaded the other programs then, as well). But, herein lies part of the problem. You see, since I can't get into either IE or Chrome, the link for AdwCleaner takes me to some IE Windows 10 ap, which doesn't work either. I just get a blue screen with the IE logo - nothing more. So, I can't download it.

A little update: I also can't access the internet in safe mode with networking either - and the yard is finally done. I tried to enter safe mode with command prompt, and ping Google and the internet provider, but I figure that I couldn't do that in safe mode since it didn't work. Since I've already downloaded Malwarebytes, a long time ago, I can run it again and post the log, and I'll do that.

In the meantime, any other suggestions?

Thanks again.

 

[johnb35]

How long has it been doing this? Can you do a system restore back to when it was working fine?

 

[novicegeek]

It just started yesterday, and actually did a system restore then, back to the 17th - no luck. Also, another clue: when I pull up Internet Properties, under the Programs tab, under the section of how you open a link, it says "Always in Internet Explorer on the desktop", and it's grayed out, as well as the checkbox below it (which is checked), so I can't change it.

By the way, below is the log from Malwarebytes. I actually removed the 35 items from quarantine, and ran it again to get a log. This time, it showed something like 185 items. I hope it helps. The first time I ran it, only the PUP. files came up.

Thanks again.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/20/2016
Scan Time: 3:38 PM
Logfile: malwarebytes 8-20-16.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.08.20.06
Rootkit Database: v2016.08.15.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Amy

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 379157
Time Elapsed: 43 min, 48 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 37
PUP.Optional.TidyNetwork, HKLM\SOFTWARE\CLASSES\CLSID\{726B2EC4-682B-3137-F855-AE5EBD51542E}, , [ff57ed60455563d3299cb581bc44bb45],
PUP.Optional.TidyNetwork, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GamesAppIntegrationService, , [ff57ed60455563d3299cb581bc44bb45],
PUP.Optional.TidyNetwork, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{726B2EC4-682B-3137-F855-AE5EBD51542E}, , [ff57ed60455563d3299cb581bc44bb45],
PUP.Optional.TidyNetwork, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{726B2EC4-682B-3137-F855-AE5EBD51542E}, , [ff57ed60455563d3299cb581bc44bb45],
PUP.Optional.TidyNetwork, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{726B2EC4-682B-3137-F855-AE5EBD51542E}, , [ff57ed60455563d3299cb581bc44bb45],
PUP.Optional.TidyNetwork, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{726B2EC4-682B-3137-F855-AE5EBD51542E}, , [ff57ed60455563d3299cb581bc44bb45],
PUP.Optional.TidyNetwork, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{726B2EC4-682B-3137-F855-AE5EBD51542E}, , [ff57ed60455563d3299cb581bc44bb45],
PUP.Optional.TidyNetwork, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{726B2EC4-682B-3137-F855-AE5EBD51542E}, , [ff57ed60455563d3299cb581bc44bb45],
PUP.Optional.TidyNetwork, HKLM\SOFTWARE\CLASSES\CLSID\{726B2EC4-682B-3137-F855-AE5EBD51542E}\INPROCSERVER32, , [ff57ed60455563d3299cb581bc44bb45],
PUP.Optional.MyWordTool, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{45470599-8237-486D-87B5-E89CD6AED154}, , [f660153898020c2a8bab4e447b874eb2],
PUP.Optional.MyWordTool, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{45470599-8237-486D-87B5-E89CD6AED154}, , [f660153898020c2a8bab4e447b874eb2],
PUP.Optional.MyWordTool, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{45470599-8237-486D-87B5-E89CD6AED154}, , [f660153898020c2a8bab4e447b874eb2],
PUP.Optional.MyWordTool, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{45470599-8237-486D-87B5-E89CD6AED154}, , [f660153898020c2a8bab4e447b874eb2],
PUP.Optional.MyWordTool, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{45470599-8237-486D-87B5-E89CD6AED154}, , [f660153898020c2a8bab4e447b874eb2],
Adware.Bundler, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ViStart, , [d97d321bbfdb0e28cee845d4e2228f71],
PUP.Optional.RocketTab, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RocketTab, , [03538fbee8b21a1c6315ec5eec14b24e],
PUP.Optional.TidyNetwork, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TidyNetwork, , [f46218350d8d1224856c1518e41d28d8],
PUP.Optional.MyWordTool, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MyWordTool, , [e472aba28c0e1a1cb68d6548cb38b749],
PUP.Optional.MalwareProtection, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MalwareProtectionLive, , [3c1a15383e5c51e56dcc3e85956e45bb],
PUP.Optional.ProPCCleaner, HKLM\SOFTWARE\MICROSOFT\TRACING\ProPCCleaner_RASAPI32, , [7fd729241288ee48dc23bbf558abc838],
PUP.Optional.ProPCCleaner, HKLM\SOFTWARE\MICROSOFT\TRACING\ProPCCleaner_RASMANCS, , [0f47cc819307023402fd37798380cc34],
PUP.Optional.GeniusBox, HKLM\SOFTWARE\WOW6432NODE\GeniusBox, , [f066a6a7039770c69c37307356ad1fe1],
PUP.Optional.MyWordTool, HKLM\SOFTWARE\WOW6432NODE\MyWordTool, , [391db895d2c876c0df671b92778cb54b],
PUP.Optional.RocketTab.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\RocketTab, , [94c2212c792188aec07a4b99d72bfe02],
PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [2d29da733c5ed363c87af4c3768d5ba5],
PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, , [78de0d40fc9ee056ac976b4c4db641bf],
PUP.Optional.ProPCCleaner, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{23497AFC-382C-417E-AC1F-42D98A5A8ADA}, , [5df92924edad8aac1de78a27f40f8878],
PUP.Optional.ProPCCleaner, HKLM\SOFTWARE\WOW6432NODE\Rainmaker Software Group LLC. \Pro PC Cleaner, , [78decb82ecae93a3ed1ab0017b88ec14],
PUP.Optional.MyWordTool, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\MyWordTool, , [084e004d168458defd486b424fb4a55b],
PUP.Optional.ProPCCleaner, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\ProPCCleanerLanguage, , [6de950fdb6e41a1cc13a2e827d8601ff],
PUP.Optional.RocketTab.PrxySvrRST, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\RocketTabInstalled, , [193d61ecd7c356e0a596a0444ab86d93],
PUP.Optional.TidyNetwork, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\TidyNetwork, , [342265e89efc02347b5671477d8638c8],
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [acaa1c31128862d4d26c684f52b1dc24],
PUP.Optional.TidyNetwork, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\APPDATALOW\SOFTWARE\TidyNetwork, , [16401a330b8f53e30ebcf0c88c779f61],
PUP.Optional.Spigot, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{20EE3931-D40D-40F7-A194-245DC6AF86C1}, , [292d99b43b5feb4b95bdc9edff0433cd],
PUP.Optional.ProPCCleaner, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\Rainmaker Software Group LLC. \Pro PC Cleaner, , [d1855eef6b2fab8b04f9fab6f50e6a96],
PUP.Optional.RocketTab.PrxySvrRST, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\SEARCH EXTENSIONS, , [ec6a7cd1cbcf4aec3218e3a849ba26da],

Registry Values: 5
PUP.Optional.MalwareProtection, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MalwareProtectionLive, C:\Users\Amy\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe, , [084e5feee1b976c0d764c0829a67a15f]
PUP.Optional.Extensions, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GENIUSBOX|Publisher, GeniusBox 2.0, , [afa7d17cd5c5c472fad2633ece351ae6]
PUP.Optional.ProPCCleaner, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{23497AFC-382C-417E-AC1F-42D98A5A8ADA}|DisplayName, Pro PC Cleaner, , [5df92924edad8aac1de78a27f40f8878]
PUP.Optional.Spigot, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{20EE3931-D40D-40F7-A194-245DC6AF86C1}|URL, https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}, , [292d99b43b5feb4b95bdc9edff0433cd]
PUP.Optional.RocketTab.PrxySvrRST, HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\SOFTWARE\SEARCH EXTENSIONS|RocketTab, 1, , [ec6a7cd1cbcf4aec3218e3a849ba26da]

Registry Data: 0
(No malicious items detected)

Folders: 52
PUP.Optional.MyWordTool, C:\Users\Amy\AppData\Roaming\MyWordTool, , [e472aba28c0e1a1cb68d6548cb38b749],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\ar, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\bs-Cyrl-BA, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\bs-Latn-BA, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\da, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\de, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\es, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\fil-PH, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\fr, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\he, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\hr-HR, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\it, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\ja, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\nl, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\no, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\se-FI, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\sr-Cyrl-RS, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\sr-Latn-RS, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\sv, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\th-TH, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\tr-TR, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro PC Cleaner, , [e6703f0e5a40a78fba3af7b9d62d43bd],
PUP.Optional.ProPCCleaner, C:\Windows\Installer\{23497AFC-382C-417E-AC1F-42D98A5A8ADA}, , [9cba0b429901f541579f2a86ed167e82],
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions, , [4a0c60ed455556e0a6d4a60d20e3f10f],
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions\Resources, , [4a0c60ed455556e0a6d4a60d20e3f10f],
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Local\MalwareProtectionLive, , [3c1a15383e5c51e56dcc3e85956e45bb],
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Local\MalwareProtectionLive\quarantine, , [3c1a15383e5c51e56dcc3e85956e45bb],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\ar, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\bs-Cyrl-BA, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\bs-Latn-BA, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\da, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\de, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\es, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\fil-PH, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\fr, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\he, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\hr-HR, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\it, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\ja, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\nl, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\no, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\se-FI, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\sr-Cyrl-RS, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\sr-Latn-RS, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\sv, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\th-TH, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\tr-TR, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\Documents\ProPCCleaner, , [6beb68e51d7d93a367af546757abf10f],

