Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unable to complete removal of malware [Solved]


  • This topic is locked This topic is locked

#1
charles.actuary

charles.actuary

    Member

  • Member
  • PipPipPip
  • 112 posts

I'm embarrassed to be back asking for help so soon after my last time.  We bought my teenage daughter an Acer laptop for her birthday, and I didn't check that she had got the security set up right.  It should be no surprise that 2 months later it had become horribly infected.  The majority of the infection was adware, although I think there were some other nastier items as well.  I have done reasonably well at removing most of it (using Bitdefender Rescue Disk, Malwarebytes, Avast Free, Superantispyware and AdwCleaner).

 

Things are running a lot better, but are not quite perfect.  The current symptoms are:

  1. Every so often, Avast comes up with a warning that there is a service which is trying to shut it down.

  2. The laptop is not able to connect with the home network and to the internet.  It seems that both the wireless and ethernet signals are being blocked somehow.  Both appear to be working and contacting to the network eg the wifi adapter is showing itself as connected to our wireless router, but the laptop cannot use the connection.  When I test the connections, the test suggests there may be a problem with the drivers for the adapters, but when I check the drivers, the system says that they are OK.

I have run OTL on the laptop and the two files are below.  Thank you in advance for your help.

 

Charles Young

 

OTL logfile created on: 03/02/2015 19:25:29 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Franny\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17498)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
5.89 Gb Total Physical Memory | 4.35 Gb Available Physical Memory | 73.86% Memory free
12.14 Gb Paging File | 10.55 Gb Available in Paging File | 86.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914.19 Gb Total Space | 841.37 Gb Free Space | 92.03% Space Free | Partition Type: NTFS
Drive E: | 1.87 Gb Total Space | 1.57 Gb Free Space | 84.23% Space Free | Partition Type: FAT
 
Computer Name: BOO-MACHINE | User Name: Franny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/02/03 19:23:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Franny\Desktop\OTL.exe
PRC - [2015/02/02 12:20:51 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015/02/02 12:20:27 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/12/19 21:59:52 | 000,090,880 | ---- | M] () -- C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
PRC - [2014/12/19 21:59:52 | 000,089,344 | ---- | M] () -- C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
PRC - [2014/12/19 21:16:44 | 000,062,208 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
PRC - [2014/12/19 13:16:59 | 009,191,168 | ---- | M] (Acer Cloud Technology) -- C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
PRC - [2014/12/19 13:15:49 | 002,713,856 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
PRC - [2014/03/21 20:38:20 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/09/03 23:53:48 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/09/03 23:53:42 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2012/07/13 23:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2009/03/28 21:11:38 | 003,325,952 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015/02/02 12:20:28 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015/01/30 15:39:07 | 000,015,616 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
MOD - [2014/12/29 13:26:12 | 000,630,528 | ---- | M] () -- C:\Program Files (x86)\Acer\abPhoto\tag.dll
MOD - [2014/12/29 13:26:10 | 000,654,552 | ---- | M] () -- C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
MOD - [2014/12/29 13:26:04 | 000,119,552 | ---- | M] () -- C:\Program Files (x86)\Acer\abPhoto\openldap.dll
MOD - [2014/12/29 13:25:42 | 000,203,008 | ---- | M] () -- C:\Program Files (x86)\Acer\abPhoto\curllib.dll
MOD - [2014/12/19 22:00:22 | 000,279,296 | ---- | M] () -- C:\Program Files (x86)\Acer\abDocs\libcurl.dll
MOD - [2014/12/19 21:59:52 | 000,090,880 | ---- | M] () -- C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
MOD - [2014/12/19 21:59:52 | 000,089,344 | ---- | M] () -- C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
MOD - [2014/12/19 21:16:48 | 000,013,568 | ---- | M] () -- C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
MOD - [2014/12/19 21:10:32 | 000,277,096 | ---- | M] () -- C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
MOD - [2014/12/06 00:06:28 | 011,926,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6074b87793a7906a01317ea8832e7330\System.Web.ni.dll
MOD - [2014/12/06 00:06:05 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0f06c6152e5384e75e9517c79ed500d4\System.Configuration.ni.dll
MOD - [2014/12/04 20:39:22 | 005,467,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49201f5658aca21352debffb85ff41df\System.Xml.ni.dll
MOD - [2014/12/04 20:39:16 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6b1a3043fa76fc0f83502099411d2a10\System.Windows.Forms.ni.dll
MOD - [2014/12/04 20:39:05 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\828956d62d94914af63efc7fb36d1120\System.Drawing.ni.dll
MOD - [2014/12/04 20:38:12 | 007,995,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\4976746d2f27ea6b60301a84d6c3e4be\System.ni.dll
MOD - [2014/12/04 20:38:03 | 011,500,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni.dll
MOD - [2014/10/11 13:06:16 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/10/11 13:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2015/02/02 12:20:27 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Stop_Pending] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2015/02/02 12:20:25 | 004,012,248 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2015/01/30 15:21:51 | 000,035,320 | ---- | M] () [Unknown (-1) | Unknown] -- C:\Windows\SysNative\drivers\bsdriver.sys -- (bsdriver)
SRV:64bit: - [2014/12/06 01:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/10/31 04:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/09/22 03:05:56 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/22 03:05:56 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/16 03:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/16 00:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/16 00:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 07:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/07/22 23:31:23 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2014/06/20 10:30:38 | 000,189,912 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/06/20 10:23:12 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2014/03/14 06:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 05:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 07:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 15:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 09:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 09:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 09:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 09:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/10 07:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/09/06 05:00:00 | 000,101,192 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV:64bit: - [2013/08/22 11:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 11:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 11:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 11:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 11:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 11:03:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\rundll32.exe -- (cae99edb)
SRV:64bit: - [2013/08/22 11:03:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\rundll32.exe -- (9b784ed1)
SRV:64bit: - [2013/08/22 10:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 10:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 09:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 09:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 09:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 09:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 09:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 09:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 09:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 09:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/08/03 01:47:44 | 000,457,768 | ---- | M] (Acer Incorporate) [Auto | Running] -- C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe -- (LMSvc)
SRV:64bit: - [2013/08/02 18:33:16 | 000,448,040 | ---- | M] (Acer Incorporate) [On_Demand | Running] -- C:\Program Files\Acer\Acer Quick Access\RMSvc.exe -- (RMSvc)
SRV:64bit: - [2013/08/02 18:33:14 | 000,457,768 | ---- | M] (Acer Incorporate) [On_Demand | Running] -- C:\Program Files\Acer\Acer Quick Access\QASvc.exe -- (QASvc)
SRV:64bit: - [2013/07/05 16:19:04 | 000,663,592 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2013/05/11 17:45:54 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/05/11 17:45:38 | 000,733,696 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014/12/19 13:15:49 | 002,713,856 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe -- (CCDMonitorService)
SRV - [2014/12/11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/03 11:24:56 | 000,154,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2014/08/16 03:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/03/14 06:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/09/12 10:03:03 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/09/07 01:52:20 | 000,312,448 | ---- | M] (Windows ® Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/09/03 23:53:48 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/09/03 23:53:42 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/08/22 03:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 02:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/01 22:31:10 | 004,278,112 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2012/07/13 23:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2015/02/02 20:11:36 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2015/02/02 12:20:49 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2015/02/02 12:20:49 | 000,087,912 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswmonflt.sys -- (aswMonFlt)
DRV:64bit: - [2015/02/02 12:20:30 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015/02/02 12:20:30 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015/02/02 12:20:29 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2015/02/02 12:20:29 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015/02/02 12:20:29 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015/02/02 12:20:29 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015/02/02 12:20:25 | 000,271,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2015/01/30 15:21:51 | 000,035,320 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\Windows\SysNative\drivers\bsdriver.sys -- (bsdriver)
DRV:64bit: - [2014/12/12 00:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2014/10/13 02:43:17 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/10/13 02:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/10/13 02:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/10/10 01:58:57 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/09/22 03:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/22 03:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/22 02:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/08/15 23:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/08/15 00:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 15:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 15:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 11:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/06/20 10:38:22 | 000,072,128 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014/06/20 10:31:06 | 000,348,552 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/06/20 10:26:02 | 000,786,296 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/06/20 10:23:40 | 000,523,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014/06/20 10:21:48 | 000,313,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/06/20 10:20:54 | 000,181,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/06/20 10:09:34 | 000,070,600 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2014/05/01 13:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/03/20 03:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 12:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 20:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/22 15:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 15:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 15:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 15:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 12:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/12/04 18:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/10/26 01:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/05 15:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/14 14:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/09 17:41:07 | 000,449,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/09/09 17:35:40 | 004,170,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/09/07 01:29:14 | 000,594,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/09/07 01:29:14 | 000,338,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/09/07 01:29:14 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/09/07 01:29:14 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/09/07 01:29:14 | 000,116,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/09/07 01:29:14 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/09/07 01:29:14 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/09/07 01:29:14 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/09/06 05:00:02 | 000,370,504 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013/09/03 23:53:44 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013/08/22 22:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/08/22 22:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/22 19:11:03 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 13:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 13:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 12:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 12:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 12:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 12:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 12:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 12:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 12:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 12:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 12:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 12:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 12:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 12:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 12:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 12:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 12:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 12:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 12:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 12:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 12:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 12:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 12:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 12:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 12:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 12:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 12:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 12:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 12:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 11:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 11:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 11:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 11:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 11:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 11:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 11:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 11:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 11:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 11:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 11:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 11:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 11:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 11:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 11:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 11:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 11:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 11:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 11:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 11:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 11:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 11:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 08:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/15 20:13:30 | 003,859,968 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2013/08/12 23:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 00:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 18:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/30 01:24:22 | 000,150,104 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NARAx64\0405000.009\ccSetx64.sys -- (ccSet_NARA)
DRV:64bit: - [2013/07/26 01:01:48 | 000,458,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2013/07/25 19:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/19 14:26:32 | 000,082,128 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2013/07/17 09:59:00 | 000,021,360 | ---- | M] (Acer Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMDriver.sys -- (LMDriver)
DRV:64bit: - [2013/07/17 09:59:00 | 000,014,680 | ---- | M] (Acer Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RadioShim.sys -- (RadioShim)
DRV:64bit: - [2012/10/03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/07/22 16:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 21:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{20ECEAEE-3481-4052-BC3C-3FFE07190605}: "URL" = http://www.bing.com/...=IE10TR&pc=ACJB
IE:64bit: - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/...=MSSEDF&pc=MSE1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{20ECEAEE-3481-4052-BC3C-3FFE07190605}: "URL" = http://www.bing.com/...=IE10TR&pc=ACJB
IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/...=MSSEDF&pc=MSE1
IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.c...q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {305170DF-C4C0-42E7-8C0F-6F3DA07089B0}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{305170DF-C4C0-42E7-8C0F-6F3DA07089B0}: "URL" = https://uk.search.ya...p={SearchTerms}
IE - HKCU\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/...=MSSEDF&pc=MSE1
IE - HKCU\..\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2015/01/19 22:04:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/02/02 12:23:43 | 000,000,000 | ---D | M]
 
[2015/02/02 16:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Search By ZoneAlarm ()
CHR - default_search_provider: search_url = http://search.zoneal...=&tstsId=&ver=
CHR - default_search_provider: suggest_url = 
CHR - homepage: 
CHR - plugin: Error reading preferences file
CHR - Extension: SiteAdvisor = C:\Users\Franny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0\
CHR - Extension: Avast Online Security = C:\Users\Franny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
 