Files: 170
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe, , [084e5feee1b976c0d764c0829a67a15f],
PUP.Optional.TidyNetwork, C:\Program Files (x86)\TidyNetwork\petn64.dll, , [ff57ed60455563d3299cb581bc44bb45],
PUP.Optional.TidyNetwork, C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe, , [ff57ed60455563d3299cb581bc44bb45],
PUP.Optional.TidyNetwork, C:\Program Files (x86)\TidyNetwork\petn.dll, , [ff57ed60455563d3299cb581bc44bb45],
PUP.Optional.MyWordTool, C:\Users\Amy\AppData\Roaming\MyWordTool\temp.dat, , [f660153898020c2a8bab4e447b874eb2],
PUP.Optional.Spigot, C:\ProgramData\YTD Video Downloader\ytd_installer.exe, , [d08686c7455556e00cb466646f9142be],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\ProPCCleaner.exe, , [b89ea7a6d5c55fd765be86a77d841be5],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\updater.exe, , [46104ffe207a50e6879cf439976ad52b],
Adware.Bundler, C:\Users\Amy\AppData\Roaming\ViStart\KillMe.exe, , [d97d321bbfdb0e28cee845d4e2228f71],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe, , [60f62b222f6b6dc945de87a69869857b],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\updater.exe, , [b99d6fde900a25112ff4092441c044bc],
PUP.Optional.RocketTab, C:\Program Files (x86)\Search Extensions\Client.exe, , [3f178bc2d5c572c4dc9c4a0022dede22],
PUP.Optional.RocketTab, C:\Program Files (x86)\Search Extensions\uninstall.exe, , [03538fbee8b21a1c6315ec5eec14b24e],
PUP.Optional.Spigot, C:\Users\Amy\AppData\Local\Temp\~sp672D.tmp, , [e5714c01c7d3b87e44186e28b64e11ef],
PUP.Optional.Spigot, C:\Users\Amy\AppData\Local\Temp\nsp6763.tmp\NSISPluginW.dll, , [2f27a7a697035bdbfb610c8a17ede51b],
PUP.Optional.Spigot, C:\Users\Amy\AppData\Local\Temp\nsv3D25.tmp\NSISPluginW.dll, , [1f37b994702acc6a3d1f8d092fd56c94],
PUP.Optional.Spigot, C:\Users\Amy\AppData\Local\Temp\nszA823.tmp\NSISPluginW.dll, , [1e382627039783b31d3fc5d145bff10f],
PUP.Optional.InstallMonetizer, C:\Users\Amy\AppData\Local\Temp\ViStart\LS_InstallManager.exe, , [dd79ba9352483501160fdc50e819d030],
PUP.Optional.InstallCore, C:\Users\Amy\Downloads\install.exe, , [094d27262773a4921141e5b22fd5639d],
Adware.Bundler, C:\Users\Amy\Downloads\windows-start-menu-vistart.exe, , [b1a50c417525d85e962044d55fa5a45c],
PUP.Optional.TidyNetwork, C:\Users\Amy\AppData\Local\TidyNetwork\TidyNetwork.exe, , [f46218350d8d1224856c1518e41d28d8],
PUP.Optional.RocketTab.PrxySvrRST, C:\Windows\System32\Tasks\RocketTab, , [1c3ad37afaa0181e85b8e7fd06fcf907],
PUP.Optional.RocketTab.PrxySvrRST, C:\Windows\System32\Tasks\RocketTab Update Task, , [e27470dd3c5ee551a8955292986a7b85],
PUP.Optional.GeniusBox, C:\Windows\System32\Tasks\GeniusBox, , [a3b38dc04753cd69507fb6ed15ee9f61],
PUP.Optional.MyWordTool, C:\Users\Amy\AppData\Roaming\MyWordTool\.build, , [e472aba28c0e1a1cb68d6548cb38b749],
PUP.Optional.MyWordTool, C:\Users\Amy\AppData\Roaming\MyWordTool\.user, , [e472aba28c0e1a1cb68d6548cb38b749],
PUP.Optional.MyWordTool, C:\Users\Amy\AppData\Roaming\MyWordTool\uninst.exe, , [e472aba28c0e1a1cb68d6548cb38b749],
PUP.Optional.ProPCCleaner, C:\Users\Public\Desktop\Pro PC Cleaner.lnk, , [da7cf5583268d5619d55b7f954af768a],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\updater.ini, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\Microsoft.Deployment.WindowsInstaller.xml, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\bo.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\ComponentFactory.Krypton.Toolkit.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\Helper.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\InstAct.exe, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\InstAct.exe.config, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\Interop.Shell32.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\Logging.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\Microsoft.Deployment.WindowsInstaller.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\Microsoft.Win32.TaskScheduler.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\Microsoft.Win32.TaskScheduler.xml, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe.config, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\Setup.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\Splash.exe, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\Splash.exe.config, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\Uninst000.CA.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\Uninst000.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\ar\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\ar\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\bs-Cyrl-BA\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\bs-Cyrl-BA\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\bs-Latn-BA\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\bs-Latn-BA\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\da\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\da\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\de\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\de\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\es\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\es\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\fil-PH\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\fil-PH\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\fr\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\fr\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\he\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\he\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\hr-HR\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\hr-HR\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\it\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\it\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\ja\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\ja\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\nl\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\nl\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\no\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\no\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\se-FI\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\se-FI\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\sr-Cyrl-RS\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\sr-Cyrl-RS\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\sr-Latn-RS\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\sr-Latn-RS\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\sv\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\sv\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\th-TH\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\th-TH\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\tr-TR\ProPCCleaner.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\Program Files (x86)\Pro PC Cleaner\tr-TR\Splash.resources.dll, , [2e2861ecbfdbc86e6f846d4307fc1ee2],
PUP.Optional.ProPCCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro PC Cleaner\Pro PC Cleaner.lnk, , [e6703f0e5a40a78fba3af7b9d62d43bd],
PUP.Optional.ProPCCleaner, C:\Windows\System32\Tasks\ProPCCleaner_Start, , [db7b66e7f0aa7cba19dccbe5d92a51af],
PUP.Optional.ProPCCleaner, C:\Windows\Installer\{23497AFC-382C-417E-AC1F-42D98A5A8ADA}\Pro_PC_Cleaner_Icon.exe, , [9cba0b429901f541579f2a86ed167e82],
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions\TrustedRoot.cer, , [4a0c60ed455556e0a6d4a60d20e3f10f],
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions\certmanager.exe, , [4a0c60ed455556e0a6d4a60d20e3f10f],
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions\makecert.exe, , [4a0c60ed455556e0a6d4a60d20e3f10f],
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions\Resources\certutil.exe, , [4a0c60ed455556e0a6d4a60d20e3f10f],
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions\Resources\libnspr4.dll, , [4a0c60ed455556e0a6d4a60d20e3f10f],
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions\Resources\libplc4.dll, , [4a0c60ed455556e0a6d4a60d20e3f10f],
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions\Resources\libplds4.dll, , [4a0c60ed455556e0a6d4a60d20e3f10f],
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions\Resources\nss3.dll, , [4a0c60ed455556e0a6d4a60d20e3f10f],
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions\Resources\smime3.dll, , [4a0c60ed455556e0a6d4a60d20e3f10f],
PUP.Optional.SearchExtensions, C:\Program Files (x86)\Search Extensions\Resources\softokn3.dll, , [4a0c60ed455556e0a6d4a60d20e3f10f],
PUP.Optional.TidyNetwork, C:\Windows\System32\Tasks\TidyNetwork Update, , [57ff76d7fd9d89ad07c1e1d747bc6e92],
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe.config, , [3c1a15383e5c51e56dcc3e85956e45bb],
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Local\MalwareProtectionLive\certificates, , [3c1a15383e5c51e56dcc3e85956e45bb],
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Local\MalwareProtectionLive\certificates_filter, , [3c1a15383e5c51e56dcc3e85956e45bb],
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Local\MalwareProtectionLive\DotNetCheck.exe, , [3c1a15383e5c51e56dcc3e85956e45bb],
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Local\MalwareProtectionLive\DotNetCheck.exe.config, , [3c1a15383e5c51e56dcc3e85956e45bb],
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Local\MalwareProtectionLive\extensions, , [3c1a15383e5c51e56dcc3e85956e45bb],
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Local\MalwareProtectionLive\extensions_filter, , [3c1a15383e5c51e56dcc3e85956e45bb],
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Local\MalwareProtectionLive\uninstall.exe, , [3c1a15383e5c51e56dcc3e85956e45bb],
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Local\MalwareProtectionLive\userinfo.dat, , [3c1a15383e5c51e56dcc3e85956e45bb],
PUP.Optional.MalwareProtection, C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk, , [6bebf35a148695a11129566d54af42be],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\bo.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\ComponentFactory.Krypton.Toolkit.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Helper.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\InstAct.exe, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\InstAct.exe.config, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Interop.Shell32.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Logging.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Microsoft.Deployment.WindowsInstaller.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Microsoft.Deployment.WindowsInstaller.xml, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Microsoft.Win32.TaskScheduler.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Microsoft.Win32.TaskScheduler.xml, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\ProPCCleaner.exe.config, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\ProPCCleaner.msi, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Setup.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Splash.exe, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Splash.exe.config, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Uninst000.CA.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Uninst000.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\ar\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\ar\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\bs-Cyrl-BA\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\bs-Cyrl-BA\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\bs-Latn-BA\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\bs-Latn-BA\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\da\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\da\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\de\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\de\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\es\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\es\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\fil-PH\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\fil-PH\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\fr\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\fr\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\he\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\he\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\hr-HR\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\hr-HR\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\it\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\it\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\ja\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\ja\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\nl\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\nl\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\no\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\no\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\se-FI\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\se-FI\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\sr-Cyrl-RS\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\sr-Cyrl-RS\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\sr-Latn-RS\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\sr-Latn-RS\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\sv\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\sv\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\th-TH\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\th-TH\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\tr-TR\ProPCCleaner.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\tr-TR\Splash.resources.dll, , [e2741a331c7efd39bb5974478e743fc1],
PUP.Optional.ProPCCleaner, C:\Users\Amy\Documents\ProPCCleaner\log.txt, , [6beb68e51d7d93a367af546757abf10f],
PUP.Optional.ProPCCleaner, C:\Users\Amy\Documents\ProPCCleaner\logerror.txt, , [6beb68e51d7d93a367af546757abf10f],