O1 HOSTS File: ([2013/08/22 13:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {14a46a4c-5d26-4298-bc1c-ba225afc0d6c} - No CLSID value found.
O2:64bit: - BHO: (no name) - {395daf64-9dd0-4028-961b-c8d57037961d} - No CLSID value found.
O2:64bit: - BHO: (no name) - {51c36104-b857-4839-a152-cec05e9eb6a6} - No CLSID value found.
O2:64bit: - BHO: (no name) - {74f5f453-dd45-4ba2-a758-d65a878f9941} - No CLSID value found.
O2:64bit: - BHO: (no name) - {75561566-0230-4f49-a40e-8199fa708caf} - No CLSID value found.
O2:64bit: - BHO: (no name) - {7d6d4e94-678a-4638-9bd6-bbaf16880107} - No CLSID value found.
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (no name) - {c77c8f93-f513-4d12-9a1b-5242c2b4e04a} - No CLSID value found.
O2:64bit: - BHO: (no name) - {d061a97b-6d68-4597-8094-88f8c4d5568a} - No CLSID value found.
O2:64bit: - BHO: (no name) - {fd6ab5bb-0547-485e-9c64-dffc046eab6a} - No CLSID value found.
O2 - BHO: (no name) - {14a46a4c-5d26-4298-bc1c-ba225afc0d6c} - No CLSID value found.
O2 - BHO: (no name) - {2bd7ceff-8e6f-469c-9672-4e3eab6bdd5e} - No CLSID value found.
O2 - BHO: (no name) - {395daf64-9dd0-4028-961b-c8d57037961d} - No CLSID value found.
O2 - BHO: (no name) - {51c36104-b857-4839-a152-cec05e9eb6a6} - No CLSID value found.
O2 - BHO: (no name) - {74f5f453-dd45-4ba2-a758-d65a878f9941} - No CLSID value found.
O2 - BHO: (no name) - {75561566-0230-4f49-a40e-8199fa708caf} - No CLSID value found.
O2 - BHO: (no name) - {7d6d4e94-678a-4638-9bd6-bbaf16880107} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {94121a89-5052-46cd-8744-85c85d3cfa97} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {c77c8f93-f513-4d12-9a1b-5242c2b4e04a} - No CLSID value found.
O2 - BHO: (no name) - {d061a97b-6d68-4597-8094-88f8c4d5568a} - No CLSID value found.
O2 - BHO: (no name) - {fd6ab5bb-0547-485e-9c64-dffc046eab6a} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [3D BubbleSound] "C:\Program Files\BubbleSound\3D BubbleSound.exe" File not found
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BacKGround Agent] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer Incorporated)
O4 - HKLM..\Run: [ZoneAlarm Installer] "C:\Program Files (x86)\CheckPoint\Install\Launcher.exe" "C:\Program Files (x86)\CheckPoint\Install\Install.exe" /r config /c "C:\Program Files (x86)\CheckPoint\Install\Install.xml" /w File not found
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [Google+ Auto Backup] C:\Users\Franny\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKCU..\RunOnce: [Application Restart #1] C:\Users\Franny\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3C01668-B35D-43D1-BC94-ED4D4960A628}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{627b6fdb-b133-11e3-8251-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{627b6fdb-b133-11e3-8251-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\Autorun.exe" 
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/02/03 19:24:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Franny\Desktop\OTL.exe
[2015/02/03 14:02:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/02/02 18:59:38 | 000,000,000 | ---D | C] -- C:\Users\Franny\AppData\Local\Diagnostics
[2015/02/02 18:05:55 | 000,000,000 | ---D | C] -- C:\Users\Franny\AppData\Local\iGware
[2015/02/02 17:18:32 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2015/02/02 17:17:04 | 000,000,000 | ---D | C] -- C:\Users\Franny\AppData\Roaming\SUPERAntiSpyware.com
[2015/02/02 17:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2015/02/02 17:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2015/02/02 17:16:24 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2015/02/02 16:17:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/02/02 16:16:08 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2015/02/02 15:36:19 | 000,000,000 | ---D | C] -- C:\Users\Franny\AppData\Local\CrashDumps
[2015/02/02 15:34:54 | 000,000,000 | ---D | C] -- C:\Users\Franny\AppData\Local\AcerCloud
[2015/02/02 15:33:22 | 000,000,000 | ---D | C] -- C:\Users\Franny\AppData\Local\Doc
[2015/02/02 12:21:08 | 000,000,000 | ---D | C] -- C:\Users\Franny\AppData\Roaming\AVAST Software
[2015/02/02 12:21:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vbox
[2015/02/02 12:21:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vbox
[2015/02/02 12:20:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2015/02/02 12:20:37 | 001,050,432 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2015/02/02 12:20:37 | 000,436,624 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015/02/02 12:20:37 | 000,116,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015/02/02 12:20:37 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015/02/02 12:20:37 | 000,087,912 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswmonflt.sys
[2015/02/02 12:20:32 | 000,364,512 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/02/02 12:20:29 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/02/02 12:19:10 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2015/02/02 10:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2015/02/02 08:57:51 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/02 08:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/02/02 08:57:39 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/02/02 08:57:39 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015/02/02 08:57:39 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/02/02 08:57:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/02/02 08:57:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/02/01 22:33:39 | 000,000,000 | ---D | C] -- C:\RescueCD Logs
[2015/01/30 21:23:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\apppsavee
[2015/01/30 16:54:40 | 000,000,000 | ---D | C] -- C:\Users\Franny\AppData\Local\ElevatedDiagnostics
[2015/01/30 15:40:58 | 000,000,000 | ---D | C] -- C:\Users\Franny\AppData\Local\ClearfiMedia
[2015/01/30 15:36:59 | 000,000,000 | ---D | C] -- C:\Users\Franny\AppData\Local\ClearfiPhoto
[2015/01/30 15:20:15 | 000,000,000 | ---D | C] -- C:\Program Files\shopperz
[1 C:\Users\Franny\Documents\*.tmp files -> C:\Users\Franny\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2021/10/21 13:36:56 | 000,000,852 | ---- | M] () -- C:\Windows\SysNative\drivers\RTKHDRC.dat
[2021/10/04 07:34:42 | 000,000,712 | ---- | M] () -- C:\Windows\SysNative\drivers\RTMICEQ0.dat
[2015/02/03 19:27:29 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/02/03 19:27:29 | 000,735,932 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/02/03 19:27:29 | 000,139,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/02/03 19:23:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Franny\Desktop\OTL.exe
[2015/02/03 19:22:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/03 17:52:15 | 000,001,961 | ---- | M] () -- C:\Users\Public\Desktop\abMedia.lnk
[2015/02/03 17:48:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/02/03 17:47:24 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/03 17:46:44 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/02/03 17:46:39 | 766,107,647 | -HS- | M] () -- C:\hiberfil.sys
[2015/02/03 15:28:26 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\PRIVATE WiFi.lnk
[2015/02/02 20:11:36 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/02 18:02:54 | 2031,824,162 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2015/02/02 17:16:27 | 000,001,824 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2015/02/02 15:36:09 | 000,002,060 | ---- | M] () -- C:\Users\Public\Desktop\Acer Portal.lnk
[2015/02/02 15:34:31 | 000,002,001 | ---- | M] () -- C:\Users\Public\Desktop\abDocs.lnk
[2015/02/02 12:20:57 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015/02/02 12:20:49 | 001,050,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2015/02/02 12:20:49 | 000,087,912 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswmonflt.sys
[2015/02/02 12:20:30 | 000,267,632 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015/02/02 12:20:30 | 000,116,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015/02/02 12:20:29 | 000,436,624 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015/02/02 12:20:29 | 000,364,512 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/02/02 12:20:29 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015/02/02 12:20:29 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015/02/02 12:20:29 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/02/02 12:20:29 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015/02/02 11:50:47 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015/02/02 08:57:42 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/02/02 08:56:17 | 000,000,711 | ---- | M] () -- C:\Users\Franny\Desktop\mbam-setup-2.0.4.1028.exe - Shortcut.lnk
[2015/02/01 19:12:08 | 000,001,690 | ---- | M] () -- C:\Windows\SysWow64\${LOGFILE}
[2015/01/30 15:43:04 | 000,000,173 | ---- | M] () -- C:\Users\Franny\AppData\Roaming\WB.CFG
[2015/01/30 15:40:11 | 000,002,037 | ---- | M] () -- C:\Users\Public\Desktop\abPhoto.lnk
[2015/01/30 15:21:51 | 000,035,320 | ---- | M] () -- C:\Windows\SysNative\drivers\bsdriver.sys
[2015/01/30 15:20:15 | 000,000,045 | ---- | M] () -- C:\user.js
[2015/01/06 12:38:12 | 000,014,040 | ---- | M] () -- C:\Windows\SysNative\drivers\cherimoya.sys
[1 C:\Users\Franny\Documents\*.tmp files -> C:\Users\Franny\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015/02/03 17:52:15 | 000,001,961 | ---- | C] () -- C:\Users\Public\Desktop\abMedia.lnk
[2015/02/02 17:17:06 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/02 17:17:05 | 000,000,918 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/02 17:16:27 | 000,001,824 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2015/02/02 15:35:47 | 000,002,060 | ---- | C] () -- C:\Users\Public\Desktop\Acer Portal.lnk
[2015/02/02 15:34:31 | 000,002,001 | ---- | C] () -- C:\Users\Public\Desktop\abDocs.lnk
[2015/02/02 12:20:57 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015/02/02 12:20:37 | 000,267,632 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015/02/02 12:20:37 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015/02/02 12:20:37 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015/02/02 08:57:42 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/02/02 08:56:17 | 000,000,711 | ---- | C] () -- C:\Users\Franny\Desktop\mbam-setup-2.0.4.1028.exe - Shortcut.lnk
[2015/02/01 19:11:55 | 000,001,690 | ---- | C] () -- C:\Windows\SysWow64\${LOGFILE}
[2015/01/30 15:39:16 | 000,002,037 | ---- | C] () -- C:\Users\Public\Desktop\abPhoto.lnk
[2015/01/30 15:21:51 | 000,035,320 | ---- | C] () -- C:\Windows\SysNative\drivers\bsdriver.sys
[2015/01/30 15:20:29 | 000,014,040 | ---- | C] () -- C:\Windows\SysNative\drivers\cherimoya.sys
[2015/01/30 15:20:15 | 000,000,045 | ---- | C] () -- C:\user.js
[2014/12/27 18:55:11 | 000,000,060 | ---- | C] () -- C:\Windows\wininit.ini
[2014/12/17 19:43:18 | 000,022,528 | ---- | C] () -- C:\Users\Franny\AppData\Local\dsisetup8989879682.exe
[2014/12/04 19:56:47 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/12/03 19:44:18 | 000,000,001 | ---- | C] () -- C:\Users\Franny\AppData\Local\DSI.DAT
[2014/12/03 19:43:50 | 000,022,528 | ---- | C] () -- C:\Users\Franny\AppData\Local\dsisetup2673992652.exe
[2014/12/01 22:43:13 | 000,000,173 | ---- | C] () -- C:\Users\Franny\AppData\Roaming\WB.CFG
[2014/12/01 18:16:21 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/11/29 00:43:49 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014/03/21 20:28:19 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/10/15 15:14:58 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2013/10/15 15:14:57 | 000,180,736 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/10/15 15:14:57 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2013/08/22 15:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 15:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 14:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 07:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 03:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/21 23:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/21 23:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2013/05/11 17:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2014/03/21 20:52:48 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/31 00:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/30 22:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 09:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 02:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 09:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/12/01 21:43:39 | 000,000,000 | ---D | M] -- C:\Users\Franny\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z
[2014/12/03 21:52:26 | 000,000,000 | ---D | M] -- C:\Users\Franny\AppData\Roaming\acer
[2015/02/02 12:21:08 | 000,000,000 | ---D | M] -- C:\Users\Franny\AppData\Roaming\AVAST Software
[2014/12/23 01:34:45 | 000,000,000 | ---D | M] -- C:\Users\Franny\AppData\Roaming\QuickScan
[2014/12/02 23:57:27 | 000,000,000 | ---D | M] -- C:\Users\Franny\AppData\Roaming\Spotify
[2014/11/27 23:03:10 | 000,000,000 | ---D | M] -- C:\Users\Franny\AppData\Roaming\WildTangent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 237 bytes -> C:\Users\Franny\SkyDrive:ms-properties
 
< End of report >
 
 
 
 

OTL Extras logfile created on: 03/02/2015 19:25:29 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Franny\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17498)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
5.89 Gb Total Physical Memory | 4.35 Gb Available Physical Memory | 73.86% Memory free
12.14 Gb Paging File | 10.55 Gb Available in Paging File | 86.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914.19 Gb Total Space | 841.37 Gb Free Space | 92.03% Space Free | Partition Type: NTFS
Drive E: | 1.87 Gb Total Space | 1.57 Gb Free Space | 84.23% Space Free | Partition Type: FAT
 
Computer Name: BOO-MACHINE | User Name: Franny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5895AA7A-DFE2-4D53-BA9C-4D161CDD37DB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{893AAD8C-E463-4DA9-AC15-962867FA5D2E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{D71C9F53-651A-4A11-A121-49923E655882}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0011523D-92C5-42C8-9D12-C0DA4B1C85E9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abphoto\dmcdaemon.exe | 
"{024D3A9B-2CF2-47EA-A051-12F914279E67}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{02DB6342-F80D-4268-A132-38C09F8D4C38}" = protocol=17 | dir=in | app=c:\program files (x86)\hold page\bin\holdpage.brt.helper.exe | 
"{02EEB0ED-4CFD-426F-9920-5DBBA925FA86}" = dir=out | [email protected]{magix.musicmakerjam_2.1.1032.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} | 
"{02EF185D-3226-408F-A45B-1F18F2B80407}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{04816FA1-5B53-40BC-8834-90F41A4E80DC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{04994DA7-5318-4AD0-811A-1B3926DB199D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{049D16FE-BD15-4D92-9E54-8359419BD86F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{04CBF04D-610B-4875-8013-7839600EEDCC}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{05087D67-FF7E-4051-93BF-099A9097D97E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{05169FA9-A71C-430D-8BF6-BB2173E3064A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{05EA0BCB-9F5F-4FD1-8058-CEAED2CA5AE3}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe | 
"{06B22046-76A3-484B-B698-1043C86069F9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{072F4997-91E6-40C6-B012-97238CDB4CB3}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{07937450-9B87-47CE-9EEE-C160E038FB00}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe | 
"{079C03BA-47F6-4DA4-B757-B492C1CF0FF9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{07D726D8-824F-415D-9BFB-DDDF4CEC6F14}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{080F4E6B-59C7-4FE3-837D-4758A9F5C7DA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{0852DD61-5107-48FF-8FBB-73C9E38E2263}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{08EC051E-39EB-4424-8DC7-9FC92863D67F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{09290DAE-AB22-457C-B964-2270A27304A7}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{0A306AB6-5618-4D04-99D4-C06B3E43AA0F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{0A7D3D31-657A-41E8-85FD-41C428896FC7}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{0AA22A0F-546A-4107-B59D-7FB203A6D44F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{0AA2D61F-71C5-4648-A031-304B38B62F28}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{0AB48CE6-EBF9-44CD-9B9D-C8F2829F3BAA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{0ADF8ACC-1C6B-4918-935E-11DDF3F5D3D5}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{0B298765-3BC9-418E-AC65-D199309C103B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{0B5CE65E-ADDB-4044-991F-440890AAC108}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{0BCE07EA-1265-4F2A-82AA-4D2954113BBB}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{0BCE5EE2-6F05-4591-BADB-9BA1BD1B16D2}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{0C3AB157-8897-48A0-A575-9385BAE42CA3}" = dir=in | name=movie edit touch 2 | 
"{0CA8E258-25FB-4CFC-9956-B89E14614495}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{0CD49270-6AF7-4B3A-901F-3E50E598784A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{0CF4EBDD-5D19-444A-BE01-A958AD720326}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe | 
"{0CF5C2BA-90AE-4AC9-9E10-21CE0C8E16DC}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{0D498021-96A4-4025-8F16-C570AC67A49D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{0DA17C49-80A2-4C0B-9CAC-C7E14D27B5BC}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{0DE8C6B2-9E34-4F8E-A6D6-E7E99F66B725}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{0DF62F11-18E1-4E58-8C8C-6516F20BAFB8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{0F7DAFE1-9AE7-4795-ADE0-0896CC803123}" = dir=out | [email protected]{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{0F86F753-075B-47D1-BBC9-8A6D4A47F2F9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{10239414-91CC-4427-AA5C-8FAD0A18124A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{10508368-4FF0-4409-A482-4AEF5F2B2E68}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{10DA59A3-15DC-43FA-969B-E917C23F90C2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{11188EC7-A8DC-468D-B241-0D8B49679641}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{11C1F447-755B-4BCE-8B24-42F4CEF0C3D2}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{12227A8D-BFBC-4869-BF2A-48CAE06B927E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{12889221-9CE4-4F90-B785-D3FB8D941FAC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\virtualdrive.exe | 
"{1378D08D-E098-4B2F-84AF-822ACE29EF39}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{13A64357-4E47-4C6C-9325-6652ADEA31DC}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{13B2607F-6897-4012-A491-E86C28595A14}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{1404CB4F-79DB-452B-8ED5-6D73EE59A40D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{1437E465-48F3-40CB-ABEC-D8DBA71436CD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{15012933-90EB-4137-BFBF-2BF731ADA73C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{151F246D-22B9-4662-AC50-966431D336E9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{154057A5-8C4A-4A8C-B2C5-F275FDDD2CF2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{156A0322-E9D7-4C9D-882A-9242D4DADEC4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{15854EFE-23D1-4D8D-8E5A-6E9EA078AC86}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{15B26E90-B79E-440A-B13B-AFAE0AF9C880}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{15E35DD5-958C-442D-B6B5-98605F319BA4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{161574B0-6643-4F1E-9171-2CF4867E001E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{164BEF8F-C842-40D0-950E-6AC01BA9BDD1}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{175E67F4-23A4-4022-AD81-F602F9D66862}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{1764F0DC-99FE-46BE-9E82-F261FBEA8847}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{178BA6FB-9B51-4309-81D6-47B71AF6A487}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{17E750CA-87CD-456B-8ADB-6A40D8957B73}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{183CB104-A508-4026-8756-84845A15D502}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{187FFBB0-20E4-415B-B724-88EAA8766485}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{189BCC14-CB28-4B69-91A6-0FEDEF8404CF}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{18A214CB-0CFB-4348-8DF5-67E1558F9C1B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{19A1A214-578F-439E-BA5B-894BB95D4022}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{19CF72CC-1EDF-4506-866F-9797FFA4AB64}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{19E3FD0F-F86A-451B-ACDA-1642EC681B05}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{1A0F4A9E-7A5B-4393-802A-5C197F5EC074}" = dir=in | name=evernote touch | 
"{1A2FF134-A041-42BF-9937-4D7DE9CA9B5D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{1A4F5B01-19C2-4419-9D15-3A57AD3EAD5D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{1A6F4615-1794-47F5-B86B-1DA662EFFDBA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{1A8221FC-2A42-487A-8F5C-7E269A76C7D3}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd.exe | 
"{1A90421A-236D-4AB9-A4DF-6CF49BF0AD96}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{1AC1108C-CF72-481B-8824-3A270F324061}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{1AC69DF9-86BC-489E-93F8-1369BCBE82DA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{1B72CF7A-4230-41EE-981F-50404557A88C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{1BE7F5D3-D39C-43BB-9F28-51EF852A5F57}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{1C2F8B6A-1278-4DD9-B8EF-C01208F66593}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{1DCCF792-109B-4618-96E9-5D4BCC489E79}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{1E34F25D-01F1-473F-811A-6FA7F8F7BFAB}" = dir=in | [email protected]{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{1EF7B8D1-DE20-4295-A955-5CB08CB56BDD}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{1F2EFC88-BB54-4E3D-91EE-F7EE17CA28BE}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{1F30C917-A776-4BD2-9C95-24CB018DDC84}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{1F35EA3B-8FCE-4038-B5F1-F2A71496A4A7}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{1F3CD758-307E-4702-84E6-46110B460D71}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{20E5B4C4-3862-4E48-A6DE-852385A0CFCF}" = dir=out | [email protected]{microsoft.bingfinance_3.0.4.253_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | 
"{2129D3EE-650D-43E5-9207-684480E36794}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{21BD2978-745A-4EAD-8B94-00A4E7355D26}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{225234FC-6251-4522-8F41-FB6A020CA466}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{226F8FDA-DE43-4A1E-86C7-CEAAA47EDECE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{22FB768B-E312-4F2C-843E-EF1F4435614D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{23059C4F-5B63-408D-A26B-41D985B9E25F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{232AD4A1-DAD5-40F6-A6EC-6F48C83AEAAA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{236A77C3-9513-4A92-932E-6CC550EA1151}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{23CC09B8-7B79-450C-BE02-5132D2D3BDA4}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{23F8D36E-3FE7-4279-9C4C-97F551825DCE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{243F7AC1-BFB8-4991-832D-D4AAA3B38148}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{2537632C-78F3-4631-BA93-B518BA850B08}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{25547C38-21D3-4758-A422-F5B664EBE7F3}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{25E6B4AB-8B0C-40AF-86F3-224CF2CB1B04}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{2609FBA7-671A-4BC6-9F91-730E2E3050C5}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe | 
"{263DC18E-C33F-4915-B9EA-7983D1AE0E12}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{26652CBD-A4AC-4607-AEBB-35B44CE64733}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{26BF6652-8C2E-4564-83B6-2D7081594B45}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{26DDFFC7-9E20-4ED6-A6C4-C5945C516AEA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{26F46AA5-82BD-488D-AC5D-C0173A59ACB3}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{271358BB-F95E-44D1-90E9-826F1CD7C040}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{271787AB-8DFF-4803-B54D-E63B6FFA8769}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{271B47A5-DE12-40A1-A32D-4B43D538D70A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{2877B133-819B-4F87-AA2B-278ECD9ED001}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{291FE334-667D-4EB2-9462-5D9340962523}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{292AD03E-236D-4919-8B95-529B2BB5C60E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{2A27010A-F628-4E50-BF17-19179D62C3E2}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{2A4C9E25-9063-436A-85CE-76097E810933}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{2A60B8A1-DB0F-4608-8D48-99239A3CCE61}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{2AA0B912-EB40-4AE6-8BB4-2A4B9FC9C316}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{2B70A6C1-B220-41A9-9B4B-064886334345}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{2B7732C6-BC06-4126-8B26-0AD8BC69DD15}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{2B82A866-9148-4089-8489-C20F8AB5FC49}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\virtualdrive.exe | 
"{2BB123C3-6FEC-4A49-A98C-80E18AE84C0C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{2CE0D268-B270-41C7-9092-D332E18BDF74}" = dir=in | app=c:\users\franny\appdata\local\microsoft\skydrive\skydrive.exe | 
"{2CE65F31-E2F2-454A-A03D-8FE9CE47090A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{2DFE873C-678B-43F5-B7C8-036AFA0A86FE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{2E0A8B6D-697A-471C-ABF1-EFD9B83F1507}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{2E63EFC6-05EC-494B-A54E-95FEC78278AB}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{2E9182FA-71AB-4753-882D-0DE24211E076}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{2ED45CC5-8615-4598-9DA9-2F0B82409734}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{2ED55F2D-8B85-4BC2-93A9-E7B0C7677DF1}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{2F093481-5AF2-4A25-B427-5ED21460662D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{2F0E0A28-4E7F-40F2-A6A0-D5BEF198038A}" = dir=out | name=ebay | 
"{2FDD2138-F335-45FB-926A-577DA4ED1EB4}" = dir=in | name=accuweather for windows 8 | 
"{2FEAD19F-5075-48FC-A469-6A5359FA2A2D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{3012FD77-6CA1-4119-838C-096B095E5917}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{3020724C-EE9D-4C33-875A-3C93E372A3F3}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{30B97650-A856-4D14-B645-730878D2137C}" = dir=out | [email protected]{microsoft.binghealthandfitness_3.0.4.254_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{313A1365-AF0C-4EA3-B20B-0384351A6FB1}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe | 
"{3157338E-BCEF-41E3-91D0-C6C2D1FF3A57}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{317600E5-A4F2-4242-AC4A-6EA965A448CA}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe | 
"{3178702D-C330-46C0-B222-866CE2E3563D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{31DC465D-E602-4EF5-9E95-457B75575624}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{32334F36-A264-49D6-B5C9-555CD33FEED4}" = dir=in | name=zinio | 
"{328189DB-12AF-4DF5-B675-8A032EE51C20}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{32903E38-CF1A-41BF-8EA3-6CC7765D19A2}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{32B4E982-5EDD-48EB-BECD-4B6A94B62119}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{333A4323-311D-4A28-A48E-E057AEF54D86}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{35B63058-79EE-4F00-87FA-3E1541DEDEEA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{35C8868B-9C85-465A-99DF-02587EFD7FA0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{35DBF7BF-81E7-411A-B071-90AA63BE14AF}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{35FBC220-ED6C-45D2-832A-3CBFCA06F9C9}" = dir=out | [email protected]{microsoft.bingsports_3.0.4.244_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | 
"{36975E4D-17CC-4F8E-AC34-7E5C67FAFCBD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{36D16F73-7EB5-4DF1-96D4-056102B4B91C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{36F6B823-B98F-4CFD-9A8A-8807DBC2EFC9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{37902B43-978D-430A-8DE7-44CD609BBE52}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{3815CC36-B117-4467-97E8-2C307368C6D9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{388A9245-6E1E-4C85-BF62-ED9833F63DD7}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{38DBA573-DDDF-47AB-981A-6C6323CAA8A5}" = dir=out | name=didlr | 
"{38E5FBAE-D5A8-48CA-BFE1-CE599B654164}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{393671C4-11EC-4B03-9688-A7676EA84F9F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{394477BD-CFE3-4B56-968C-67912E454205}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{3A4E6FBD-9CAE-46D8-A7DD-7E15F5545759}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{3A503F8D-9ACE-4E9B-B270-057D6156DF2D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{3A662710-77A9-4344-8E12-36F628377FE6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{3AAAE6B0-F527-462A-A9E7-2571C14D33A5}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abphoto\dmcdaemon.exe | 
"{3AAEE7AF-CE16-4785-AB8E-A6DBD64168F2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{3AFCDF7A-7895-4449-AA50-83043D5A64D2}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{3B581575-A0B6-4864-8788-AC31488276F9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{3B6C77E7-54A5-4DB6-BC67-2C7C876B5906}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{3BB7AE00-F502-49D2-BCE3-DC31FA454F0A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{3CA11B01-8E07-492D-A403-9A75AB8B22E3}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{3CBF88D3-EF25-4ABD-867C-111FF68B89A5}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{3F4740A5-831F-4C68-9F09-3F9371D0FF4E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{3F60F376-DDA1-4F34-B18C-9EEAB78B7281}" = dir=out | name=arcsoft showbiz | 
"{3F94EE0C-5EFF-44A3-9DA8-843211DEC277}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{3F98AB84-3CB7-48C9-9085-327C04622B1C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{40E6CE7C-9980-4F4A-917B-6E899C57FD79}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{41B0EC56-2602-4D48-9CFB-EB1DF29B54DC}" = dir=out | name=acer explorer | 
"{41DC10C2-552A-4FA6-B2AA-DFA50BB38A06}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | 
"{42FB2787-7EA9-43C6-B156-5FB3DAB5273B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{43150078-9F69-4DC0-834E-804B7AB2993F}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe | 
"{448B9227-027E-43C1-9271-DDC7474D3F5E}" = protocol=6 | dir=in | app=c:\program files (x86)\hold page\bin\holdpage.brt.helper.exe | 
"{450E4AAF-89D3-435E-AABF-266BEF3FCF55}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{45152100-A7BE-46ED-A0FE-55B01EFC7725}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{45566F0C-67D7-4F65-8754-4332BC14585A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{45BED4BE-2385-40CE-B381-818F57632994}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{45D2719F-5653-4963-A11E-8716D7710A5A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{45F57D00-0B43-4418-9C83-426F52422425}" = dir=out | name=doodle god free plus | 
"{462DB549-86A1-411E-970B-D81BA16C3D2A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4630B88C-1652-4CBD-8038-C4E562F076C7}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4645A380-EA51-4BAD-89B6-657354C2117D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{46844114-0B94-4184-9954-A616DC66FF8D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{46AE87B5-0EFE-4B2A-82C0-AE23E152F519}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{470FB6F5-CED9-42BB-83D6-766C7D6E9E38}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{47675CC2-DB8E-438D-8C4F-2C4A5BCD83B6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{47B31633-59C6-4217-B5BC-0C1FFABF9250}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{480CEE67-5FCE-4F04-A2DE-3CABF1A89D14}" = dir=out | name=- games app - | 
"{48538663-1CBE-4657-8FE3-6E0D52BBDC4C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{49C4AA34-F8CF-4F76-ACD1-BBAE09EA5DF7}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4A22FE23-C1D6-4279-9F11-D3A451990523}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{4A6601C9-5AA1-4DFB-B57E-CBEB22E29E03}" = dir=out | [email protected]{microsoft.bingfoodanddrink_3.0.4.253_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{4A7D2B59-1CB6-4FC3-A3A5-2599F5752212}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{4AA10083-D1B4-4377-A4E1-A3187F8AB53A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4AF0BCB1-EC81-464D-A1BB-4A03C7F454F5}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{4B4ED2B2-4EA4-41B3-933B-E73E12325957}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4B5B247F-7C6A-4000-B5C2-FD0CB8008B3E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{4B77D450-4EB3-4B86-B90B-0626F1CDACDF}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4CE8EF9C-7900-4B6B-AE96-69D21F0302E2}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{4D521835-F33B-453C-BD94-1FF30EE6A6B1}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4D8260B1-5C4F-49C4-86F8-2038AA8EFBD4}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4D9E5E66-2377-42BD-A9E0-3702D4FA9946}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4DB3626E-0EB1-4E99-91E9-F6D295F809C6}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{4DC13342-C798-4664-B15B-8C34F629D6D2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{4DC8D094-55BE-4ABD-9257-0422F04428AF}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{4E6F7845-033D-4C7E-8386-CAB0E46BF25A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4E9631EC-A154-4244-BB78-E4FD7DC64E34}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{4EF915AD-9D76-4859-BBAA-2B5DE2FFEB46}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4F22D96E-8E19-450A-872F-AD421AACBC17}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4F3FB3B6-F9AF-4EB8-9269-8C11AECC7679}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{4FB48EC5-C3A5-4114-924D-885AC37F19FE}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{5039DB4C-F93B-4BFB-B6B8-EF238791073B}" = dir=out | name=monsters love candy | 
"{50588268-4A59-465E-8D61-389918577E5E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{511CFBA6-38C4-4DC4-BEAF-8C14D822D6D7}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe | 
"{51203232-D256-45FF-A44D-47660F439533}" = dir=out | name=netflix | 
"{5174A8CE-C77A-4719-9B7D-793E62F77A30}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{51A8F2C4-8712-4DAD-B6E1-C9B3F5A7F384}" = dir=out | [email protected]{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{51AFE822-FDD1-483C-8304-7F8F850F86B9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{51C04DAA-F900-4E56-AC11-28BE9BC553C6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{51C8A1E9-D9DB-488C-B2FE-E3F50A8786EA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{51F04953-3116-473D-BFFE-E3714BE53111}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{51F77CF9-1F59-4B5C-8D4E-3DE75857ECA9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{521CC6D7-2FBA-43C9-9F62-BA2CDD11FFCA}" = dir=out | name=skype | 
"{522CB372-A834-4AB1-9A6B-7AB02363EFA6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe | 
"{527B09ED-7D12-4810-AA36-49137ABD294A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abphoto\windowsupnp.exe | 
"{529D63A5-8FA8-4E18-AC6E-BF41A5A03098}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{52FDAB17-576E-4051-9C6B-EE0EAD35425D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{53881CA5-033C-4934-9268-B46C8EE48D1D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{54A8610A-7B87-4944-998F-D39F4709A059}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{54AFAD10-0E4A-4B71-80CA-17E194C71333}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{5552C04E-CCBD-4D5D-8113-7D9BCDDDEE78}" = dir=in | name=acer explorer | 
"{5579448E-9B3F-4C85-BFE9-628A5E3704B9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{557AFBDB-21F3-4111-8153-EE69DC6BB75B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe | 
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | 
"{56E45B24-F212-4424-92AD-9D5B683CD6D0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{5765225A-83A7-4904-893D-F96E37BB19F7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{578DE550-82C5-46F9-88BC-98AA4A26D0C2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{57D8B7A3-356F-45F8-BE11-2BFB6C76E43A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{58F7056E-A37F-42C1-9E5A-079651172371}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{593C93C9-7F4A-44EA-9FAC-BBF7E7CBBA79}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{594E0C5F-8F36-4BDD-B2A9-7F38C79BCD46}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{59B7B377-6F2B-4F68-8B2E-574C14751D10}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{59BA1968-12DA-4335-8219-C946553C878E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{59BB7520-B1C8-4390-8991-F1FAF208E3BE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{59E36877-4EAB-43F0-B32C-09E614072414}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{59F971AF-AE22-43A8-8207-17FDFA5BDF90}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{5B354C69-8C32-4AA9-AABC-B9D5B4919B18}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{5B939EA9-1D8F-4C24-B906-6A41A591DC0E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{5BAC7B36-8B82-4287-A486-4C84AAA85227}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe | 