Physical Sectors: 0
(No malicious items detected)


(end)

 

[johnb35]

Do you have ccleaner installed already on the system? Run it. Can you download adwcleaner and junkware removal tool from another desktop and transfer via usb flash drive?

 

[novicegeek]

Well, no ccleaner installed. I'll have to get another computer, but it's not currently hooked up to the internet, so it doesn't have any current anti-virus on it. I'll see what I can do.

Thanks.

 

[novicegeek]

Well, it took a while, because I had to get a computer from another location, and even then, I had difficulties.

I couldn't run the Junkware Removal Tool, because of that problem I have with DOS (cursor won't blink, can't type anything in box, and I only see part of the cursor). I couldn't run rkill for the same reason. I was able to run Adwarecleaner and OTL. Below are the files from them:

# AdwCleaner v6.000 - Logfile created 21/08/2016 at 11:13:48
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-21.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Amy - AMY
# Running from : E:\AdwCleaner.exe
# Mode: Clean
# Support : https://toolslib.net/forum



***** [ Services ] *****



***** [ Folders ] *****

[-] Folder deleted: C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho
[-] Folder deleted: C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho
[-] Folder deleted: C:\Users\Amy\AppData\Local\Browser Extensions
[-] Folder deleted: C:\Users\Amy\AppData\Local\TidyNetwork
[-] Folder deleted: C:\Users\Amy\AppData\Roaming\download Manager
[-] Folder deleted: C:\Program Files (x86)\GreenTree Applications
[-] Folder deleted: C:\Program Files (x86)\TidyNetwork


***** [ Files ] *****

[-] File deleted: C:\Users\Public\Desktop\YTD Video Downloader.lnk


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****

[-] Task deleted: Check Updates
[-] Task deleted: Validate Installation


***** [ Registry ] *****

[-] Key deleted: HKU\S-1-5-21-1431541898-2865883617-3977144666-1001\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[#] Key deleted on reboot: HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Key deleted: HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GeniusBox
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\directionsace.dl.myway.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dotomi.com
[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [MalwareProtectionLive]


***** [ Web browsers ] *****

[-] [aol.com] [Search Provider] Deleted: aol.com
[-] [ask.com] [Search Provider] Deleted: ask.com
[-] [C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: bopakagnckmlgajfccecajhnimjiiedh
[-] [aol.com] [Search Provider] Deleted: aol.com
[-] [ask.com] [Search Provider] Deleted: ask.com


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3632 Bytes] - [21/08/2016 11:13:48]
C:\AdwCleaner\AdwCleaner[R0].txt - [2733 Bytes] - [27/10/2014 11:42:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [2933 Bytes] - [27/10/2014 11:45:27]
C:\AdwCleaner\AdwCleaner[S1].txt - [4067 Bytes] - [21/08/2016 11:11:32]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3924 Bytes] ##########

And from OTL:

OTL Extras logfile created on: 8/21/2016 11:56:37 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.80 Gb Total Physical Memory | 3.62 Gb Available Physical Memory | 62.46% Memory free
8.18 Gb Paging File | 5.76 Gb Available in Paging File | 70.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684.17 Gb Total Space | 607.78 Gb Free Space | 88.83% Space Free | Partition Type: NTFS
Drive E: | 14.90 Gb Total Space | 14.86 Gb Free Space | 99.74% Space Free | Partition Type: FAT32

Computer Name: AMY | User Name: Amy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" (FastStone Soft)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" (FastStone Soft)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 0B FC E5 D5 A2 5C D1 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultInboundAction" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{217B0FEC-0E4B-4F3C-B9C7-860FE2468EB5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2D750E25-0389-408F-9A2B-5617FCA4BD55}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{3F5E3382-E5CE-49C7-9ADB-6DE8E38AE546}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4F18974D-234D-49BB-9780-E051F5E07C1E}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{879B5F1D-3188-4339-A64D-CEF9793EE42F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9CAAF28E-201B-4069-862F-FFC3B2DD5D2F}" = rport=2869 | protocol=6 | dir=out | app=system |
"{A04073D8-086B-49D5-B08E-DD845952FBB2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{AAC8F335-2960-4166-91CC-E36BFDCC9AF8}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CE2DA83D-91B0-4AD9-AEF1-2E05472EAD04}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ED917277-A7C0-4130-B0D5-1CBD02B79A34}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EED65F9F-DCFD-4B61-B0E2-03CBA7348834}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0020C4BB-85F4-4131-A04F-0F42423396C3}" = dir=out | name=flixster |
"{020BDD4A-02E1-47D0-B639-89E2B4532B72}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{0238B6A8-5074-46CA-B114-C81832DA068D}" = dir=out | name=fxnow |
"{0473FA86-EB29-43B7-9E23-8015F2C0AD31}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{04B70752-AFE5-44F7-9C4B-BFCE280EA2E6}" = dir=out | name=- games app - |
"{0542BC76-C7E8-4CF0-932C-78710393A127}" = dir=out | name=iheartradio |
"{05898C99-7DBC-4B91-98E9-F143E15CC96E}" = dir=out | name=fitbit |
"{058D8DB1-0270-4659-8AC0-D464A2734FCA}" = dir=in | name=sonicwall mobile connect |
"{07BFBD44-83EB-4E0B-9865-C8CB9064DDE9}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{07DA3434-1D51-422A-91D3-0A451F3F8A6D}" = dir=out | name=juniper networks junos pulse |
"{088F4314-A049-4809-9ECF-DB78AF181E7B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{0A0F30CA-CC2D-4866-9480-4096D5420CA1}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{0CB54952-A233-4691-8F45-DEC4383D01E6}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{0CE703F2-B112-4E63-8DB2-7D5904CF90F9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{0CF1D85B-4B82-4BE0-8A38-7CA958036C83}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{0EFE7B42-AFA0-4797-BA6D-6C2856E97E27}" = dir=out | name=microsoft mahjong |
"{0FCE3AA2-3F77-4721-95C4-89999E0C4BEA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo_\windowsupnp.exe |
"{101B1262-91AE-40E7-AC55-BE1B43A9F7F5}" = dir=in | name=@{microsoft.bingfinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{10DF5E51-2E27-4AAF-8C02-BBB255487F0B}" = dir=in | name=sonicwall mobile connect |
"{12BCDCD4-3F80-4BCD-AF1C-5AFA672091C2}" = dir=out | name=icookbook se |
"{1381D63C-5BD3-4AEF-BF60-D48A4B331CA8}" = dir=out | name=sonicwall mobile connect |
"{13CA8583-B3F0-4C1D-B2AF-E355CB2E3452}" = dir=out | name=hulu |
"{176340EA-7EDF-4849-959D-C8966700D6FB}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{178C1E17-5ECE-4B41-B559-3573770F9320}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{178ECC46-08AA-4506-859D-6CA965C00ACD}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{17B6EF9A-F950-4265-9383-624133DAE530}" = dir=in | name=f5 vpn |
"{18296260-3453-42C1-8564-6A6E6C2474FF}" = dir=out | name=evernote touch |
"{186406F5-4190-4DE9-BE62-495D49F9EE74}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{19D88C21-0621-41E4-9B61-AF9B8D2D681A}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{1A0909A0-A436-4522-A51D-3D41BD67B328}" = dir=out | name=kindle |
"{1BB67CCB-D86B-40A7-99F2-6C66DF0ADD86}" = dir=out | name=@{26720randomsaladgamesllc.simplesolitaire_5.3.0.35_x64__kx24dqmazqk8j?ms-resource://26720randomsaladgamesllc.simplesolitaire/resources/gamename} |
"{1C8F6FF7-8141-486B-B456-90F3E4933773}" = dir=out | name=acer crystal eye |
"{228ABF60-D811-4428-B8D5-01B3EBFE5CB8}" = dir=out | name=windows_ie_ac_001 |
"{22CB151B-3270-4CA9-879F-43A7E35164C1}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{2330E55D-B15A-4CF4-BD89-A77E1A3EDA13}" = dir=out | name=viber - free phone calls & text |
"{2440C9E1-8E7D-46E8-919C-F7AC9E69CFED}" = dir=out | name=@{microsoft.bingsports_4.12.207.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{2518FC80-EE4B-454E-8573-C985272E6BFC}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{26F7F095-EF9E-40F8-B3D5-786DF7936AD3}" = dir=out | name=7digital music store |
"{2959C35C-E329-4982-B558-755C79B4EBC9}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{2B464859-1367-4BAF-AE61-7F0B50A719F4}" = dir=in | app=c:\users\amy\appdata\local\temp\7zs2144\setup\hpznui40.exe |
"{2B868A68-4FF9-4904-A47A-D061D9748CD0}" = dir=in | name=iheartradio |
"{2C1DFFFB-520A-41EA-995B-594E60428E80}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo_\dmcdaemon.exe |
"{2CEE917D-2CDA-49B1-95B5-3154427369F9}" = dir=out | name=check point vpn |
"{2DC63ACC-56A3-47A9-BDFB-E1E9B28BBB0E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo_\dmcdaemon.exe |
"{2ED36B83-F951-4E38-AD13-B7B2167CBAE9}" = dir=out | name=facebook |
"{307411AB-C532-41A2-BA9F-411FD9F7BC0D}" = dir=out | name=shark dash |
"{3192FDD6-D6CC-4CE7-BA07-B4BBBC1A7109}" = dir=out | name=@{d5ea27b7.duolingo-learnlanguagesforfree_2016.423.1.0_x64__yx6k7tf7xvsea?ms-resource://d5ea27b7.duolingo-learnlanguagesforfree/resources/appname} |
"{31BD89FB-C7F3-472B-9029-333F59E30311}" = dir=in | name=onenote |
"{328853B8-1E85-40CF-9338-761DBB8B3CF6}" = dir=out | name=acer explorer |
"{33B8D800-E1F7-416A-BEE8-27A7F605AF3C}" = dir=in | name=xbox |
"{3417B5F3-EE0B-4E61-9E25-7ADBBEFBCA14}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\fileexplorer.exe |
"{34F9131E-F29B-457E-9B7F-25942E3CB70E}" = dir=out | name=onenote |
"{38315AC8-C294-4AF5-8D0F-4FEC395BF195}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{3CD772E3-B560-4B61-A28B-FAAAC4024A8A}" = dir=in | name=check point vpn |
"{3DEF0085-76C6-496E-BD5E-A0BB6F54D891}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{3DF48836-E56A-4E22-BBEE-3B4659E33F60}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{3E74DDD3-0FF1-41E0-A065-30BD91674B47}" = dir=out | name=windows_ie_ac_001 |
"{3F75B662-56B0-4803-B398-3C85620333CA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{425F8EBE-6C81-420A-B3D8-84765582A5B4}" = dir=in | name=check point vpn |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{432FB4E8-8EED-4C42-BB64-4B5AF5C4D719}" = dir=out | name=stumbleupon |
"{43A95717-1BFA-4E95-9B24-DEAE719F5C5C}" = dir=out | name=@{microsoft.windowsphone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{47C20265-D9BA-4FF1-B4FA-9A0CD0D67E66}" = dir=out | name=google |
"{47CC1214-3B42-46CE-BCC8-1D9959BE0A39}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{485A0F7B-73B0-4076-B547-0E7C1E7BCFA5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{48C6E6CF-0B3D-42FB-92D7-275FC4C4E715}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\videoplayer.exe |
"{49821258-1ED3-4F53-9E8B-4B9BA01066A1}" = dir=out | name=@{microsoft.bingfinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{49D6FD6B-337B-498C-BA5B-CB187B419345}" = dir=out | name=candy crush soda saga |
"{4A2351E9-17DF-411F-8BAD-09E5A6B7803C}" = dir=out | name=twitter |
"{4F050441-302B-4463-AC9A-92FDC719984A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{5058ABB8-5558-47B5-BF4E-F0026B8A833B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{50C4C3E8-5779-45F4-A384-BC97F42402DB}" = dir=out | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{53AD90F6-67DE-45B6-A435-51D7BEC3C20B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo_\windowsupnp.exe |
"{53B3792C-49FC-4C19-9228-86C4906B44A9}" = dir=in | name=evernote touch |
"{53C745C2-1D8E-4AA2-B8B2-09B756AD644B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{5543F8AC-9117-4AEF-93F5-967EF87D6E13}" = dir=out | name=sway |
"{5574A040-C495-4F7E-9EFC-BD7FFE0D640A}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{55BF3F42-1F2B-433A-AE85-C20D01EE12AC}" = dir=in | name=juniper networks junos pulse |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{56F75282-BD3C-4D46-B22B-ECBF67301B52}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{57B17BDC-A09A-4405-AA47-81E7E5FC942E}" = dir=out | name=solitaire hd |
"{57DA24ED-31F0-40E1-A1D4-1F5D9E7F5B44}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{58998B32-F0FD-40F8-A2F9-5B0311E25AB2}" = dir=out | name=@{microsoft.windows.photos_16.722.10060.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{5997E525-1729-4793-8EA9-9CF73BE7747E}" = dir=in | name=netflix |
"{5BC7AC2D-F4B9-4409-9BFD-6734AC629C49}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{5D040C1E-ADF9-46E3-8023-215C7E820D41}" = dir=out | name=f5 vpn |
"{5E7153C3-13BA-4CD3-AAFF-3B5E87C57029}" = dir=in | name=hulu |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6012A3DE-2343-4313-B16B-96133C925A26}" = dir=out | name=f5 vpn |
"{6059C792-0649-4BD2-8CED-777EB0609A98}" = dir=out | name=microsoft solitaire collection |
"{61486A4A-9740-4875-A952-D5987E0A4023}" = dir=out | name=@{microsoft.getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{61DF5FBA-4EA2-401A-93B5-BFFEB7D1E36F}" = dir=in | app=%systemroot%\system32\alg.exe |
"{6349D1CD-FEE7-42B1-AE90-1FF9B3413FFD}" = dir=out | name=photo editor |
"{636CC5B9-D842-47DE-AA67-E27EC9A65B00}" = dir=out | name=@{microsoft.windowsmaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{63C8A6A2-1738-4312-95D7-9E9D1F345E65}" = dir=out | name=amazon |
"{64521FBB-1B85-4A5A-82E7-08170A443CB5}" = dir=out | name=pacman pac-man |
"{646F78D0-823E-4B0E-BA5F-F6E7EF930B86}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{6723CF5A-0AFE-4592-8A61-4F0EB95305B4}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\movie\playmovie.exe |
"{68BC9D53-4D3D-4533-8476-609BEC3273BA}" = dir=out | name=@{gameloftsa.unofriends_1.9.1.15_x86__0pp20fcewvvtj?ms-resource://gameloftsa.unofriends/resources/appname} |
"{6AC7CBD3-BB79-4ED1-8EA5-9899042360BE}" = dir=out | name=@{microsoft.3dbuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{6AFD2D6D-E914-43E5-8310-C289600F1C4F}" = dir=out | name=juniper networks junos pulse |
"{6B5A9F26-F244-4BB6-BBAF-F6F8CF96DD2D}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{6B753B25-85F8-4CC4-9D93-BF8B53CBEF1F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{6B8B3927-A94B-4DA9-972A-0F996CF6041C}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{6BE12830-4747-430E-A6AC-A84DDD416C5E}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{6C40261A-FAB6-4067-8D46-5F4E743C1C24}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{6D46043C-094A-4D23-83CE-B7A9FDF8DDC7}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{6D99C622-2AD0-4596-BC3D-B1065A8F76EF}" = dir=out | name=word twist |
"{6DC53AF8-D546-45CA-A16D-ED5938C37415}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media_\windowsupnpmv.exe |
"{7303FDC7-C51C-4DE8-8358-8835291B6CE7}" = dir=out | name=skitch touch |
"{738F05D5-BB19-42BF-A808-5BE15E74E8D4}" = dir=in | name=evernote touch |
"{7476BCF1-53B7-4C08-90DF-4AEEE11D6B1B}" = dir=in | name=f5 vpn |
"{75376478-D1FC-476E-9446-8486696E4F86}" = dir=out | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{76FA9D2F-915E-4821-A1CF-48F044A81D86}" = dir=in | name=pinball fx2 |
"{776E84FA-3D74-466E-AFD9-87768CA27CFC}" = dir=out | name=chacha |
"{78B830C7-F32A-475A-A24B-A2ECE3DB3CBF}" = dir=in | name=box for windows 8 |
"{79EC2097-4EFB-42F5-B673-1BF887B5A527}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{7A4C6B00-0D73-490D-9367-13ECA93D51D1}" = dir=in | name=@{microsoft.windows.photos_16.722.10060.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{7B040041-41FF-4A2B-9AEC-C7EDAAC571F1}" = dir=out | name=encyclopaedia britannica |
"{7C7E41F4-388D-4476-A5C4-58047AA97700}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{83C1DA65-E1C1-46D6-929A-DD688FE009CB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{846FF576-EA20-4F6A-8024-DD9AD09F48E5}" = dir=out | name=@{microsoft.zunevideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{84D8E09F-8B02-44AD-9662-FDDFA53FB475}" = dir=in | name=juniper networks junos pulse |
"{8572363F-1934-4DA7-AF1A-2AD233F337B0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8643F0CE-5BEA-4A39-8B2A-5BADA2036451}" = dir=in | name=juniper networks junos pulse |
"{86BBDC7B-5EEE-4F61-A3A6-45F4ECEE2EF5}" = dir=in | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{86BEAD75-14A7-4686-9FD2-BA787565685B}" = dir=out | name=@{microsoft.bingnews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{8C3BB6FF-2C93-454A-8DA0-B5ED94603DA9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{8C8DBC96-CA5A-4013-B30B-835194C11D6D}" = dir=out | name=social jogger |
"{8F3D7596-057B-4451-B198-C273C44F7808}" = dir=out | name=@{microsoft.bingweather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{90E5EAAC-73F4-429F-BE5D-BE8304E4AB0E}" = dir=in | name=@{microsoft.zunevideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{914B2824-43ED-4FA0-89F8-8304FFCD7C92}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{9222C94C-2808-430D-8345-0E08E0B6CFBF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{941AF5AB-7BA1-4609-91D4-7A4D5430FDFC}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{9533E5AE-F38E-4D4C-A673-71B45C49EE36}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{95447142-D65D-4C91-B171-047BA51D0E69}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\backupmanager.exe |
"{963E7C7F-59BF-475C-B790-F28F565A2657}" = dir=in | name=@{microsoft.bingnews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{975525D2-D56C-43F1-9FEC-ED306DE0EDEE}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{97C7EB87-5FE6-41E7-99C2-18DC0003D883}" = dir=in | name=evernote touch |