"{5BFC82D6-B9D9-4E28-9AC3-D51CB0B0C4C9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{5C16701F-CA85-4BA0-A5CA-DCDCD8205F42}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{5CCD204D-447C-47BC-AC03-6464E7D80E62}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{5D8AA959-381B-4C62-9DF1-1FB83D567E3E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{5DD803DA-E037-4784-9FE4-A83387EE2558}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{5E1434EA-462E-402B-8C1E-5D445E77423E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{5E1E5E65-215F-4646-95FD-0CC422DC3319}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{5EAB712C-2B6C-4AF7-99BF-44D16270CE8E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{5EFB0FA7-DF30-4564-A702-9F4DC167C126}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | 
"{5F94AC6B-8377-4EC5-8142-08263D22A297}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{5FEC4B38-89B3-463D-90C2-9DDC8A7272AA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{601D3636-14BC-48CC-A05E-0502E8D05952}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{60491DEB-6C7B-4A4E-A75E-958F3254E441}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{60AE7C19-9861-4CBE-BFED-9AA1C1773F6B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{619A06D1-A131-4DE3-B2C1-1890D7796375}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{61FD8D2E-2E36-489A-A1FA-E6202ACEC1C8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{62035E38-2F55-4F52-A75C-EC57AA6B4059}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{628E39CC-E12B-4565-96C2-24DD5F561E3D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{62CD8506-1E91-4975-AF91-87234E2B9D98}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{643B011F-6258-412F-8599-DBFF56C66809}" = dir=out | [email protected]{microsoft.bingweather_3.0.4.249_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} | 
"{65279A37-CBDB-452A-B901-1705F11F419D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{65913486-FE13-48F4-A9CE-C7247ED0AFF5}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe | 
"{659577DE-C0DF-4BC8-848C-F4E5DB52065D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{659EE179-0776-4A3E-A38D-628211ADD95C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{65C4D4FA-CBC6-4FF4-8D74-E46B988DF79B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{66190546-26A7-462A-AD35-9193C82D1202}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{6695C6B9-9ABE-494D-BDDB-A46A1A0CF807}" = dir=out | [email protected]{microsoft.bingnews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | 
"{66DDF342-FEC7-44D9-A8B2-A0666336C58E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{6711BF10-CF0E-4ACE-BDEC-65DB8A21A845}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{677EC0E1-C5CC-43C0-8829-3487BFDBC684}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{67FE4C72-B0D7-4FB7-B4F6-E6EADD9772AE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{68B87706-1D35-48DF-BA23-88476FC57D57}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{68CE7EE0-D3A6-4AAA-8B0B-9C9D7B6EE39D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{68D70AF7-8ADF-49A5-9923-0A9D41247000}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe | 
"{6911EB47-0825-4815-A918-243582922F78}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{693F5CB8-B4A3-48F6-B4AC-472D7A394AA4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{69BBC7E5-6CAE-4975-8E1F-13AE006B377B}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{69ED172B-098E-459F-AAEA-856BB9D87526}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{6A535491-6E70-4F56-8F18-6D8920B7310C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{6A7D2654-99E8-49AC-926D-201C914A4504}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{6AC59D84-A1E4-4385-8DC6-41CD48EC0545}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{6ACA080B-4D2D-4D1E-9D7E-6B38E7667FD8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{6B0A4BC0-6B33-4083-A0DB-2469C85A3E9E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{6B3237E7-F4E8-4008-B88E-4478A8795522}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{6BCFD104-83B7-47B9-A0D4-D25D833EBAF1}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{6BD08EC1-7AD7-4673-B06F-354BA2C911B0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{6C54F8B2-35B7-4527-93DE-A387F9A37542}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{6C8C8022-B9F7-4927-87F9-AADB47585311}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{6D23F1CD-5645-46D3-B87D-4355AF06ECF6}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{6D59BBD6-7780-44CF-91A9-148DD2207D02}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{6D5BC835-5B4F-4068-83A0-2B51E88DAA12}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{6DA7BC78-8D1D-4CA5-9FF4-61EBFA1F9DFA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{6EDB6A22-C20C-46DD-B9B0-4B50BFE46AA5}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{702D6379-57CA-4B36-953B-85C2D1B07905}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7037E1AF-3896-4BF7-81A6-AAE0F60F1AA5}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{706DCB84-5F21-4673-BC1B-7B20894626DE}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{70EE3CAF-DD37-4912-A79D-1C88B97137F7}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{71296E6E-068C-47B8-B7B6-88FDC848C2AF}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{718E73BC-E9F7-4EFD-9FEA-6C99A50D6FC1}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{721C1F39-716C-4DF2-A00A-A79C7163E7D9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{723CBFB4-1744-406C-B521-38A2C9494B79}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{724566D9-748F-4710-8CEF-0334DEBCD498}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe | 
"{7246AC26-15BC-4DB5-A96E-B4DAB64EA475}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{726DC088-D76B-4620-A708-659E0E64BEFD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{72B32C8D-DB56-4906-A292-51B43FE73F72}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{72EA703E-4DD8-4B78-BFDB-63969941AB30}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{731DB003-9E81-41D5-9CEC-62D04C3976A2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7324E1F1-8E90-4163-B3EA-F186083EE451}" = dir=out | name=dropbox | 
"{7359F59A-C3B2-4941-969B-50BEABDB7FBC}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{737FE974-016A-4607-AB9B-2282FC4DC2EA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7423024B-4472-4309-AA03-2A002048BA2A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{742AC77C-ED19-4067-8BDD-AA43A6AFE544}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{75363BE1-E432-45EE-B749-0D43B126B0E0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{7552E003-A970-4359-AEE4-4240785C9F76}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{75587FD1-F7DF-475B-B837-BDBDE142864C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{757D3688-CF0B-40A1-A375-5CF14B8471F5}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{75847706-1C45-446F-82A6-D3CE135DDA86}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{75ABD8B5-997C-444C-9C77-CDFB041B08BA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{75E35DD2-EB14-4825-9A4A-8131EEE805F4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{76266CCD-C168-4551-AC29-38B1703467E9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{7790CBE5-DC49-4191-B789-F8842795EBE9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{77E59896-B8B4-4F21-AA85-666BF8668C96}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{78D2D948-2FD7-4674-840E-FF56E6C35416}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7943F0FF-7768-4811-BE85-22A465074B90}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{796770C8-E884-4CDF-8CB5-DF2BFFDED596}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{79ABD9E0-2222-42D3-AB7B-E9040E664050}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{79B35D5F-6C9F-4AFC-A1AE-647DA6892DFE}" = protocol=6 | dir=in | app=c:\program files (x86)\hold page\bin\holdpage.brt.helper.exe | 
"{7A02131A-466D-4705-B47F-B7BE0E0B5650}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7ADC260F-0E71-46C9-B712-8412DA75317B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7AE9C2D2-17B0-4724-827D-822F1BDA3B0F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7AF69C00-8A54-4FFB-AA25-225D4EFE2DC4}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{7B4BFC1F-F0CD-4F92-95E7-92BBDCE5D542}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{7BA32225-16B7-4134-A6A4-5B4DBBF4E0F5}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7BE14560-377A-43A5-9B95-196D85961AAA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{7C114E0D-491B-400D-B439-73C17EE6DCE3}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{7C1CBE38-3AEE-4B03-8164-23256922CDE2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7CCFB940-69C5-4477-ADE9-3CBCB51091B9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7CEA889E-2E0F-4DA2-A4E3-00ED137E4B90}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{7E77C0F2-098B-4C65-82DC-B8CDAA8C5DD2}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7EAC42FD-B596-4D0B-8496-79E1144130EC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{7F4D061B-AA12-44CB-8B7E-506D219E310C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7F9E4B8E-1A92-42DC-85F7-AA7E35CAF1DC}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{7FD50B6C-C29B-4270-8426-95A2EEECDD65}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{8043AF6F-3C5D-4F68-9C5F-4B147435E923}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{8055C815-36DA-4EE2-B2AF-497B63B2B70E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{80E41DC6-9219-4E60-825A-3FD89D4268E6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{81544D02-562C-4C24-AA44-A707D926600D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{8178E5A9-3156-4E1A-95A0-FDA003426582}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{829F6964-03F2-4729-9928-C34B58F8AAEC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{8362A9F2-F547-42E6-A895-3FAA4F08432C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{8401E588-D71C-4239-A596-6294165EBE77}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{84B5207D-E8E2-4520-A0E2-4EC2D2D5114A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{85A58294-F1E5-47A6-8DC2-60F5C6E21ECE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{85CC7C42-3AAE-4098-9122-9628BF7F04A9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{86576E4B-25E8-4888-96AD-7D55D594921A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{865C79CD-146E-46E0-88B3-3126B3A4BFAF}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{86737423-0500-45A4-AB3F-00F8D43FBDCB}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{86881AA3-D573-4ACE-89A7-B6E5414B61B2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{86E806BA-7EEE-4F14-98B3-9DA227008287}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{8709DBA6-3F5B-49FE-B198-F47DE961BE90}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{871ED19F-E0E6-4513-87A5-B158E9579668}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{878004A7-3B40-481B-B446-D0DB08E84D9A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{87BDB84A-7689-4EAF-B283-4ED18A2B110D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{888B5FC3-D7A1-4222-A8C8-D5AB0188A1F4}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe | 
"{88A14675-C900-4B21-BA73-F4CCFBE715CA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{88CB2858-D8F8-4A69-B526-F62F42505CC6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{88E6CC3A-F6E6-47B1-A7EA-86ED78A8CF89}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{896493E7-95BE-448B-8E96-B835416A8B5C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{897F22C1-147F-490E-9C36-2B2F1949798E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{89E6CB0E-CCDA-475D-982A-8536D377E4BC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{8B222D95-B970-48F4-9D49-EC2AE200374C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{8B61F79D-ADC2-41A1-8B8E-622B8CCA4349}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{8BF4563F-6C51-44D9-A044-3CD8B6417CF3}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{8BFA9029-40E5-45B9-88D7-B110A0178F90}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{8C27A56B-F4D7-4F5C-98CC-2C637E1F735A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{8C654A94-786D-468A-BFBE-8AA0615F71F4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe | 
"{8C756AEB-EDBF-4DF0-9D32-757E3CB46A67}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{8CCEC0D0-71FF-4242-AC8C-8D24A8AB47B0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{8D02D632-FE9C-4B7E-A59B-8B725C2A39DD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{8D2A6F32-7758-4B0B-AE47-2DF87F0E4B69}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{8D450E81-0C41-4EFC-A9C5-16A679F7C601}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{8DFDB819-1652-4F9A-B692-C11BED410F74}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{8E7E681B-AE42-4235-8F43-6EF24739E379}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{8ECE6631-5EE4-4C76-A7E0-6CADE42BD927}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{8EFA95CB-9BB8-430F-B345-39B1DFC89E5D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{8F96D1C6-A070-4051-9BA0-C49476EA1360}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{90233E4E-FD66-4753-B0C2-D07D2C97B9E5}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe | 
"{916E3D3D-B9FA-4E54-98A3-CC479A1A073A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{91F1FC8F-B48D-427D-9D1F-5AB3C7DAFFBC}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{92451F31-A64B-4DF3-8F91-60F120B0EC33}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{92841DBA-143A-43E8-AC76-B8E55EDBA89A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{92A75A00-C24B-4278-A7C9-B4B3AAD52C82}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{92ED4705-B5C8-401F-9658-4B12CEA1CEB4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9333AB3C-23CF-4C0C-ADF0-A7AF40FC1E7A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{93533D3E-F888-4684-BE90-770A7BF88D97}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{93E4A18E-C168-423A-8093-87E922E99F4B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{941C4147-C764-48EB-A062-03C8497AC583}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{94238CD1-69B2-4187-A9D9-FBF6B2736F52}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{94575A00-51C6-469C-86A7-C642BD3378F3}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{95179C1E-1176-4689-8680-BF162CB9970F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{95274E2D-506A-4A07-A0FD-592998EB2D2B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{956AC89B-26C6-4912-88F9-76327FBFE61C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{96590BD7-8CD9-4215-BC46-DD5BBD7761E1}" = dir=out | [email protected]{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{966BFA49-2155-4D2F-93C8-AC125C26A8E0}" = dir=out | name=accuweather for windows 8 | 
"{96FB2C8E-A03D-44C4-B4E5-339F62ED5845}" = dir=out | name=zinio | 
"{9778FCB6-F68F-41E3-AD9E-905491C95236}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{97D201C2-6700-44BC-85D5-ADBE698E356B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{983F10E2-D677-4116-B03E-2FB85BF3B528}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{985E5E82-7FE5-412B-85E9-A803AE9395CA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{98857F7C-4ACD-44C8-AE3F-E6E87D4CC6B2}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{98B700CF-1D0B-48C5-8473-E69FBA60F30A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{98CF48A2-B0DA-434E-B17F-930F4B00181E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{98D0DC0B-A835-4B33-9018-D47DCDA55070}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{98D44251-0A14-4ABF-8317-2968844FD316}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{98FCABCF-DC7A-4162-A7EC-C8B87A4E0878}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9903A0EB-8487-47A1-BABF-13486F63908B}" = dir=out | name=kindle | 
"{994C5934-E7FE-4C42-B103-7180AABC05D7}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9996EFE7-7BB2-4AB1-AEBC-23D0B75B3BA2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{9A1D4C11-AEC3-4D2A-9335-E1CDEBA839B5}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9B046A59-A1A8-4E8A-ABDF-04EB370FC5BA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9B0E345D-C4AD-4271-83FC-5B407D815B28}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9B2DC78A-39ED-4050-9462-84CE51F53693}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9B6972CB-E56F-4195-B214-1DD50BE5A8B9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9B955BA7-012A-403A-99A5-448DD300077E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9BAC57F2-9A61-4260-A6C0-84FBC58FD046}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9BE017A2-8FA7-466D-9B98-CF4B53052D66}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9BE55B37-B51B-41AF-8DAE-5C1093A6CB1B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9C3DB0D9-5384-4C3B-B2FA-42001AF5301E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe | 
"{9D0ED1BF-8329-4244-977E-1BE7DEE84670}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9D24247C-AEB8-4C34-9BCA-21C2A4E15B4A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9D5C9F11-BBFA-4D41-8FE2-C55C9AEFED52}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9DBFBBF1-5543-4954-8F5C-E5DD4E248CE5}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{9E8499EE-57D4-4448-8C37-CF071D6A2265}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{9EB5167C-9F77-440C-BCDE-AD607B388C1E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{9F002517-B287-4C8C-964F-AF9D0D7D9124}" = dir=out | [email protected]{microsoft.zunevideo_2.6.434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{9FB78466-76CD-4370-9BBE-BBA2F2494870}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{9FE343A2-8A32-4F77-BB75-5D66BC552691}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{A01492C4-6553-4E4A-AB38-D34A9031AD81}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A02C6053-2243-4797-9218-A5E0A11E9339}" = protocol=17 | dir=in | app=c:\program files (x86)\hold page\bin\holdpage.brt.helper.exe | 
"{A04F78F3-9006-485E-9EEB-314902A6703E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A083FB74-C1EB-4327-8CAB-0228524BAE70}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{A1140F4A-EC0B-4B1D-9B59-DED52509A2D2}" = dir=out | name=xbox one smartglass | 
"{A2009FF4-5394-43BB-9349-8BA6ACD25EE1}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{A2456F47-5554-4ED4-B6E2-012FB97E4290}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A3361CB1-1F33-47B8-8673-35D02F82D937}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A350644C-0D42-4CD2-BB31-6E7EE15695E0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A37E6A74-1FE7-496F-9046-E30F958831A7}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{A37EC473-317F-4A7F-A7BF-A83E1E29B88C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A392749F-3D70-4B52-B1F6-A83D17543167}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{A4CF67D4-E1E5-4FCA-BFF2-B731B548BE1C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\dmcdaemon.exe | 
"{A4DFDE53-C1F3-479D-9DA3-F5E53E72803A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{A4ECC887-8E88-41D6-A1D3-E7409D99B522}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{A59DB603-720C-4FF5-B8BE-732AC451F48E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A5CF99CE-9860-438A-9B47-AA2F5F729061}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A687CBEC-8494-46CC-BA63-FE88C64AACC1}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{A6FC1C82-E688-4297-AB29-873E3DC43CF3}" = dir=in | name=xbox one smartglass | 
"{A7305DBB-5526-4F5E-99CD-955120C3D4DC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{A74FB0FB-0C9D-4432-BA6D-A827020A73BA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A8861C1C-D2A8-4713-851F-9530DC6775D4}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{A888E10D-7680-457B-B82B-A99B70FDD9D3}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A91925F6-4756-46B9-B0F0-38CC3D77145C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A91959F7-B54B-4DB7-A23A-444B9EC7E18D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{A929489F-B44B-4B27-BE39-7D11E0B661A0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A94606C7-6589-4DB0-900D-C1A9EB9F3ED0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{A94A2E03-C957-4EDF-8F1B-614CB5EC2C5F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{A991F6F3-D0ED-461E-92CB-10EB7C120E98}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{AA41084A-126F-43CD-900C-C9EB57315E55}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{AA86BBAE-D1E5-4477-A002-916315961331}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{AA90E620-937F-4F93-938A-F3AA7132995E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{AAD9E5E3-1749-498D-9031-D50F8102160E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{AADB9BA0-6267-40E0-9802-E81EC32813FD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{AAEBB9ED-2356-4B16-87FB-173C62CCA183}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe | 
"{AB06FC3B-5668-4BA4-8AF1-A91D9CC321BB}" = dir=out | name=movie edit touch 2 | 
"{AB27F612-3BAA-4867-9F77-58F98FAA57D8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\sdd.exe | 
"{AB412B55-A93D-4925-B516-AA3BF5263A78}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe | 
"{AB5B1111-FF5E-412B-9887-93E56EA90512}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{AB646260-D7B9-41EA-AD97-E16B3FF54DCA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{ABD20C07-200A-4059-A28B-C49165B9D663}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{AC048D5C-AAF7-4649-B03C-6A18F75181E7}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{AC9C0856-39CE-4701-B035-AB0637E4B33F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{AD05715F-E007-4BC9-8EEE-768020F2F548}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{AD1647D6-8DEF-4FE8-A6C6-3AFF9E48B934}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{AD6EE751-CD62-43EA-9A7E-B434379F54B0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{AD6FF2CD-B6A7-40B2-BCFF-D28FC35FD324}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{ADF0A8B2-E291-40DC-A04E-2DAF6CCB9123}" = dir=in | [email protected]{gameloftsa.asphalt8airborne_1.7.0.11_x86__0pp20fcewvvtj?ms-resource://gameloftsa.asphalt8airborne/resources/appname} | 
"{AE2A7997-1342-4677-A9F9-2EAE449901BA}" = dir=out | [email protected]{microsoft.zunemusic_2.6.653.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{AE2D5887-5D44-4C2D-9591-DAFC90A8871C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe | 
"{AE86B76D-9E93-4696-A6E7-3651D38CC4EE}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{AED99841-9F14-42AF-8200-E4883D9750F4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{AF5C6577-6C3E-4FAF-B16E-99FB3C124342}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{AFB7EF0D-5F69-42E5-B4AE-2B569398F59E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{AFC1AC8E-FB73-4722-A85C-1DA9719F9139}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{AFDA9EF2-886B-41DB-A010-7610CBDC40AC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B08D86AB-4551-4EC9-A18A-F1888537176B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{B0B8338A-9471-427D-98BA-9E10383F84D1}" = dir=out | name=evernote touch | 
"{B0D82B71-7E7A-43C2-A3CE-364637B3C054}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B127F821-67BA-48C9-87C8-4D11BEA1B253}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B1318BB4-C39F-4EB3-A2E1-67568A5160EC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B1840B14-ABD8-440A-89A3-715B85951C8D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe | 
"{B1EB6880-C75A-41D9-88B2-1BD848B039AC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B1F3EACE-46AA-44AE-A9C8-1DAA2434D248}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{B2094B3F-A979-4412-A544-CA6908DAFF83}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{B21C76D3-7AD6-4B37-B9D5-C00E43B343E2}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{B2ABD126-27D3-49B1-8A15-3D7D20E19F19}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abphoto_\windowsupnp.exe | 