"{980687E1-C4D0-47ED-8D6F-1D930F948125}" = dir=in | name=sway |
"{99147492-2A25-4A20-AF86-B65423C47822}" = dir=in | name=sonicwall mobile connect |
"{9A946218-20D5-44AD-8B33-2E468EA9B3D8}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{9B0AACD7-A273-4F79-9D8C-EC152100AAFF}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{9C5C4416-5602-4A14-8A80-AB7052A8C3A1}" = dir=in | name=check point vpn |
"{9CD9A1ED-54E2-4AF6-B7DC-D9C5F4D2A90F}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{9D6F36BE-208D-4DD2-98DA-753666B59E69}" = dir=out | name=xbox |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9FE65786-F6DA-4DD3-96AF-CAC566EC746C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9FF9899C-CEBE-4D20-8C35-DD8B330B61B6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{A0DA88F3-6767-4A8B-8288-C32FD23466B2}" = dir=in | name=tunein radio |
"{A2F494B0-C28D-43C9-9503-A58027B36DBD}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media_\dmcdaemon.exe |
"{A3F8FAE0-D17A-47C6-95A5-242D0FCE4F82}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{A5F080B1-D51A-4ECA-B023-3BFFCA05A7BD}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{A6B10BE8-40A4-4395-B378-64826E1711AA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{A82219A8-1B8B-4216-A76D-A9EE5A765D33}" = dir=in | name=microsoft solitaire collection |
"{A8F7784C-3ED6-4599-8642-119214FBCDE3}" = dir=out | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{AABEA7B1-4F9F-4A61-BB7F-1643791D935C}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{AE6946BA-721C-4A06-BDD0-2B698882247C}" = dir=in | name=@{microsoft.zunemusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{B04F26CA-D4BC-4DDE-B80C-00096B07FA35}" = dir=out | name=check point vpn |
"{B22A2E04-E9FD-4952-B61D-F028058D5382}" = dir=out | name=@{microsoft.people_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{B237BFE0-6EC9-4E69-8FD6-18BE824B1A42}" = protocol=58 | dir=in | [email protected],-148 |
"{B282DAA3-572B-4B60-B195-3200C3F810DA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media_\windowsupnpmv.exe |
"{B3D5B148-B4D5-40B1-8B38-0B5F7020529F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{B5DBB618-FAA0-4BE5-AA13-1DEA0CB69C9C}" = dir=in | name=@{microsoft.bingweather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{B683042A-CEF9-43C8-8CBC-FD82321BC858}" = dir=out | name=watch abc |
"{B692FE29-144B-4E16-B8D3-40EF88594E6C}" = dir=out | name=check point vpn |
"{B87A30B7-A882-4AEF-9C8B-152533BD461B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B9D77C31-5D17-4D9D-991E-19AD2A584EBC}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{BAEB4C58-AB64-4A07-8541-42DAD6EB1983}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{BCFD89DB-7C57-49E2-96AD-FEF05BCB1E19}" = dir=out | name=evernote touch |
"{BD46610E-CF91-4EBF-B951-614A884AE0E4}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{BD63BCA6-EC9E-44AB-A71E-7FEC6A8CF419}" = dir=out | name=netflix |
"{C1245619-7841-453A-AF26-B79F00EB239B}" = dir=in | name=acer explorer |
"{C171CEE7-8C11-43C8-B4AD-A834145B29C6}" = protocol=17 | dir=in | app=c:\users\amy\appdata\local\temp\7zs66b5\hpdiagnosticcoreui.exe |
"{C2508C6A-FF93-4B0E-99B9-4BCA15B10C30}" = dir=out | name=sonicwall mobile connect |
"{C2BB30EE-5014-4340-A52E-C366DE618844}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{C51E732D-AAB3-404D-B7E7-2EAE1360F0DC}" = dir=out | name=diabetes manager |
"{C9612108-3605-4762-958E-6B6793EA285C}" = dir=in | name=@{microsoft.bingsports_4.12.207.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{CE07C9C1-56B7-41CD-A0F4-991231170AEB}" = dir=in | name=microsoft mahjong |
"{CFAD055E-38CD-49B8-A463-A37CBA623EA6}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\musicplayer.exe |
"{D163C07A-C923-481F-839E-F9779810AD49}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{D2B914C9-CEC0-4450-A1E6-4704ED3AD474}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{D587C1CA-FFB0-4279-83DB-322D48A26D96}" = dir=out | name=newsxpresso |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D6D47AC3-4E7D-481E-8FE7-87FBECF4BD56}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{D832B2B5-68B9-47B2-96A9-A1E9108CCDD6}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{D9ACA4E8-B56B-4DA3-BB94-ED665524618B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DF46A671-651B-4193-AD07-504571F494B4}" = dir=in | name=f5 vpn |
"{DF528E88-3B63-4ED9-BA75-86A4786EC267}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{DFFBADF8-3232-4252-80AE-BAFFFDC25A86}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{E03FCA93-CED9-4006-8125-758D2911F353}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{E04BA394-07DB-453A-BAC0-5B1373B86B7B}" = dir=out | name=f5 vpn |
"{E247E776-455A-4AFD-924E-F777BB935290}" = dir=in | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{E35B2F69-98A2-47C8-A221-B2F93084B421}" = dir=out | name=pinball fx2 |
"{E4F07C5F-757A-4A34-9B91-FBFB3577C386}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7E9B47C-E95D-4CB9-AF3F-B8E285DFA0C4}" = dir=out | name=@{microsoft.zunemusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{E96F81D0-830A-4DEB-9E2B-E2C6AE1C4B5C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media_\dmcdaemon.exe |
"{EA7AFF6D-C3E2-460D-B150-EB937BC27FB7}" = dir=in | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{EAD7A9BD-3EC2-4885-AD49-1A3DB4601FFF}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{EC15B48C-B116-4BA3-8919-D73851BC166D}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ECB2B9FD-1A0A-4B7D-81E0-18B0B7FCF4B8}" = dir=out | name=ebay |
"{EDD253FF-EB44-42C6-9A78-2FC57FA9C303}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{EDF2F1C9-36F7-4811-A72F-4F00BD2AB2D3}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{EEEF5035-18D4-4EE2-B1C1-4BB797F9E891}" = dir=in | app=c:\users\amy\appdata\local\microsoft\onedrive\onedrive.exe |
"{F0394979-DAE1-4ACA-8CC8-DFC01AC17675}" = dir=out | name=tunein radio |
"{F1A6E495-0705-4588-90A6-456FF127B866}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{F55EE82C-A144-460A-9AE4-8036336B0903}" = dir=out | name=juniper networks junos pulse |
"{F5B26F3C-4513-4904-B134-A46A42F08576}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{F637CC44-E9D1-4B64-8ECF-6CF51F80C789}" = protocol=6 | dir=in | app=c:\users\amy\appdata\local\temp\7zs66b5\hpdiagnosticcoreui.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6B6819F-CDC3-4B0A-901C-60BA6CB48883}" = dir=out | name=windows_ie_ac_001 |
"{F7188354-4C40-4D37-BE1A-C102556E99A5}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{F76847D5-A48A-47BB-8BCF-32668B5DE1B9}" = dir=out | name=checkers deluxe |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F827195D-17A2-4854-B534-ECA8D61893A0}" = dir=out | name=sonicwall mobile connect |
"{F873A3E8-DB9F-4F62-A327-07D377F11F45}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FA61FBDA-AD47-455B-9D94-E05B5B640175}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{FD0DBAFA-9E56-438A-80E4-5DEC528EC198}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\ischedulesvc.exe |
"{FD6F42A1-0FFB-4F7B-9FC6-1CADD2B6FE67}" = dir=out | name=box for windows 8 |
"TCP Query User{49374F90-1DED-40CE-BB19-58B33590B0C8}C:\program files (x86)\microsoft office\office14\winword.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\winword.exe |
"TCP Query User{F22155D0-5F2C-461E-84AB-AD3025BE8F28}C:\program files (x86)\paltalk messenger\paltalk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\paltalk messenger\paltalk.exe |
"TCP Query User{F9F391E8-EEDF-4816-AAC5-52D2AC78BE29}C:\program files (x86)\paltalk messenger\paltalk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\paltalk messenger\paltalk.exe |
"UDP Query User{371132D5-0C1D-4075-AFDE-60D3EDF1B159}C:\program files (x86)\paltalk messenger\paltalk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\paltalk messenger\paltalk.exe |
"UDP Query User{48964050-7A84-4889-BB9F-CB1C47C41B01}C:\program files (x86)\microsoft office\office14\winword.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\winword.exe |
"UDP Query User{A4880FFF-AE2E-46BB-A9C9-D5696CB81BF7}C:\program files (x86)\paltalk messenger\paltalk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\paltalk messenger\paltalk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}" = Apple Mobile Device Support
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{77DE5105-D05E-448C-96CB-7FA381903753}" = iTunes
"{8215A318-CC27-435E-B3EA-2E3443C8998C}" = Acer Instant Update Service
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{9C57D227-1FE7-4F40-BD49-2BCA7761B083}" = HP Officejet 6500 E709 Series
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B573CC21-AE24-4BC5-9B0B-15CF29A3F982}" = VC12X64Redist
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}" = QuickBooks Runtime Redistributable
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Malwarebytes Anti-Exploit_is1" = Malwarebytes Anti-Exploit version 1.8.1.2572
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"O365ProPlusRetail - en-us" = Microsoft Office 365 ProPlus - en-us
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000000-2778-5BED-8199-52EB14D8D22F}" = F-Secure CCF Reputation
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0E52A52C-E120-461C-AA1B-21B045BEE842}" = bpd_scan
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 5.7.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83218091F0}" = Java 8 Update 91
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WLAN and Bluetooth Client Installation Program
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" = clear.fi SDK- Movie 2
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3D535C93-9786-48D5-9DEF-97353F1CB936}" = HID Monitor
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53BA6504-F1CE-4604-970A-082021D39784}" = F-Secure CCF Scanning 1.51.112.309 (release)
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{604FB1E3-84F2-45E2-AD26-49422B021393}" = QuickBooks
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{658FDBCA-B7A1-43E4-A849-9F0812473331}" = Computer Security 14.121.104.0 (release)
"{65B66361-5AB6-44B0-B48E-F4C6114408E0}" = Charter Security Suite
"{678753E6-E526-4AE5-A144-00240772543A}" = Citrix Online Launcher
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{6FEDAA68-D9C4-4042-BECC-9C2656A7B606}" = 6500_E709n
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8E663D89-A2EA-46B6-AD38-A427A3348309}" = BPDSoftware
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{8FF6231F-D670-4AFD-9512-957515E2E1DF}" = Timex Data Link USB
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{99F67894-9486-413F-94E1-8B12B1606EAB}" = BPDSoftware_Ini
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Backup Manager v4
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA787E05-E835-4812-AA3D-4048C8A46587}" = 6500_E709_eDocs
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-0804-1033-1959-001824191728}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = Acer Photo
"{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}" = HPDiagnosticAlert
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC0F3E35-0AFF-4F11-B33D-F6FC31BD1AA0}" = ProductContext
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = Acer Docs
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D58E14D8-963A-4CCD-852E-065655D45004}" = QuickBooks Premier: Accountant Edition 2015
"{D6D865A5-2703-4B26-A0AA-30B29C0696BC}" = Online Safety 2.115.2786.1676
"{D8027D91-7A19-4E47-969C-30E179D6F547}" = WristApp Installer
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = Acer Media
"{EA9886ED-21F8-4867-A049-CE6817291EE6}" = VC12X86Redist
"{EADB477E-C12F-4008-AFE4-CF7BEAB8A6EF}" = F-Secure SafeSearch 1.03.207.0 (release)
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" = clear.fi SDK - Video 2
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{EFE33E35-9B0B-4CF9-AF8C-CBE93BB8E6FF}" = F-Secure Network CCF 1.03.102
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53B432E-BD19-4400-BFA0-2BBD16410F8F}" = 6500_E709_Help
"{F76678F2-2FF6-40D7-9B16-A39B0A820ED2}" = Fitbit Connect
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"Adobe Flash Player NPAPI" = Adobe Flash Player 22 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.2
"FastStone Image Viewer" = FastStone Image Viewer 5.3
"F-Secure ServiceEnabler 42626" = Charter Security Suite
"Google Chrome" = Google Chrome
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Acer Backup Manager
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"LManager" = Launch Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.2.1.1043
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox 41.0.1 (x86 en-US)" = Mozilla Firefox 41.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Paltalk Messenger" = Paltalk Messenger 11.6
"Spotify" = Spotify
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VLC media player" = VLC media player
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WildTangentGameProvider-acer-main" = Game Channels
"WTA-08602b71-0436-4a6b-ae74-fa3d18711a39" = Jewel Match 3
"WTA-25c99dc8-6928-40d6-9a1f-0868ba2bd3d4" = Polar Bowler
"WTA-2c644fb4-6bbb-4a56-b06b-d89e509ba8c5" = Aloha TriPeaks
"WTA-48a18b18-dfe8-4426-91da-1b18f7324ae2" = Polar Golfer
"WTA-52c97e3c-3fe9-41f8-b048-f8adb132b122" = Zuma's Revenge
"WTA-5a01e247-e1eb-4929-a88c-4849ca92eb97" = Peggle Nights
"WTA-7b418505-76d7-4dd4-9e27-5c5e4bc841bd" = Delicious: Emily's True Love Premium Edition
"WTA-8eac02a8-464c-4f89-8b0c-a389f9480336" = Mystery P.I. - Curious Case of Counterfeit Cove
"WTA-8f4d0d1e-c825-44cf-8b26-edd7b5796a63" = Dora's World Adventure
"WTA-b2d768aa-8c98-4cb3-a9d0-8cf2845bb526" = Agatha Christie - Death on the Nile
"WTA-bc8c20d0-4ff4-458b-b90e-637940967b34" = Cradle Of Egypt Collector's Edition
"WTA-d414d743-4b5e-4a9b-961f-edb1f686e592" = Bejeweled 3
"WTA-d952818d-64c9-4672-8014-523cc3789810" = Penguins!
"WTA-e1b8ed72-60ff-4459-9894-67c8a5d8c868" = Tales of Lagoona
"WTA-e299163f-f512-4d09-b797-e3926e7f8729" = Plants vs. Zombies - Game of the Year