"{B3258FDE-74B5-4C3A-9581-C1A9A5B99E95}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{B328555B-F9C4-4DB6-B7F1-1F792D9EE18D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B3835A67-CD3B-4BE1-B15B-BD3B7EBD34BE}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{B4922553-0DAB-43A6-9831-94F2779F51F9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{B4B712A5-CE40-4B34-A9E8-A8B1783C9EBD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B53B1DD1-7913-4749-9E90-2C2FDA2E92BF}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B562FE73-3F20-4D6A-872D-947434FCDA4F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{B591E09B-9961-4B4A-93B3-23A52865B44A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B65EB510-EE79-469E-98F9-CA14FF27CDBD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B6731D69-9F09-4366-8C89-7DC7F8576A58}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B6CA5890-E42B-45CC-84BD-0610F8473E5E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{B805794A-8817-43EA-B184-5BD19C0F5CDA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{B810D0E7-7216-4693-9E49-FB8613B33E20}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{B821830A-DB49-47F6-A66B-9D80660A7429}" = dir=out | name=stumbleupon | 
"{B8A00B18-7A26-4D22-8976-FA21AFE972D8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{B8C6487F-EBBE-491E-B702-E855595DE213}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B90CAB2A-7A61-4CFB-AC6D-5F9A890371ED}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{B9F00905-EEA6-4533-BA81-0D6488E87E2D}" = dir=out | name=canon inkjet print utility | 
"{BB66C67C-1487-461E-897E-92FBCCE345AA}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{BBD6D1AB-F983-4B4B-92C6-0A7344A4960B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{BC56C1EE-47EC-4925-B472-E09542D54E2E}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe | 
"{BC729974-F45E-494E-B271-2890230C9D09}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer photo\windowsupnp.exe | 
"{BCD2C3B2-1091-40F9-BD45-082158624A73}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{BD16AACA-CDD4-4FA1-973A-C90D1ABD3086}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{BD571334-928D-4E5B-AF58-86BC3FCB21FD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{BE3070AE-FD54-4805-94B3-0B0F7CA3DAEE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{BF1766C9-1935-4079-9C18-68D812C6FA7D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{BFEF5340-65C4-4143-9A57-DAFACA178C60}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abphoto\windowsupnp.exe | 
"{C016EEF1-3D5C-44B6-9496-2C827A359017}" = dir=in | [email protected]{magix.musicmakerjam_2.1.1032.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} | 
"{C02C1AAE-7473-41CE-9273-736E6BF8559F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C107657A-D3CB-494F-BB7B-A42B9A4DA566}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C175BE3F-0401-4632-B699-BCE5FB0EFB59}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C178DF32-1DC5-4E4D-A244-CD4941E41529}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C1E1E76F-1EBD-46C3-839A-E4EDDC1CC113}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C21089BE-E4B6-4857-B1A5-43A17845E17A}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe | 
"{C2591251-2CAC-44DE-B87E-265978522638}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C26F83E6-5C4D-4CA2-BE29-74FFFB13DDD3}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C28231E0-D8A8-42D6-AE6C-98E318F10FA8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C294E17B-D93F-4E54-83D1-F24999320496}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C2BE6506-0AC2-4033-B02F-B9EB4EEFEAE4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C2EA7974-EE37-4447-A811-1DF95B7F035D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C3215AC6-F56A-413F-9741-21C47FF745F3}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C3429722-8DA0-4C0F-852D-4F60A6F02115}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C393D0F4-AFB8-4E94-8185-36B962D9E0C1}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C3DF1C1B-C14A-44DA-AD18-268C6101734A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C3E01390-FD14-4861-B45D-BDF409E9E355}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C3E29098-C0AD-482F-93DF-00F5DAFAB585}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C42BECA5-9DA2-42AB-B29D-F94F70C83A71}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C4334638-F771-4EA1-8905-ACED8FFA8534}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C44FD52C-460A-471E-9753-7B21EFC9C2BC}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C4F23A0D-A10A-4CD4-B3FE-A4C8CC82E78D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C509409E-7556-4CA9-8662-BA30AA0DA9B9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C556D8A5-8CCF-4394-8024-366434625D84}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C5B3C4D1-FF0A-4623-80FB-49997467C479}" = dir=out | name=picasa viewer hd | 
"{C60C834E-A8EA-4B1B-94FB-04DFDACCC81F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C66172C7-FAF3-4AAD-9338-3C8DEDBE7DE6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C793E931-8A21-493D-8EC9-1B995966210C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C828FB4C-02E3-428E-8D45-8426F4247550}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C85C5795-9B40-4962-A8B4-4A99F27BC9EF}" = dir=out | name=chacha | 
"{C8E26FD9-1553-46B0-AB82-C62ABD0EAF02}" = dir=in | name=skype | 
"{C8E279CC-D3EF-40C8-9F72-21B5A8185C6D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C8ED5316-A363-43A4-AF6A-A4C377A0DFF1}" = dir=in | [email protected]{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{C907B1E1-3759-4B09-8515-8CCAB2E682B3}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{C9AD8177-5B0F-4B1B-8480-F10C89947D49}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{C9D0276E-69EA-4347-97A6-58DCFA073BF4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{CA0EAFC8-F894-4450-AF4D-669D86F26508}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{CA6DE1AC-9108-4F8D-B166-450CA9A0BF94}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{CAA2C64A-9FF8-499F-972B-800E051121D9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{CB07948E-5B2E-47FB-86E2-70037CD7F146}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{CBEA8D62-B98A-4790-A48C-C3EEE27D2F72}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{CCB4EF3D-D796-4C0C-82D4-AE33E814E4B4}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{CCEA5BE7-858C-4FB4-A8BF-EAD94D76D6C8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{CD27796C-B774-4BF0-81A8-91700384DB44}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{CD88A652-BC53-46D3-8F6B-603DC73E5AD4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{CE4C1B4C-B1D4-43D0-BF22-D723B3E3A437}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{CEA0F30D-91DE-4B2E-95D2-C4BD96553581}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{CEA514D4-E565-429E-B8F0-47F8A24B9137}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{CEDFFD03-0C8A-4E28-A6E2-D4DF6D131F8C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{CF23C2F9-D9A9-42B7-B674-6134A8A4E1A2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{CF618776-4FF6-4AFD-887D-ED981543C73E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{CF7EF825-F3D1-4AC6-AD8F-41DA13BAF5A2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{CFD3EC51-63AA-476E-AB6A-6EBDACFA5F54}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D01B860D-2DEA-475C-8B8F-F3F4A1AA97D4}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{D0A728C5-943D-4D4C-8C0F-509D798782DC}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D0B1C4F4-CA79-40E8-8A59-EF88E436DF44}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{D0B8CFEA-B918-4F2D-B516-012BC349FA02}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{D0DE323B-88EF-4A3C-99CF-0C372460EFD9}" = dir=out | [email protected]{gameloftsa.asphalt8airborne_1.7.0.11_x86__0pp20fcewvvtj?ms-resource://gameloftsa.asphalt8airborne/resources/appname} | 
"{D0EFC333-338C-41B6-BEDA-ECF153D50788}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D190CBEE-37E0-4281-82E9-DF9743762AA2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{D1E8970E-E509-4EEE-B432-A851A26B8E3F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{D2174E7A-6A46-4DD4-A2FC-8A89D21329C0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D21C286E-FD1B-46DC-B241-E11742B2315E}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{D2314143-453F-4172-9795-6D4D2E114F78}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D2483C72-71D2-4A35-8B34-3D73BEA0FF08}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{D2870002-E296-42ED-AAE7-2CCF5930F38A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D2933DE1-BBE8-4F8C-BD49-81D809F77105}" = dir=out | [email protected]{ximadinc.magicpuzzles_1.7.0.3_x64__np8fj6akx2czy?ms-resource://ximadinc.magicpuzzles/resources/magicjigsawpuzzlesname} | 
"{D32160D9-3B54-4691-9A28-3CEF5BF8AC94}" = dir=out | name=icookbook se | 
"{D3605508-E1D8-4FF3-AD13-88F442657CE1}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D3EEBD55-2310-4608-94B4-10FFB770CDD9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D400DD87-8F4C-4AA1-9D2D-753192814409}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D40106EE-A7B3-4731-BB2B-13EA24870432}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D455187D-6C9E-4A1A-A24D-D3884FDE0303}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{D47616D1-4572-4249-AD4A-94DFBAA745F4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{D4DF0501-C4E0-4F7C-9C33-984B2895E973}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D56F399E-68EF-4162-B0E7-15D1797A1061}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D5BBFDF5-82E0-4CD9-9212-94ED96743544}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe | 
"{D679EF85-8DFA-43F4-BE3E-46F42F6B7B50}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | 
"{D6CA31BA-32CC-4268-BE96-629B3F1CE12F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{D77BD678-E240-4981-BDC5-45B3EEB5859B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe | 
"{D80D4A66-A134-424D-89CE-F41643F6D2D8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{D82D1700-1145-4F53-BE3F-CF5A6596BAC4}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abphoto_\dmcdaemon.exe | 
"{D8B4543B-748E-43BD-8A10-C83AB33CA028}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{D8C59157-DB98-410B-81D8-C3641A3BCCED}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{DAE1A250-137B-4E46-9E71-A44AF0ECD884}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{DB0112F2-A173-4CF2-A3EE-76EE09160AB7}" = dir=out | [email protected]{microsoft.bingtravel_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | 
"{DB044185-B3E3-4C2D-A931-832FA93E016A}" = dir=in | name=canon inkjet print utility | 
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | 
"{DB7BB4CD-DAFB-4C24-A5C5-2D2C35E25C9A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{DBC4C21E-3883-4730-908A-B2988CFA3CCC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{DC35D296-82DD-45D3-977D-8F71D3BD2FF0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{DC9D5D6C-EF30-4ABD-9E1B-DED5D5615756}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\windowsupnpmv.exe | 
"{DCF1E6CB-017D-4C29-A6EE-91F5C1A42580}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{DCF787CB-6636-4814-9EC6-47CA5EA61BDC}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{DD0DD4E9-C1EC-4E8F-969A-2CD2A5C8109E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{DD69B782-5B54-4692-B4B2-58B0270D1873}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abphoto_\dmcdaemon.exe | 
"{DDCF6ACD-7C03-413D-B122-BB47EB1EDB49}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe | 
"{DDF545AC-13C4-4923-ACF0-661D7F89380F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{DE0BC8B6-4880-4CB0-8B88-7458C4EDE278}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{DE39C1F4-A1C6-47CA-A1C6-E06A7ABACF7A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{DEAFCBC0-C2AE-462F-AE6C-399CFE4C0EB0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{DF109905-36BC-4581-8A4A-3FB2112A1140}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{DF1630F5-EB6E-472B-A70C-6B1763D8A669}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{DF3738E1-C360-4DAE-952B-96EC233EE771}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{DFBB5593-01B4-4640-A6F6-F32F92BE28F0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{DFCF2453-2530-44D7-9172-B6973904EC6B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{E0427B33-568B-4DBC-BD67-B10BD41D3FCF}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{E055494A-4397-4251-96A1-3DF0FA561432}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{E0F836F0-D2F5-4EF1-AB28-BBBFCCEAFA52}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E16E1831-63C7-4F65-AF38-A2C840F138D9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E235669A-CBF7-48A1-A22E-8C6FC94E0D99}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E250A42E-8033-48E5-B46E-FBFB5E8C7FD4}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe | 
"{E283E529-10E0-4346-9801-4E6994F6DADD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E2947D2C-CA4B-4A9B-8877-D7B5549C5D9B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E349DA77-75F8-4648-BF2A-9A726B4272C1}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E362F86E-A0DC-47D1-8433-445CF59291F8}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{E3E7CE90-5E96-4B0D-996B-A51469351715}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer portal\sdd.exe | 
"{E3F545D4-C95A-4367-A07D-72C84844D513}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{E431274F-38EF-498E-A076-EC38CA5E456D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E55C7C12-DD4D-416C-9513-7A6DC69DFA05}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E66AAAF3-E594-4E9F-B98B-A387886F09CD}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E6B816A6-6E1C-441B-B2E1-FB738C7CA9B9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{E7B51ADE-C741-4404-AD46-E4E607527209}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E7C439DA-A8F3-4288-B731-FC37AB0A31D1}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E919FECE-D4BC-4A74-8A1D-7315EC66FDE3}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E936F974-5D26-4EB6-9D07-4BAF55C5C82B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{E955EF00-2A5D-4263-99F7-2142F50CB031}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abphoto_\windowsupnp.exe | 
"{E9691E09-BCA3-4EBC-AB60-1FD202968C79}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{E9D7A730-AEE4-4ED4-A61C-69EB0F3DE14B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{E9F97AEE-FA3E-4A07-A333-D247A4B3933E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{EA42858D-1966-4F64-93B7-A66BB780B18A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{EA627B98-D34D-4786-9C38-91B457659635}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{EA6E3716-2583-4E7C-AB08-9974E0B0FA50}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{EAB3A1FB-51C7-469A-8410-06BA0F64FFA1}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{EB7F6096-9582-4E82-A712-9031110D87EF}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{EB9655EF-CF5A-405D-BEE4-03CC4D85BF26}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{EBB3E366-B44C-44B3-BD4E-473BC97D938D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | 
"{EC910669-51C1-4083-A25D-A0BE10F1C9D0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{ECD3B63B-0849-4EA4-B760-C5F7CD7E7DA5}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{ECEFEB78-7C94-49F0-A97B-000222CAB32D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{ED11081E-F803-41C7-B86C-43CF5DE7660F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{ED1D54D6-643E-454A-AF8C-D0A11A86BEDF}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{ED9652CC-0A81-4289-97ED-B93F350513BF}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{EE09F086-F32F-439D-A045-87DCC082A853}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{EE5D9020-DA53-41ED-8494-320F365C9864}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{EE6E0B35-A748-4D4C-833E-8BC0E1A2612D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{EEE1AF6D-D957-4975-A241-BF5E886DA271}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{EEE4A799-F3BA-4A5F-8B75-BFC5A0A72634}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe | 
"{EF4A14D2-6313-4C3E-B6E2-4056B2131215}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{EF9AA630-5AD5-442C-A9E0-0DE5406402A9}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{EFC5C1CB-02AC-4A8B-BC96-9C72E9728A04}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{EFED7D1A-E4CE-4C09-ABFC-ABB4CEDE3F24}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{F0DB138F-71C3-4A83-AA9A-016719DAB324}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{F0F12330-A570-4B1D-98E8-47707DE4C4C2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{F0FA1832-FAA6-424E-8B23-8A4781A07A35}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{F0FFFE0C-A575-49E0-985A-EDC349AABD25}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{F1366C89-8C03-4315-8448-16E986E3263C}" = dir=in | name=arcsoft showbiz | 
"{F1875C7F-77F4-4230-BAA9-4587D905AAC1}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{F3AC5889-3B62-4061-AD8D-00FE9DDC9A51}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{F3BEA20B-C085-456F-863F-3800BC787BF4}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{F3F32DE4-96A1-4CA7-802A-C619DD56CFAB}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{F4151F95-C800-4D46-B343-1C0984E29582}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer portal\ccd.exe | 
"{F430CC98-997C-4ADF-9F03-7273249C41D3}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{F4E44083-A0AC-4C68-85A6-758C1FAFCFF7}" = dir=out | name=windows_ie_ac_001 | 
"{F523AED6-A20D-4698-A7E5-9CDB694619A6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{F55BFFF5-16D6-4767-B9B1-9CFB6347178F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{F57F316E-C77C-4E6D-987E-4C84DCADE9E5}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | 
"{F6B9DC3E-E9C2-4BC0-9D21-1F9F4B007613}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer media\dmcdaemon.exe | 
"{F733C345-5CDC-42B6-946E-B898CFB15F6E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | 
"{F9749D99-E9FC-4F77-B57C-5718ADC34E3C}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{F9F2BBB6-D4E7-4D39-ACD2-4A3BCAF4E31E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{FA1B2D2E-DFB1-49A7-BCCF-582714493A97}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{FA50A04A-B94A-4BA2-85B8-8639EE322C38}" = dir=out | [email protected]{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{FA7BF3C4-6221-4058-8A2B-651CD4F39569}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{FB083167-7F9E-47B9-B418-E320F31B5343}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{FB25C489-2E8D-4CC3-939D-7A1F115B7053}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{FB65B65C-41F7-455E-BA07-20F10EA666D5}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{FBE2C2B4-D9BF-4EEE-9DE7-017F83FC861F}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe | 
"{FCCBAE19-551B-4D9B-A803-3B3988753534}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{FCE3EE3D-941D-47BA-A334-5F9CAAD55767}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{FCF9E986-EC68-4572-B464-D91984585A09}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"{FD933EDB-D8C2-464D-B8C1-609249903006}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe | 
"{FF7DD54E-45CD-40D2-8E05-D1A3C81C9966}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe | 
"TCP Query User{81EE64DE-525A-4BA6-8ABE-781E60CCF3E5}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{A428A0F7-E957-43FF-823D-A2D5279D01EB}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{ADA776CE-31FD-487B-A7EC-46BE1C9FDE1A}C:\program files (x86)\spyware clear\spywareclearupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware clear\spywareclearupdate.exe | 
"TCP Query User{CAD80D79-38F9-4D41-8C58-99B79EE1DA48}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
"UDP Query User{60FEAE62-37D5-41A1-ABB2-4E658BD812EC}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{9D20B4C3-3095-421D-80C5-62CEC60621FE}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{BDC8049E-32FA-4C17-B49C-8ABB21717F5E}C:\program files (x86)\spyware clear\spywareclearupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware clear\spywareclearupdate.exe | 
"UDP Query User{FBAE64FF-674B-460D-BF61-62C4B3192B66}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series" = Canon MX880 series MP Drivers
"{13885028-098C-4799-9B71-27DAC96502D5}" = Acer Remote Files
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{25058321-C33E-496B-8915-6FD64D362CAF}" = Windows Live MIME IFilter
"{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67AA948F-8D83-4566-B84A-7CAABCF64E3F}" = Broadcom Card Reader Driver Installer
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel® Trusted Connect Service Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}" = Apple Mobile Device Support
"{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}" = Acer Launch Manager
"{C1FA525F-D701-4B31-9D32-504FC0CF0B98}" = Acer Quick Access
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}" = Broadcom NetLink Controller
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"Elantech" = ETDWare PS/2-X64 11.6.27.201_WHQL
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}" = Windows Live Writer
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0BE9E708-5DC0-4963-9CFD-0AA519090E79}" = Junk Mail filter update
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{0F974770-76EB-4C38-986E-E7BDD9C0DFC4}" = Windows Live Writer Resources
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WLAN and Bluetooth Client Installation Program
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38F03569-A636-4CF3-BDDE-032C8C251304}" = Movie Maker
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{48781AC2-0939-4D66-98F2-235328E46790}" = Windows Live Messenger
"{4A37A114-702F-4055-A4B6-16571D4A5353}" = AOP Framework
"{4BAB923C-1ACA-4697-ACA5-C1B5037091BF}" = Windows Live Mail
"{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}" = Nero BackItUp 12 Essentials OEM.a01
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6522F5F9-411B-4513-A75B-CEA00395F032}" = Windows Live UX Platform Language Pack
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66B5819D-DE70-42BE-B40F-978FBA12452E}" = Windows Live Essentials
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{714E162E-CD4F-4F1B-8302-7F5179409C25}" = Windows Live Writer
"{7171E82A-E90A-4155-9040-6006CEE64DDC}" = Windows Live Writer Resources
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}" = Apple Application Support
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95C33D2E-8892-40CC-B8FB-E8CC68530D8B}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0332229-4EF7-4A36-AED8-E5876EB2DF86}" = Windows Live UX Platform Language Pack
"{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}" = Nero RescueAgent
"{A2DC527D-FA79-46E9-973F-920897CA55E9}" = Windows Live Writer
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = Acer Portal
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{B1D0122C-6BE2-47A2-82AE-0BB3F6C91C49}" = Photo Common
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = abPhoto
"{B6A96E8C-FC88-46F5-800E-6845B4ACA459}" = Photo Gallery
"{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}" = Windows Live Mail
"{BAD27F0E-5165-49A5-BE66-AF5BF73F2FEE}" = Windows Live Mail
"{BAD984EE-790E-4513-A428-3BE2D426DCA7}" = Windows Live Messenger
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C992FFE0-AC32-4FA9-BC9A-F1637B9E655D}" = Photo Gallery
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = abDocs
"{CAA0F57A-BA8C-4AD8-AA03-F32B0E4F5623}" = Photo Common
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}" = Nero BackItUp
"{DCBF3379-246B-47E1-8173-639B63940838}" = abDocs Office AddIn
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E625FCA0-E43E-4D3B-92FF-4851308A0366}" = Norton Online Backup
"{E703613B-BDAB-433E-A66A-DE0263E3D35D}" = Windows Live Messenger
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = abMedia
"{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}" = Movie Maker
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8F630A7-6789-44D5-8653-3B27969CF337}" = Windows Live Essentials
"Avast" = Avast Free Antivirus
"EADM" = EA Download Manager
"ENTERPRISER" = Microsoft Office Enterprise 2007
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"NARA" = Norton Online Backup
"Picasa 3" = Picasa 3
"Spotify" = Spotify
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive
"Picasa Packages" = Picasa Packages
"Pokki_03d432a7e610c3e908213e7689d4342ce2111caf" = Acer Games
"Pokki_Start_Menu" = Pokki Start Menu
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 03/02/2015 10:30:31 | Computer Name = Boo-machine | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'avast! Antivirus' could not be shut down.
 