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Amazon Music" = Amazon Music
"c2c9648a374f64d1" = ToneSync for Windows

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/20/2016 10:25:02 PM | Computer Name = Amy | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = Package Fitbit.Fitbit_2.12.656.0_x64__6mqt6hf9g46tw+App was terminated
because it took too long to suspend.

Error - 8/20/2016 10:26:33 PM | Computer Name = Amy | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
for additional information.

Error - 8/21/2016 4:49:22 AM | Computer Name = Amy | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
for additional information.

Error - 8/21/2016 4:55:25 AM | Computer Name = Amy | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
for additional information.

Error - 8/21/2016 9:19:24 AM | Computer Name = Amy | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
for additional information.

Error - 8/21/2016 9:21:49 AM | Computer Name = Amy | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
for additional information.

Error - 8/21/2016 11:22:16 AM | Computer Name = Amy | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = App Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge
did not launch within its allotted time.

Error - 8/21/2016 11:22:24 AM | Computer Name = Amy | Source = Application Hang | ID = 1002
Description = The program MicrosoftEdge.exe version 11.0.10586.306 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Security and Maintenance control panel. Process
ID: 2bfc Start Time: 01d1fbbfad4d5daf Termination Time: 4294967295 Application Path:
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe Report
Id: 0acb58a9-67b3-11e6-bf15-206a8aed668d Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe

Faulting
package-relative application ID: MicrosoftEdge

Error - 8/21/2016 11:22:24 AM | Computer Name = Amy | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log
for additional information.