Error - 03/02/2015 11:41:46 | Computer Name = Boo-machine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App 
failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log 
for additional information.
 
Error - 03/02/2015 13:41:01 | Computer Name = Boo-machine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App 
failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log 
for additional information.
 
Error - 03/02/2015 13:41:01 | Computer Name = Boo-machine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of application Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness
 failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
Error - 03/02/2015 13:44:58 | Computer Name = Boo-machine | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Users\Franny\AppData\Local\Pokki\Engine\HostAppService.exe".Error
 in manifest or policy file "" on line .  A component version required by the application
 conflicts with another component version already active.  Conflicting components 
are:.  Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
 
Error - 03/02/2015 13:47:26 | Computer Name = Boo-machine | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Users\Franny\AppData\Local\Pokki\Engine\HostAppService.exe".Error
 in manifest or policy file "" on line .  A component version required by the application
 conflicts with another component version already active.  Conflicting components 
are:.  Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
 
Error - 03/02/2015 13:50:22 | Computer Name = Boo-machine | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'avast! Antivirus' could not be shut down.
 
Error - 03/02/2015 13:50:27 | Computer Name = Boo-machine | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'avast! Antivirus' could not be shut down.
 
Error - 03/02/2015 14:01:46 | Computer Name = Boo-machine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App 
failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log 
for additional information.
 
Error - 03/02/2015 14:01:46 | Computer Name = Boo-machine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of application Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness
 failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log
 for additional information.
 
[ System Events ]
Error - 02/02/2015 05:58:59 | Computer Name = Boo-machine | Source = DCOM | ID = 10005
Description = 
 
Error - 02/02/2015 05:58:59 | Computer Name = Boo-machine | Source = DCOM | ID = 10005
Description = 
 
Error - 02/02/2015 05:58:59 | Computer Name = Boo-machine | Source = DCOM | ID = 10005
Description = 
 
Error - 02/02/2015 05:58:59 | Computer Name = Boo-machine | Source = DCOM | ID = 10005
Description = 
 
Error - 02/02/2015 05:58:59 | Computer Name = Boo-machine | Source = DCOM | ID = 10005
Description = 
 
Error - 02/02/2015 05:58:59 | Computer Name = Boo-machine | Source = DCOM | ID = 10005
Description = 
 
Error - 02/02/2015 05:58:59 | Computer Name = Boo-machine | Source = DCOM | ID = 10005
Description = 
 
Error - 02/02/2015 05:59:00 | Computer Name = Boo-machine | Source = DCOM | ID = 10005
Description = 
 
Error - 02/02/2015 05:59:01 | Computer Name = Boo-machine | Source = DCOM | ID = 10005
Description = 
 
Error - 02/02/2015 05:59:01 | Computer Name = Boo-machine | Source = DCOM | ID = 10005
Description = 
 
 
< End of report >
 

 


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi as you have windows 8 I will need to run a different analysis tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.
THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#3
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts

Wow, that was quick!  Here are the logs

 

Charles

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Franny (administrator) on BOO-MACHINE on 03-02-2015 20:33:35
Running from C:\Users\Franny\Desktop
Loaded Profiles: Franny (Available profiles: Franny)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Electronic Arts) C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Users\Franny\AppData\Local\clear.fi\Media\abMediaSetup.exe
(Acer Incorporated) C:\Users\Franny\AppData\Local\clear.fi\Media\abMedia\abMediaSetup.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Acer Incorporated) C:\Windows\Temp\1e552629-3369-47d4-bd42-60847a94e6fc\AcerOpenPlatformSetup.exe
(Acer Incorporated) C:\Windows\Temp\7zS8384.tmp\AcerOpenPlatformSetup.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [3D BubbleSound] => "C:\Program Files\BubbleSound\3D BubbleSound.exe"
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-02] (AVAST Software)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM-x32\...\Run: [ZoneAlarm Installer] => "C:\Program Files (x86)\CheckPoint\Install\Launcher.exe" "C:\Program Files (x86)\CheckPoint\Install\Install.exe" /r config /c "C:\Program Files (x86)\CheckPoint\Install\Install.xml" /w
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1104384 2014-03-21] (Spotify Ltd)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30878816 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Run: [Google+ Auto Backup] => C:\Users\Franny\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\RunOnce: [Application Restart #1] => C:\Users\Franny\AppData\Local\Pokki\Engine\HostAppService.exe [7843656 2014-12-31] (Pokki)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\MountPoints2: {627b6fdb-b133-11e3-8251-806e6f6e6963} - "D:\Autorun.exe" 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:65056;https=127.0.0.1:65056
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-786374595-2290240692-171548042-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKU\S-1-5-21-786374595-2290240692-171548042-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-786374595-2290240692-171548042-1001 -> DefaultScope {305170DF-C4C0-42E7-8C0F-6F3DA07089B0} URL = https://uk.search.ya...p={SearchTerms}
SearchScopes: HKU\S-1-5-21-786374595-2290240692-171548042-1001 -> {20ECEAEE-3481-4052-BC3C-3FFE07190605} URL = 
SearchScopes: HKU\S-1-5-21-786374595-2290240692-171548042-1001 -> {305170DF-C4C0-42E7-8C0F-6F3DA07089B0} URL = https://uk.search.ya...p={SearchTerms}
SearchScopes: HKU\S-1-5-21-786374595-2290240692-171548042-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-786374595-2290240692-171548042-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
BHO: No Name -> {14a46a4c-5d26-4298-bc1c-ba225afc0d6c} ->  No File
BHO: No Name -> {395daf64-9dd0-4028-961b-c8d57037961d} ->  No File
BHO: No Name -> {51c36104-b857-4839-a152-cec05e9eb6a6} ->  No File
BHO: No Name -> {74f5f453-dd45-4ba2-a758-d65a878f9941} ->  No File
BHO: No Name -> {75561566-0230-4f49-a40e-8199fa708caf} ->  No File
BHO: No Name -> {7d6d4e94-678a-4638-9bd6-bbaf16880107} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: No Name -> {c77c8f93-f513-4d12-9a1b-5242c2b4e04a} ->  No File
BHO: No Name -> {d061a97b-6d68-4597-8094-88f8c4d5568a} ->  No File
BHO: No Name -> {fd6ab5bb-0547-485e-9c64-dffc046eab6a} ->  No File
BHO-x32: No Name -> {14a46a4c-5d26-4298-bc1c-ba225afc0d6c} ->  No File
BHO-x32: No Name -> {2bd7ceff-8e6f-469c-9672-4e3eab6bdd5e} ->  No File
BHO-x32: No Name -> {395daf64-9dd0-4028-961b-c8d57037961d} ->  No File
BHO-x32: No Name -> {51c36104-b857-4839-a152-cec05e9eb6a6} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: No Name -> {74f5f453-dd45-4ba2-a758-d65a878f9941} ->  No File
BHO-x32: No Name -> {75561566-0230-4f49-a40e-8199fa708caf} ->  No File
BHO-x32: No Name -> {7d6d4e94-678a-4638-9bd6-bbaf16880107} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: No Name -> {94121a89-5052-46cd-8744-85c85d3cfa97} ->  No File
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: No Name -> {c77c8f93-f513-4d12-9a1b-5242c2b4e04a} ->  No File
BHO-x32: No Name -> {d061a97b-6d68-4597-8094-88f8c4d5568a} ->  No File
BHO-x32: No Name -> {fd6ab5bb-0547-485e-9c64-dffc046eab6a} ->  No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-10-15]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-02]
 
Chrome: 
=======
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSearchURL: Default -> https://uk.search.ya...p={searchTerms}
CHR Profile: C:\Users\Franny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SiteAdvisor) - C:\Users\Franny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-11-27]
CHR Extension: (Avast Online Security) - C:\Users\Franny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-16]
CHR HKLM\...\Chrome\Extension: [Ìÿ] - No Path
CHR HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Chrome\Extension: [Ìÿ] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-02]
CHR HKLM-x32\...\Chrome\Extension: [Ìÿ] - No Path
StartMenuInternet: Google Chrome - chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows ® Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-02] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-02-02] (Avast Software)
S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
S2 csrcc; C:\Program Files\shopperz\csrcc.exe [1449352 2015-01-26] () [File not signed]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\MCSACORE.EXE [154320 2014-12-03] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 9b784ed1; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.16\OptProMon.dll",ENT
S2 cae99edb; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Super Optimizer\SupOptCrash.dll",ENT
S2 LLjtFxKp; "C:\ProgramData\JsKATTklk\LLjtFxKp.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-02-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-02] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R1 bsdriver; C:\Windows\system32\drivers\bsdriver.sys [35320 2015-01-30] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-02] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-02-02] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-03 20:34 - 2015-02-03 20:34 - 00001961 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-02-03 20:33 - 2015-02-03 20:33 - 00024446 _____ () C:\Users\Franny\Desktop\FRST.txt
2015-02-03 20:33 - 2015-02-03 20:33 - 00000000 ____D () C:\FRST
2015-02-03 20:32 - 2015-02-03 20:32 - 00000197 _____ () C:\Windows\system32\2015-02-03-20-32-05.027-AvastVBoxSVC.exe-3368.log
2015-02-03 20:32 - 2015-02-03 20:29 - 05200384 _____ (AVAST Software) C:\Users\Franny\Desktop\aswmbr.exe
2015-02-03 20:32 - 2015-02-03 20:28 - 02131456 _____ (Farbar) C:\Users\Franny\Desktop\FRST64.exe
2015-02-03 20:07 - 2015-02-03 20:08 - 00000000 ____D () C:\ProgramData\SecTaskMan
2015-02-03 20:07 - 2015-02-03 20:07 - 00000000 ____D () C:\Users\Franny\AppData\Local\SecTaskMan
2015-02-03 20:04 - 2015-02-03 20:06 - 00000000 ____D () C:\Users\Franny\Desktop\SD
2015-02-03 19:40 - 2015-02-03 19:40 - 00240874 _____ () C:\Users\Franny\Desktop\Extras.Txt
2015-02-03 19:38 - 2015-02-03 19:38 - 00139442 _____ () C:\Users\Franny\Desktop\OTL.Txt
2015-02-03 19:24 - 2015-02-03 19:23 - 00602112 _____ (OldTimer Tools) C:\Users\Franny\Desktop\OTL.exe
2015-02-03 17:50 - 2015-02-03 17:50 - 00000197 _____ () C:\Windows\system32\2015-02-03-17-50-03.091-AvastVBoxSVC.exe-3536.log
2015-02-03 14:30 - 2015-02-03 14:30 - 00000197 _____ () C:\Windows\system32\2015-02-03-14-30-09.018-AvastVBoxSVC.exe-3408.log
2015-02-03 14:21 - 2015-02-03 14:21 - 00000197 _____ () C:\Windows\system32\2015-02-03-14-21-11.084-AvastVBoxSVC.exe-2724.log
2015-02-03 14:11 - 2015-02-03 14:11 - 00000197 _____ () C:\Windows\system32\2015-02-03-14-11-21.080-AvastVBoxSVC.exe-3436.log
2015-02-03 14:02 - 2015-02-03 14:06 - 00000000 ____D () C:\AdwCleaner
2015-02-03 14:01 - 2015-02-03 13:59 - 02194432 _____ () C:\Users\Franny\Downloads\adwcleaner_4.109.exe
2015-02-02 18:24 - 2015-02-02 18:24 - 00000247 _____ () C:\Windows\system32\2015-02-02-18-24-33.033-aswFe.exe-2360.log
2015-02-02 18:17 - 2015-02-02 18:24 - 00000247 _____ () C:\Windows\system32\2015-02-02-18-17-37.013-aswFe.exe-4440.log
2015-02-02 18:17 - 2015-02-02 18:17 - 00000197 _____ () C:\Windows\system32\2015-02-02-18-17-31.057-AvastVBoxSVC.exe-3152.log
2015-02-02 18:05 - 2015-02-02 18:05 - 00000000 ____D () C:\Users\Franny\AppData\Local\iGware
2015-02-02 18:04 - 2015-02-02 18:04 - 00494120 _____ () C:\Windows\Minidump\020215-92484-01.dmp
2015-02-02 17:18 - 2015-02-02 17:18 - 00000000 ____D () C:\SUPERDelete
2015-02-02 17:17 - 2015-02-03 20:29 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-02 17:17 - 2015-02-03 19:22 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-02 17:17 - 2015-02-02 17:17 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-02 17:17 - 2015-02-02 17:17 - 00003658 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-02 17:17 - 2015-02-02 17:17 - 00000000 ____D () C:\Users\Franny\AppData\Roaming\SUPERAntiSpyware.com
2015-02-02 17:16 - 2015-02-02 17:17 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-02 17:16 - 2015-02-02 17:16 - 00001824 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-02-02 17:16 - 2015-02-02 17:16 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-02-02 17:16 - 2015-02-02 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-02-02 17:15 - 2015-02-01 15:34 - 21227848 _____ (SUPERAntiSpyware) C:\Users\Franny\Downloads\SUPERAntiSpyware.exe
2015-02-02 16:46 - 2015-02-02 16:47 - 00006130 _____ () C:\Users\Franny\Downloads\download
2015-02-02 16:17 - 2015-02-02 16:17 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\Franny\Downloads\zafwSetupWeb_133_209_000 (1).exe
2015-02-02 16:17 - 2015-02-02 16:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-02 16:16 - 2015-02-02 18:02 - 00000000 ____D () C:\ProgramData\CheckPoint
2015-02-02 16:15 - 2015-02-02 16:15 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\Franny\Downloads\zafwSetupWeb_133_209_000.exe
2015-02-02 15:36 - 2015-02-02 21:29 - 00000000 ____D () C:\Users\Franny\AppData\Local\CrashDumps
2015-02-02 15:36 - 2015-02-02 15:36 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-02-02 15:35 - 2015-02-02 15:36 - 00002060 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-02-02 15:34 - 2015-02-02 15:34 - 00002001 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-02-02 15:34 - 2015-02-02 15:34 - 00000000 ____D () C:\Users\Franny\AppData\Local\AcerCloud
2015-02-02 15:33 - 2015-02-02 15:33 - 00000000 ____D () C:\Users\Franny\AppData\Local\Doc
2015-02-02 14:11 - 2015-02-02 14:11 - 00000247 _____ () C:\Windows\system32\2015-02-02-14-11-22.051-aswFe.exe-2860.log
2015-02-02 14:04 - 2015-02-02 14:11 - 00000247 _____ () C:\Windows\system32\2015-02-02-14-04-13.080-aswFe.exe-3148.log
2015-02-02 14:04 - 2015-02-02 14:04 - 00000197 _____ () C:\Windows\system32\2015-02-02-14-04-10.050-AvastVBoxSVC.exe-2584.log
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 ____D () C:\Windows\system32\vbox
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 ____D () C:\Users\Franny\AppData\Roaming\AVAST Software
2015-02-02 12:20 - 2015-02-02 12:21 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-02 12:20 - 2015-02-02 12:20 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-02 12:20 - 2015-02-02 12:20 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-02 12:20 - 2015-02-02 12:20 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00001984 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-02 12:20 - 2015-02-02 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-02 12:19 - 2015-02-02 12:19 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-02 10:01 - 2015-02-02 12:19 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-02 10:01 - 2015-02-02 10:01 - 05006864 _____ (AVAST Software) C:\Users\Franny\Downloads\avast_free_antivirus_setup_online.exe
2015-02-02 08:57 - 2015-02-02 20:11 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 08:57 - 2015-02-02 08:57 - 00001078 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-02 08:57 - 2015-02-02 08:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-02 08:57 - 2015-02-02 08:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-02 08:57 - 2015-02-02 08:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-02 08:57 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-02 08:57 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-02 08:57 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-02 08:56 - 2015-02-02 08:56 - 00000711 _____ () C:\Users\Franny\Desktop\mbam-setup-2.0.4.1028.exe - Shortcut.lnk
2015-02-01 19:11 - 2015-02-01 19:12 - 00001690 _____ () C:\Windows\SysWOW64\${LOGFILE}
2015-01-30 21:23 - 2015-02-02 12:22 - 00000000 ____D () C:\Program Files (x86)\apppsavee
2015-01-30 15:40 - 2015-01-30 15:41 - 00000000 ____D () C:\Users\Franny\AppData\Local\ClearfiMedia
2015-01-30 15:39 - 2015-01-30 15:40 - 00002037 _____ () C:\Users\Public\Desktop\abPhoto.lnk
2015-01-30 15:37 - 2014-12-31 11:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-30 15:36 - 2015-01-30 15:37 - 00000000 ____D () C:\Users\Franny\AppData\Local\ClearfiPhoto
2015-01-30 15:21 - 2015-01-30 15:21 - 00035320 _____ () C:\Windows\system32\Drivers\bsdriver.sys
2015-01-30 15:20 - 2015-02-02 09:29 - 00000000 ____D () C:\Program Files\shopperz
2015-01-30 15:20 - 2015-01-30 15:20 - 00000045 _____ () C:\user.js
2015-01-30 15:20 - 2015-01-06 12:38 - 00014040 _____ () C:\Windows\system32\Drivers\cherimoya.sys
2015-01-24 11:23 - 2015-01-24 11:23 - 00284832 _____ () C:\Windows\Minidump\012415-23593-01.dmp
2015-01-21 23:17 - 2014-12-19 06:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-21 23:17 - 2014-12-12 02:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-21 23:17 - 2014-12-12 00:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-21 23:17 - 2014-12-09 01:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-21 23:17 - 2014-12-06 03:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-21 23:17 - 2014-12-06 01:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-21 23:17 - 2014-10-29 01:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-21 23:17 - 2014-10-29 01:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-19 23:39 - 2015-01-22 06:56 - 00025077 ____H () C:\Users\Franny\Documents\~WRL2760.tmp
2015-01-16 18:20 - 2014-12-08 19:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-16 18:20 - 2014-12-08 19:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-16 18:20 - 2014-12-08 19:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-16 18:20 - 2014-12-08 19:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-16 18:20 - 2014-12-06 01:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-16 18:20 - 2014-10-29 04:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-16 18:20 - 2014-10-29 03:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-16 18:20 - 2014-10-29 03:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-16 18:19 - 2014-12-08 19:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-16 18:19 - 2014-12-08 19:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-16 18:19 - 2014-12-08 19:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-16 18:19 - 2014-12-08 19:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-16 18:19 - 2014-10-29 04:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-16 18:19 - 2014-10-29 03:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-16 18:19 - 2014-10-29 03:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-16 18:19 - 2014-10-29 03:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-16 18:19 - 2014-10-29 03:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-16 18:19 - 2014-10-29 03:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-16 18:19 - 2014-10-29 03:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-16 18:19 - 2014-10-29 03:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-16 18:19 - 2014-10-29 02:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-16 18:19 - 2014-10-29 01:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-16 18:19 - 2014-10-29 01:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2021-10-21 13:36 - 2014-03-21 20:28 - 00000852 _____ () C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 07:34 - 2014-03-21 20:28 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2015-02-03 20:34 - 2013-10-15 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-03 20:33 - 2014-03-21 20:10 - 01665878 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 20:30 - 2014-12-20 18:48 - 00000000 ____D () C:\Users\Franny\Tracing
2015-02-03 20:30 - 2014-11-27 00:03 - 00000000 __RDO () C:\Users\Franny\SkyDrive
2015-02-03 20:30 - 2014-11-26 23:02 - 00000000 ____D () C:\Users\Franny\AppData\Local\clear.fi
2015-02-03 20:28 - 2013-08-22 14:46 - 00026113 _____ () C:\Windows\setupact.log
2015-02-03 20:28 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-03 20:03 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-03 20:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-03 19:48 - 2014-12-07 10:07 - 00000000 ____D () C:\Users\Franny\AppData\Roaming\Skype
2015-02-03 19:27 - 2013-10-15 14:30 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-03 18:04 - 2014-11-26 23:05 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-786374595-2290240692-171548042-1001
2015-02-03 15:28 - 2014-03-21 20:45 - 00001969 _____ () C:\Users\Public\Desktop\PRIVATE WiFi.lnk
2015-02-03 14:26 - 2013-08-22 13:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-02-03 14:07 - 2013-10-15 14:21 - 00852472 _____ () C:\Windows\PFRO.log
2015-02-03 14:06 - 2014-11-26 23:00 - 00001005 _____ () C:\Users\Franny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-03 10:39 - 2014-11-29 01:30 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-03 10:32 - 2014-11-29 01:30 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-02 20:16 - 2014-11-27 00:08 - 00000000 ____D () C:\Users\Franny\AppData\Local\Google
2015-02-02 18:04 - 2014-12-30 22:37 - 00000000 ____D () C:\Windows\Minidump
2015-02-02 18:02 - 2014-12-30 22:37 - 2031824163 _____ () C:\Windows\MEMORY.DMP
2015-02-02 17:19 - 2014-11-27 00:08 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-02 15:37 - 2013-10-15 14:42 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-02-02 15:36 - 2014-03-21 20:43 - 00000000 ____D () C:\ProgramData\OEM
2015-02-02 12:45 - 2014-12-23 01:01 - 00000000 ____D () C:\Program Files (x86)\9d269fe3-c63c-4303-a99e-372939df7dad
2015-02-02 12:00 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-02 11:51 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-02 11:50 - 2014-12-04 19:56 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-02-02 09:29 - 2014-12-22 19:44 - 00000000 ____D () C:\Users\Franny\AppData\Local\com
2015-02-01 23:35 - 2014-12-22 19:41 - 00000000 ____D () C:\ProgramData\JsKATTklk
2015-02-01 23:35 - 2014-12-21 13:20 - 00000000 ____D () C:\ProgramData\saleoffer
2015-02-01 19:11 - 2014-11-27 23:06 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-02-01 18:40 - 2014-11-27 00:08 - 00000000 ____D () C:\Users\Franny\AppData\Local\Deployment
2015-01-30 21:31 - 2014-11-26 23:00 - 00000000 ____D () C:\Users\Franny
2015-01-30 21:04 - 2013-08-22 13:25 - 00000301 _____ () C:\Windows\win.ini
2015-01-30 21:01 - 2014-11-26 23:00 - 00000000 ____D () C:\Users\Franny\AppData\Local\Pokki
2015-01-30 15:58 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-30 15:43 - 2014-12-01 22:43 - 00000173 _____ () C:\Users\Franny\AppData\Roaming\WB.CFG
2015-01-30 15:37 - 2013-10-15 15:14 - 00000000 ___HD () C:\OEM
2015-01-30 15:33 - 2013-10-15 14:43 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-30 15:33 - 2013-10-15 14:43 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-30 15:33 - 2013-10-15 14:43 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-30 15:17 - 2014-11-26 23:04 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1D7379BC-7224-49AF-B98F-58EF838D200C}
2015-01-24 20:20 - 2014-12-20 18:07 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 20:20 - 2014-12-20 18:07 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-07 17:36 - 2014-11-30 17:34 - 00002295 _____ () C:\Users\Franny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
 
==================== Files in the root of some directories =======
 
2014-12-01 22:43 - 2015-01-30 15:43 - 0000173 _____ () C:\Users\Franny\AppData\Roaming\WB.CFG
2014-12-03 19:44 - 2014-12-17 19:43 - 0000001 _____ () C:\Users\Franny\AppData\Local\DSI.DAT
2014-12-03 19:43 - 2014-12-03 19:43 - 0022528 _____ () C:\Users\Franny\AppData\Local\dsisetup2673992652.exe
2014-12-17 19:43 - 2014-12-17 19:43 - 0022528 _____ () C:\Users\Franny\AppData\Local\dsisetup8989879682.exe
2014-03-21 20:28 - 2014-03-21 20:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some content of TEMP:
====================
C:\Users\Franny\AppData\Local\Temp\144CC280-B594-EA99-C7D1-886ECFA425DA.dll
C:\Users\Franny\AppData\Local\Temp\CloudBackup3255.exe
C:\Users\Franny\AppData\Local\Temp\COMAP.EXE
C:\Users\Franny\AppData\Local\Temp\EAD1BBB.exe
C:\Users\Franny\AppData\Local\Temp\EAD1CF4.exe
C:\Users\Franny\AppData\Local\Temp\EAD386D.exe
C:\Users\Franny\AppData\Local\Temp\EAD4D75.exe
C:\Users\Franny\AppData\Local\Temp\EAD51BF.exe
C:\Users\Franny\AppData\Local\Temp\EAD5518.exe
C:\Users\Franny\AppData\Local\Temp\EAD5E33.exe
C:\Users\Franny\AppData\Local\Temp\EAD6C13.exe
C:\Users\Franny\AppData\Local\Temp\EAD6EEC.exe
C:\Users\Franny\AppData\Local\Temp\EAD74A9.exe
C:\Users\Franny\AppData\Local\Temp\EAD8D2E.exe
C:\Users\Franny\AppData\Local\Temp\EADAA9E.exe
C:\Users\Franny\AppData\Local\Temp\EADB001.exe
C:\Users\Franny\AppData\Local\Temp\EADB2.exe
C:\Users\Franny\AppData\Local\Temp\EADBADE.exe
C:\Users\Franny\AppData\Local\Temp\EADD5C4.exe
C:\Users\Franny\AppData\Local\Temp\EADDB25.exe
C:\Users\Franny\AppData\Local\Temp\EADE786.exe
C:\Users\Franny\AppData\Local\Temp\EADEAE4.exe
C:\Users\Franny\AppData\Local\Temp\oct33BA.tmp.exe
C:\Users\Franny\AppData\Local\Temp\oct5CFC.tmp.exe
C:\Users\Franny\AppData\Local\Temp\octC1ED.tmp.exe
C:\Users\Franny\AppData\Local\Temp\octDE37.tmp.exe
C:\Users\Franny\AppData\Local\Temp\optprosetup.exe
C:\Users\Franny\AppData\Local\Temp\ose00000.exe
C:\Users\Franny\AppData\Local\Temp\Quarantine.exe
C:\Users\Franny\AppData\Local\Temp\setup_384.exe
C:\Users\Franny\AppData\Local\Temp\setup_495.exe
C:\Users\Franny\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Franny\AppData\Local\Temp\SpOrder.dll
C:\Users\Franny\AppData\Local\Temp\sqlite3.dll
C:\Users\Franny\AppData\Local\Temp\sqlite3.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-24 11:41
 