Error - 8/21/2016 11:37:17 AM | Computer Name = Amy | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log
for additional information.

[ System Events ]
Error - 8/21/2016 11:14:44 AM | Computer Name = Amy | Source = Service Control Manager | ID = 7000
Description = The Malwarebytes Anti-Exploit Service service failed to start due
to the following error: %%109

Error - 8/21/2016 11:15:17 AM | Computer Name = Amy | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.

Error - 8/21/2016 11:16:30 AM | Computer Name = Amy | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error - 8/21/2016 11:16:30 AM | Computer Name = Amy | Source = Service Control Manager | ID = 7000
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service failed
to start due to the following error: %%1053

Error - 8/21/2016 11:19:57 AM | Computer Name = Amy | Source = Service Control Manager | ID = 7022
Description = The Delivery Optimization service hung on starting.

Error - 8/21/2016 11:22:24 AM | Computer Name = Amy | Source = DCOM | ID = 10010
Description =

Error - 8/21/2016 11:37:17 AM | Computer Name = Amy | Source = DCOM | ID = 10010
Description =

Error - 8/21/2016 11:39:15 AM | Computer Name = Amy | Source = DCOM | ID = 10016
Description =

Error - 8/21/2016 11:39:18 AM | Computer Name = Amy | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Definition Update for Windows Defender - KB2267602 (Definition
1.227.302.0).

Error - 8/21/2016 11:51:27 AM | Computer Name = Amy | Source = DCOM | ID = 10016
Description =


< End of report >

Does that tell you anything? Cause it tells me nothing.

Thanks again.

 

[novicegeek]

Okay, I turned the antivirus program off, then booted up in safe mode with command prompt, and then ran the Junkware Removal Tool from there. Here's what it said:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by Amy (Limited) on Sun 08/21/2016 at 13:02:26.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\ProgramData\Start Menu\Programs\ytd video downloader (Folder)
Successfully deleted: C:\ProgramData\ytd video downloader (Folder)
Successfully deleted: C:\WINDOWS\wininit.ini (File)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BF64F006-990F-4CD8-8CFC-F261A9FDE94C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 08/21/2016 at 13:04:22.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I think that's about that.

Please advise.

Thank you.

 

[johnb35]

You posted the wrong OTL log. You posted the Extras log instead of the regular log. Please repost.

 

[novicegeek]

Sorry. Not sure exactly how that happened. How's this?

OTL logfile created on: 8/21/2016 11:56:37 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.80 Gb Total Physical Memory | 3.62 Gb Available Physical Memory | 62.46% Memory free
8.18 Gb Paging File | 5.76 Gb Available in Paging File | 70.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684.17 Gb Total Space | 607.78 Gb Free Space | 88.83% Space Free | Partition Type: NTFS
Drive E: | 14.90 Gb Total Space | 14.86 Gb Free Space | 99.74% Space Free | Partition Type: FAT32

Computer Name: AMY | User Name: Amy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - E:\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Java\jre1.8.0_91\bin\javaws.exe (Oracle Corporation)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle Corporation)
PRC - C:\Users\Amy\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
PRC - C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe ()
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe (Fitbit, Inc.)
PRC - C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Charter Security Suite\fshoster32.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe ()
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
PRC - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe ()
PRC - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Timex\Data Link USB\DataLinkLauncher.exe (Timex Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Users\Amy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll ()
MOD - C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll ()
MOD - C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe ()
MOD - C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll ()
MOD - C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dll ()
MOD - C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\FSGUI\fsavures.eng ()
MOD - C:\Program Files (x86)\Acer Incorporated\HID Monitor\ElanTPAPI.dll ()
MOD - C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe ()
MOD - C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe ()
MOD - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_9e9d2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_8f72bc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_81c348) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_80cf87) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_79eaf) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_69621) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_61872) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_5dafd) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_58927) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_585dc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_50a1e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_4fb679) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_4beda) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_2fd57cd52) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_2f3a70) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_1ccb414) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_164558a2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_9e9d2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_8f72bc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_81c348) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_80cf87) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_79eaf) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_69621) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_61872) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_5dafd) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_58927) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_585dc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_50a1e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_4fb679) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_4beda) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_2fd57cd52) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_2f3a70) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_1ccb414) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_164558a2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_9e9d2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_8f72bc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_81c348) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_80cf87) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_79eaf) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_69621) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_61872) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_5dafd) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_58927) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_585dc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_50a1e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_4fb679) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_4beda) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_2fd57cd52) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_2f3a70) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_1ccb414) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_164558a2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_9e9d2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_8f72bc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_81c348) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_80cf87) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_79eaf) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_69621) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_61872) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_5dafd) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_58927) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_585dc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_50a1e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_4fb679) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_4beda) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_32329) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_2fd57cd52) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_2f3a70) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_1ccb414) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_164558a2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_9e9d2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_8f72bc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_81c348) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_80cf87) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_79eaf) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_69621) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_61872) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_5dafd) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_58927) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_585dc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_50a1e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_4fb679) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_4beda) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_2fd57cd52) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_2f3a70) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_1ccb414) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_164558a2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (DcpSvc) -- C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (igfxCUIService1.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (MbaeSvc) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\lfsvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (FSMA) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Fitbit Connect) -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe (Fitbit, Inc.)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (QBVSS) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe (Intuit Inc.)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (FSORSPClient) -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe (F-Secure Corporation)
SRV - (fshoster) -- C:\Program Files (x86)\Charter Security Suite\fshoster32.exe (F-Secure Corporation)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (RfButtonDriverService) -- C:\Windows\RfBtnSvc64.exe (Dritek System INC.)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Qualcomm Atheros Commnucations)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (CCDMonitorService) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Acer Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. )
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (fsbts) -- C:\Windows\SysNative\drivers\fsbts.sys ()
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (Samsung Electronics Co., Ltd.)
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (Samsung Electronics Co., Ltd.)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (IoQos) -- C:\Windows\SysNative\drivers\ioqos.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (tsusbflt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek )
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (LSI Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (bcmfn) -- C:\Windows\SysNative\drivers\bcmfn.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (RSBASTOR) -- C:\Windows\SysNative\drivers\RtsBaStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (Ps2Kb2Hid) -- C:\Windows\SysNative\drivers\aPs2Kb2Hid.sys (Dritek System Inc.)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
DRV - (ESProtectionDriver) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys ()
DRV - (fsni) -- C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\fsni64.sys (F-Secure Corporation)
DRV - (F-Secure Gatekeeper) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys (F-Secure Corporation)
DRV - (F-Secure HIPS) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys (F-Secure Corporation)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys (Microsoft Corporation)
DRV - (fsvista) -- C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {BF64F006-990F-4CD8-8CFC-F261A9FDE94C}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{BF64F006-990F-4CD8-8CFC-F261A9FDE94C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {BF64F006-990F-4CD8-8CFC-F261A9FDE94C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{BF64F006-990F-4CD8-8CFC-F261A9FDE94C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 44 3B 84 54 77 5E D1 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 1A 00 00 00 BE 25 90 21 E1 D1 C2 26 12 3D B9 07 3C 7F 81 A6 8D 1E 49 3E 78 7F E2 DA 01 70 02 00 00 00 0E 00 00 00 4D 4E 35 46 4F 6E 67 48 4C 49 4D 25 33 64 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:41.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1220162.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2: C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Amy\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES (X86)\CHARTER SECURITY SUITE\APPS\CCF_SCANNING\BIN\BROWSER\INSTALL\FS_FIREFOX_HTTPS\FS_FIREFOX_HTTPS.XPI [2016/07/18 08:39:47 | 000,058,941 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2016/07/18 08:39:47 | 000,058,941 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2015/10/05 22:17:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amy\AppData\Roaming\mozilla\Extensions
[2015/10/05 22:27:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amy\AppData\Roaming\mozilla\Firefox\Profiles\ina9yl0i.default\extensions
[2015/10/05 22:17:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/10/05 22:17:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5216.530.0.13_0\

O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Browsing Protection by F-Secure) - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Reg Error: Value error.) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - Reg Error: Value error. File not found
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O2 - BHO: (Browsing Protection by F-Secure) - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [BtPreLoad] C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe ()
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKLM..\Run: [F-Secure Hoster (42626)] C:\Program Files (x86)\Charter Security Suite\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LManager] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey File not found
O4 - HKCU..\Run: [Amazon Music] C:\Users\Amy\AppData\Local\Amazon Music\Amazon Music Helper.exe ()
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKCU..\Run: [OneDrive] C:\Users\Amy\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [ViStart] C:\Users\Amy\AppData\Roaming\ViStart\ViStart.exe (Lee-Soft.com)
O4 - HKCU..\Run: [ZedgeToneSync] C:\Users\Amy\AppData\Local\Apps\2.0\Data\JYD6KGE7.4ZG\43D16MTY.5VR\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup File not found
O4 - Startup: C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: charter.com ([www.myaccount] https in Trusted sites)
O15 - HKCU\..Trusted Domains: myactivehealth.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: state.nc.us ([mybeacon.its] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{092b2379-6209-422e-99a7-f47e4537a3ec}: DhcpNameServer = 192.11.128.24
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7595f9ee-3572-46c0-b147-5c8f6a92f723}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7595f9ee-3572-46c0-b147-5c8f6a92f723}: NameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\intu-help-qb8 - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\intu-help-qb8 {CD17C364-2EC8-4929-91A9-C4839A20E909} - C:\Program Files (x86)\Intuit\QuickBooks 2015\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:64bit: - LSA: Security Packages - (livessp) - File not found
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2546c8a4-45a2-11e6-bf04-206a8aed668d}\Shell - "" = AutoRun
O33 - MountPoints2\{2546c8a4-45a2-11e6-bf04-206a8aed668d}\Shell\AutoRun\command - "" = "E:\LaunchU3.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2016/08/21 11:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2016/08/21 11:21:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2016/08/21 04:55:44 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\EgisTec
[2016/08/20 17:34:13 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2016/08/19 20:25:39 | 000,000,000 | -H-D | C] -- C:\$SysReset
[2016/07/27 21:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2003/12/10 08:54:08 | 000,188,416 | ---- | C] (Timex Corporation) -- C:\Program Files\WorldTime.dll
[1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\Users\Amy\Documents\*.tmp files -> C:\Users\Amy\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2016/08/21 12:05:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2016/08/21 12:02:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/08/21 11:21:18 | 000,000,867 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/08/21 11:20:12 | 000,879,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/08/21 11:20:12 | 000,744,578 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/08/21 11:20:12 | 000,139,168 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/08/21 11:17:11 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/08/21 11:17:00 | 000,000,910 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2016/08/21 11:15:58 | 000,000,374 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts.ics
[2016/08/21 11:15:07 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/08/21 11:15:06 | 2491,244,544 | -HS- | M] () -- C:\hiberfil.sys
[2016/08/21 11:15:02 | 000,053,284 | ---- | M] () -- C:\WINDOWS\SysNative\wpbbin.exe
[2016/08/20 15:14:13 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2016/08/20 15:13:33 | 000,001,179 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/08/20 14:35:33 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2016/08/18 23:48:02 | 000,000,016 | ---- | M] () -- C:\InjectIntoProcess crash
[2016/08/15 20:13:25 | 000,411,800 | ---- | M] () -- C:\Users\Amy\Desktop\IMG_1077.JPG
[2016/08/15 20:13:06 | 000,459,905 | ---- | M] () -- C:\Users\Amy\Desktop\IMG_1078.JPG
[2016/08/14 17:03:49 | 000,001,066 | ---- | M] () -- C:\Users\Amy\scc.its.state.nc.us.HOD.properties
[2016/08/08 18:07:25 | 000,002,264 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/08/01 16:53:11 | 000,051,631 | ---- | M] () -- C:\Users\Amy\Desktop\13895541_597364030424854_1264735071055557950_n.jpg
[2016/08/01 12:12:12 | 001,743,513 | ---- | M] () -- C:\Users\Amy\Desktop\yuytyrt.png
[1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\Users\Amy\Documents\*.tmp files -> C:\Users\Amy\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2016/08/21 11:21:18 | 000,000,867 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/08/20 13:56:15 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2016/08/15 20:13:24 | 000,411,800 | ---- | C] () -- C:\Users\Amy\Desktop\IMG_1077.JPG
[2016/08/15 20:13:05 | 000,459,905 | ---- | C] () -- C:\Users\Amy\Desktop\IMG_1078.JPG
[2016/08/01 16:53:17 | 000,051,631 | ---- | C] () -- C:\Users\Amy\Desktop\13895541_597364030424854_1264735071055557950_n.jpg
[2016/08/01 12:12:12 | 001,743,513 | ---- | C] () -- C:\Users\Amy\Desktop\yuytyrt.png
[2016/06/04 12:57:48 | 001,862,008 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/06/04 12:55:12 | 000,162,816 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll
[2016/01/31 22:50:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2015/10/30 03:24:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2015/10/30 03:24:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2015/10/30 03:18:39 | 000,164,224 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
[2015/10/30 03:18:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2015/10/30 03:18:36 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/10/30 03:18:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2015/10/30 03:18:31 | 000,252,928 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2015/10/30 03:18:31 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
[2015/10/30 03:18:29 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2015/10/30 03:18:29 | 000,293,376 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2015/10/30 03:18:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
[2015/10/30 03:18:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2015/10/30 03:18:23 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2015/10/30 03:17:40 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2015/09/11 16:48:52 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2015/09/09 18:51:32 | 000,000,127 | ---- | C] () -- C:\Users\Amy\scc.its.state.nc.us.HOD.LOC
[2015/09/09 18:50:48 | 000,001,066 | ---- | C] () -- C:\Users\Amy\scc.its.state.nc.us.HOD.properties
[2015/08/27 19:20:08 | 000,194,560 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2015/08/27 19:20:08 | 000,154,096 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2015/03/17 11:13:38 | 000,667,280 | ---- | C] () -- C:\WINDOWS\SysWow64\tx12.dll
[2015/03/17 11:13:38 | 000,000,530 | ---- | C] () -- C:\WINDOWS\SysWow64\tx12_ic.ini
[2015/03/17 11:13:38 | 000,000,186 | ---- | C] () -- C:\WINDOWS\SysWow64\Gsw32.exe.config
[2015/01/12 09:58:53 | 000,000,000 | ---- | C] () -- C:\Users\Amy\AppData\Local\{EE67F151-7E70-478C-995D-ED37A2BCD5D4}
[2012/12/23 02:25:52 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2004/02/27 15:46:30 | 000,000,832 | ---- | C] () -- C:\Program Files\world_code_018.bin
[2004/02/27 15:46:30 | 000,000,028 | ---- | C] () -- C:\Program Files\world_par_018.bin
[2004/02/27 10:03:44 | 000,000,448 | ---- | C] () -- C:\Program Files\world_dbase_018.bin
[2004/02/24 13:42:46 | 000,005,575 | ---- | C] () -- C:\Program Files\WorldTime.ini
[2004/02/12 11:49:02 | 000,000,448 | ---- | C] () -- C:\Program Files\scroll_code_018.bin
[2004/02/12 11:49:02 | 000,000,028 | ---- | C] () -- C:\Program Files\scroll_par_018.bin
[2004/02/12 11:48:24 | 000,000,207 | ---- | C] () -- C:\Program Files\SCROLL.app
[2003/06/10 00:41:46 | 000,000,236 | ---- | C] () -- C:\Program Files\World.app

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/04/23 01:08:45 | 006,605,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/04/23 01:09:27 | 005,240,960 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015/10/30 03:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015/10/30 03:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015/10/30 03:17:45 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/01/18 10:09:42 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\acer
[2014/05/22 12:28:46 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Apowersoft
[2013/12/28 17:07:27 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\lm
[2015/03/08 05:02:30 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Paltalk
[2014/06/14 20:23:25 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Spotify
[2013/12/28 17:09:00 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Synaptics
[2016/08/20 16:59:40 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\ViStart
[2016/01/30 21:04:19 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\WildTangent

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2016/08/20 16:59:46 | 000,000,000 | ---D | M](C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?) -- C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.
[2016/08/20 16:59:46 | 000,000,000 | ---D | M](C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?) -- C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.
(C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.?) -- C:\Users\Amy\AppData\Roaming\Rainmaker Software Group LLC.

========== Alternate Data Streams ==========

@Alternate Data Stream - 94 bytes -> C:\Users\Amy\SkyDrive:ms-properties
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

 

[johnb35]

Let me ask you something. Are you using Mcafee antivirus or F-Secure from Charter? You have both active or Mcafee wasn't totally uninstalled.

I'm also pretty sure that Rainmaker program called ProPC Cleaner has screwed up your internet connection, they usually do. Do you remember when that actually got installed?

I need you to run OTL again but this time copy and paste the following into the custom scan/fixes box at the bottom and then click on the run fix button up top.

:OTL
O2:64bit: - BHO: (Reg Error: Value error.) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey File not found
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720

 

[novicegeek]

Actually, we're running F-Secure from Charter. I thought Mcafee was uninstalled. And I'm not sure about that ProPC Cleaner program. I'm not sure I remember it. But, if I installed it, it's been quite a while ago.

And, thank you, for the suggestion. I will try that now.

 

[novicegeek]

Done, but I did have a heck of a time with copy and paste, for some reason.

Here's the fix log:

========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mcui_exe deleted successfully.
ADS C:\ProgramData\Temp:373E1720 deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 08212016_172309

 

[voyagerfan99]

Download and run the McAfee removal tool since you're not using it.

Uninstall it from Programs & Features if you haven't already and then run this tool.

http://www.bleepingcomputer.com/download/mcafee-consumer-products-removal-tool/

 

[novicegeek]

The first time I tried the McAfee Removal Tool, the computer kind of locked up - and I had to do a hard reboot (which I hate to do). The second time, it didn't lock up, but both times, I'm not sure if I'm looking at a status bar at the bottom of the window, because it's not moving at all. It doesn't seem to be doing much, that I can tell, in the task manager either. What do you suppose is the problem? Or does it just take forever?

Thanks.