==================== End Of Log ============================
 
 
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Franny at 2015-02-03 20:34:49
Running from C:\Users\Franny\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.03.2001.0 - Acer Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version:  - )
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.1.154 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picasa Packages (HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Picasa Packages) (Version:  - ) <==== ATTENTION
Pokki Start Menu (HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-786374595-2290240692-171548042-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Franny\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
06-01-2015 15:42:50 Scheduled Checkpoint
19-01-2015 23:34:25 Scheduled Checkpoint
24-01-2015 10:55:14 Windows Update
02-02-2015 11:59:36 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0690C061-3B55-4C3C-BDA8-2EDABEB56529} - \fe573312-f019-4818-a237-155fc74e54e1-5 No Task File <==== ATTENTION
Task: {14AAFAB8-E5F3-42DD-B06F-27C61C375DCB} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate)
Task: {273E690B-ED52-4013-8A5E-C3D6CE0A26D1} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {3CE7933F-4566-432F-A499-B4194CCBDEA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-02] (Google Inc.)
Task: {5CC426FB-7DF4-4078-A9EC-DCD34E2A712F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {5DC9DEBB-DF06-44F4-9B2E-1C65267800EF} - \fe573312-f019-4818-a237-155fc74e54e1-10_user No Task File <==== ATTENTION
Task: {5FF0F50D-F50E-408D-B60E-E3A40E160524} - \fe573312-f019-4818-a237-155fc74e54e1-3 No Task File <==== ATTENTION
Task: {61CBE4FD-DD68-4966-815A-682A0618C2A8} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {69631CE1-D20B-4627-9B3D-67C46D32A084} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-02] (AVAST Software)
Task: {6F370CF7-B720-4F1E-94CC-4C41996E6682} - \fe573312-f019-4818-a237-155fc74e54e1-7 No Task File <==== ATTENTION
Task: {79AE8142-DF42-46DD-8159-76DEFB1DC44B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-03] (Microsoft Corporation)
Task: {7A83FCB6-3B9D-4383-AF8B-989088C9504A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C81833D-ED58-4289-B315-EAC27531C53D} - \fe573312-f019-4818-a237-155fc74e54e1-5_user No Task File <==== ATTENTION
Task: {81C5280C-EDD3-4A73-92F2-490CFCA30CD9} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {8BDFF953-64A4-4A65-9779-88BC9C2153C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-02] (Google Inc.)
Task: {9AE6A597-861E-4AD4-A8E5-A211832A74EB} - \CheckMeUp Update No Task File <==== ATTENTION
Task: {A250F7CC-DB62-47CA-9512-406918F1AECE} - \upfs7235 No Task File <==== ATTENTION
Task: {ABA4CC3A-5873-4C21-A9CE-0D44B779522F} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {AD08E39C-0C7B-4967-BB35-46A3CFA32521} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {AED8E1DA-2B02-4F91-A8B2-7F939ADA0B43} - \fe573312-f019-4818-a237-155fc74e54e1-6 No Task File <==== ATTENTION
Task: {ED8EB45D-BFA3-452A-9750-9EE7C15EFC8C} - \fe573312-f019-4818-a237-155fc74e54e1-1 No Task File <==== ATTENTION
Task: {EE3482C3-2D27-4A97-A674-C6E4CF7E917C} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-786374595-2290240692-171548042-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {EF78A963-3067-40E2-9879-BB64E468FDD4} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2015-02-02 12:20 - 2015-02-02 12:20 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-02-02 12:20 - 2015-02-02 12:20 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-10-15 15:14 - 2013-09-03 19:45 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-19 21:59 - 2014-12-19 21:59 - 00090880 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-12-19 21:59 - 2014-12-19 21:59 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-02-02 12:20 - 2015-02-02 12:20 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020200\algo.dll
2015-02-02 12:20 - 2015-02-02 12:20 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-02 12:20 - 2015-02-02 12:20 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-19 22:00 - 2014-12-19 22:00 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2014-03-21 20:22 - 2013-09-03 23:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-12-29 13:25 - 2014-12-29 13:25 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-01-30 15:39 - 2015-01-30 15:39 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-12-19 21:16 - 2014-12-19 21:16 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-12-19 21:10 - 2014-12-19 21:10 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Franny\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "SpywareClearShield"
HKLM\...\StartupApproved\Run: => "SpywareClearUpdater"
HKLM\...\StartupApproved\Run: => "shopperz"
HKLM\...\StartupApproved\Run: => "shopperz64"
HKLM\...\StartupApproved\Run32: => "gmsd_gb_29"
HKLM\...\StartupApproved\Run32: => "PCTechHotline"
HKLM\...\StartupApproved\Run32: => "WinCheck"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\StartupFolder: => "StormWatch.lnk"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\StartupFolder: => "StormWatchApp.lnk"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\Run: => "Optimizer Pro"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\Run: => "PCSpeedUp"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\Run: => "Selection Tools"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\Run: => "Super Optimizer"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\Run: => "WindApp"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-786374595-2290240692-171548042-500 - Administrator - Disabled)
Franny (S-1-5-21-786374595-2290240692-171548042-1001 - Administrator - Enabled) => C:\Users\Franny
Guest (S-1-5-21-786374595-2290240692-171548042-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/03/2015 08:01:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/03/2015 07:46:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/03/2015 06:01:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/03/2015 06:01:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/03/2015 05:50:27 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: NT AUTHORITY)
Description: Application or service 'avast! Antivirus' could not be shut down.
 
Error: (02/03/2015 05:50:22 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: NT AUTHORITY)
Description: Application or service 'avast! Antivirus' could not be shut down.
 
Error: (02/03/2015 05:47:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
 
Error: (02/03/2015 05:44:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
 
Error: (02/03/2015 05:41:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/03/2015 05:41:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (02/03/2015 08:30:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LLjtFxKp service failed to start due to the following error: 
%%2
 
Error: (02/03/2015 08:29:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The csrcc service failed to start due to the following error: 
%%216
 
Error: (02/03/2015 08:29:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Super Optimizer service to connect.
 
Error: (02/03/2015 08:29:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Optimizer Pro Crash Monitor service to connect.
 
Error: (02/03/2015 05:47:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LLjtFxKp service failed to start due to the following error: 
%%2
 
Error: (02/03/2015 05:47:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The csrcc service failed to start due to the following error: 
%%216
 
Error: (02/03/2015 05:47:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Super Optimizer service to connect.
 
Error: (02/03/2015 05:47:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Optimizer Pro Crash Monitor service to connect.
 
Error: (02/03/2015 05:46:19 PM) (Source: DCOM) (EventID: 10005) (User: BOO-MACHINE)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (02/03/2015 05:46:15 PM) (Source: DCOM) (EventID: 10005) (User: BOO-MACHINE)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-01 21:20:14.842
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:14.611
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:14.372
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:14.156
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:13.939
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:13.754
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:13.036
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:12.799
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:12.596
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:12.330
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-3217U CPU @ 1.80GHz
Percentage of memory in use: 25%
Total physical RAM: 6033.27 MB
Available physical RAM: 4470.84 MB
Total Pagefile: 12433.27 MB
Available Pagefile: 10884.04 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:914.19 GB) (Free:841.16 GB) NTFS
Drive e: () (Removable) (Total:1.87 GB) (Free:1.59 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 07A72123)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
 
 
 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2015-02-03 20:36:45
-----------------------------
20:36:45.512    OS Version: Windows x64 6.2.9200 
20:36:45.512    Number of processors: 4 586 0x3A09
20:36:45.512    ComputerName: BOO-MACHINE  UserName: Franny
20:36:46.856    Initialize success
20:36:46.887    VM: initialized successfully
20:36:46.887    VM: Intel CPU supported virtualized 
20:36:55.703    VM: supported disk I/O storport.sys
20:36:59.345    AVAST engine defs: 15020200
20:38:17.784    The log file has been saved successfully to "C:\Users\Franny\Desktop\aswMBR.txt"
 
 

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you try the internet after the FRST fix please

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:65056;https=127.0.0.1:65056
BHO: No Name -> {14a46a4c-5d26-4298-bc1c-ba225afc0d6c} -> No File
BHO: No Name -> {395daf64-9dd0-4028-961b-c8d57037961d} -> No File
BHO: No Name -> {51c36104-b857-4839-a152-cec05e9eb6a6} -> No File
BHO: No Name -> {74f5f453-dd45-4ba2-a758-d65a878f9941} -> No File
BHO: No Name -> {75561566-0230-4f49-a40e-8199fa708caf} -> No File
BHO: No Name -> {7d6d4e94-678a-4638-9bd6-bbaf16880107} -> No File
BHO: No Name -> {c77c8f93-f513-4d12-9a1b-5242c2b4e04a} -> No File
BHO: No Name -> {d061a97b-6d68-4597-8094-88f8c4d5568a} -> No File
BHO: No Name -> {fd6ab5bb-0547-485e-9c64-dffc046eab6a} -> No File
BHO-x32: No Name -> {14a46a4c-5d26-4298-bc1c-ba225afc0d6c} -> No File
BHO-x32: No Name -> {2bd7ceff-8e6f-469c-9672-4e3eab6bdd5e} -> No File
BHO-x32: No Name -> {395daf64-9dd0-4028-961b-c8d57037961d} -> No File
BHO-x32: No Name -> {51c36104-b857-4839-a152-cec05e9eb6a6} -> No File
BHO-x32: No Name -> {74f5f453-dd45-4ba2-a758-d65a878f9941} -> No File
BHO-x32: No Name -> {75561566-0230-4f49-a40e-8199fa708caf} -> No File
BHO-x32: No Name -> {7d6d4e94-678a-4638-9bd6-bbaf16880107} -> No File
BHO-x32: No Name -> {94121a89-5052-46cd-8744-85c85d3cfa97} -> No File
BHO-x32: No Name -> {c77c8f93-f513-4d12-9a1b-5242c2b4e04a} -> No File
BHO-x32: No Name -> {d061a97b-6d68-4597-8094-88f8c4d5568a} -> No File
BHO-x32: No Name -> {fd6ab5bb-0547-485e-9c64-dffc046eab6a} -> No File
CHR HKLM\...\Chrome\Extension: [Ìÿ] - No Path
CHR HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Chrome\Extension: [Ìÿ] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path
CHR HKLM-x32\...\Chrome\Extension: [Ìÿ] - No Path
S2 9b784ed1; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.16\OptProMon.dll",ENT
S2 cae99edb; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Super Optimizer\SupOptCrash.dll",ENT
2015-02-02 17:18 - 2015-02-02 17:18 - 00000000 ____D () C:\SUPERDelete
2015-02-01 19:11 - 2015-02-01 19:12 - 00001690 _____ () C:\Windows\SysWOW64\${LOGFILE}
2015-01-30 21:23 - 2015-02-02 12:22 - 00000000 ____D () C:\Program Files (x86)\apppsavee
2015-01-30 15:40 - 2015-01-30 15:41 - 00000000 ____D () C:\Users\Franny\AppData\Local\ClearfiMedia
S2 LLjtFxKp; "C:\ProgramData\JsKATTklk\LLjtFxKp.exe" [X]
2015-01-30 15:20 - 2015-02-02 09:29 - 00000000 ____D () C:\Program Files\shopperz
2015-01-30 15:20 - 2015-01-30 15:20 - 00000045 _____ () C:\user.js
2015-01-19 23:39 - 2015-01-22 06:56 - 00025077 ____H () C:\Users\Franny\Documents\~WRL2760.tmp
2015-02-02 12:45 - 2014-12-23 01:01 - 00000000 ____D () C:\Program Files (x86)\9d269fe3-c63c-4303-a99e-372939df7dad
2015-02-02 09:29 - 2014-12-22 19:44 - 00000000 ____D () C:\Users\Franny\AppData\Local\com
2015-02-01 23:35 - 2014-12-22 19:41 - 00000000 ____D () C:\ProgramData\JsKATTklk
2015-02-01 23:35 - 2014-12-21 13:20 - 00000000 ____D () C:\ProgramData\saleoffer
Task: {0690C061-3B55-4C3C-BDA8-2EDABEB56529} - \fe573312-f019-4818-a237-155fc74e54e1-5 No Task File <==== ATTENTION
Task: {5DC9DEBB-DF06-44F4-9B2E-1C65267800EF} - \fe573312-f019-4818-a237-155fc74e54e1-10_user No Task File <==== ATTENTION
Task: {5FF0F50D-F50E-408D-B60E-E3A40E160524} - \fe573312-f019-4818-a237-155fc74e54e1-3 No Task File <==== ATTENTION
Task: {6F370CF7-B720-4F1E-94CC-4C41996E6682} - \fe573312-f019-4818-a237-155fc74e54e1-7 No Task File <==== ATTENTION
Task: {7C81833D-ED58-4289-B315-EAC27531C53D} - \fe573312-f019-4818-a237-155fc74e54e1-5_user No Task File <==== ATTENTION
Task: {9AE6A597-861E-4AD4-A8E5-A211832A74EB} - \CheckMeUp Update No Task File <==== ATTENTION
Task: {A250F7CC-DB62-47CA-9512-406918F1AECE} - \upfs7235 No Task File <==== ATTENTION
Task: {AED8E1DA-2B02-4F91-A8B2-7F939ADA0B43} - \fe573312-f019-4818-a237-155fc74e54e1-6 No Task File <==== ATTENTION
Task: {ED8EB45D-BFA3-452A-9750-9EE7C15EFC8C} - \fe573312-f019-4818-a237-155fc74e54e1-1 No Task File <==== ATTENTION
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
c:\Program Files (x86)\Optimizer Pro 3.16
c:\Program Files (x86)\Super Optimizer
C:\ProgramData\JsKATTklk
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#5
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts

No change on internet access, I'm afraid, either for wifi or ethernet.  Here are the logs.

 

C

 

 

CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:65056;https=127.0.0.1:65056
BHO: No Name -> {14a46a4c-5d26-4298-bc1c-ba225afc0d6c} -> No File
BHO: No Name -> {395daf64-9dd0-4028-961b-c8d57037961d} -> No File
BHO: No Name -> {51c36104-b857-4839-a152-cec05e9eb6a6} -> No File
BHO: No Name -> {74f5f453-dd45-4ba2-a758-d65a878f9941} -> No File
BHO: No Name -> {75561566-0230-4f49-a40e-8199fa708caf} -> No File
BHO: No Name -> {7d6d4e94-678a-4638-9bd6-bbaf16880107} -> No File
BHO: No Name -> {c77c8f93-f513-4d12-9a1b-5242c2b4e04a} -> No File
BHO: No Name -> {d061a97b-6d68-4597-8094-88f8c4d5568a} -> No File
BHO: No Name -> {fd6ab5bb-0547-485e-9c64-dffc046eab6a} -> No File
BHO-x32: No Name -> {14a46a4c-5d26-4298-bc1c-ba225afc0d6c} -> No File
BHO-x32: No Name -> {2bd7ceff-8e6f-469c-9672-4e3eab6bdd5e} -> No File
BHO-x32: No Name -> {395daf64-9dd0-4028-961b-c8d57037961d} -> No File
BHO-x32: No Name -> {51c36104-b857-4839-a152-cec05e9eb6a6} -> No File
BHO-x32: No Name -> {74f5f453-dd45-4ba2-a758-d65a878f9941} -> No File
BHO-x32: No Name -> {75561566-0230-4f49-a40e-8199fa708caf} -> No File
BHO-x32: No Name -> {7d6d4e94-678a-4638-9bd6-bbaf16880107} -> No File
BHO-x32: No Name -> {94121a89-5052-46cd-8744-85c85d3cfa97} -> No File
BHO-x32: No Name -> {c77c8f93-f513-4d12-9a1b-5242c2b4e04a} -> No File
BHO-x32: No Name -> {d061a97b-6d68-4597-8094-88f8c4d5568a} -> No File
BHO-x32: No Name -> {fd6ab5bb-0547-485e-9c64-dffc046eab6a} -> No File
CHR HKLM\...\Chrome\Extension: [Ìÿ] - No Path
CHR HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Chrome\Extension: [Ìÿ] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path
CHR HKLM-x32\...\Chrome\Extension: [Ìÿ] - No Path
S2 9b784ed1; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.16\OptProMon.dll",ENT
S2 cae99edb; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Super Optimizer\SupOptCrash.dll",ENT
2015-02-02 17:18 - 2015-02-02 17:18 - 00000000 ____D () C:\SUPERDelete
2015-02-01 19:11 - 2015-02-01 19:12 - 00001690 _____ () C:\Windows\SysWOW64\${LOGFILE}
2015-01-30 21:23 - 2015-02-02 12:22 - 00000000 ____D () C:\Program Files (x86)\apppsavee
2015-01-30 15:40 - 2015-01-30 15:41 - 00000000 ____D () C:\Users\Franny\AppData\Local\ClearfiMedia
S2 LLjtFxKp; "C:\ProgramData\JsKATTklk\LLjtFxKp.exe" [X]
2015-01-30 15:20 - 2015-02-02 09:29 - 00000000 ____D () C:\Program Files\shopperz
2015-01-30 15:20 - 2015-01-30 15:20 - 00000045 _____ () C:\user.js
2015-01-19 23:39 - 2015-01-22 06:56 - 00025077 ____H () C:\Users\Franny\Documents\~WRL2760.tmp
2015-02-02 12:45 - 2014-12-23 01:01 - 00000000 ____D () C:\Program Files (x86)\9d269fe3-c63c-4303-a99e-372939df7dad
2015-02-02 09:29 - 2014-12-22 19:44 - 00000000 ____D () C:\Users\Franny\AppData\Local\com
2015-02-01 23:35 - 2014-12-22 19:41 - 00000000 ____D () C:\ProgramData\JsKATTklk
2015-02-01 23:35 - 2014-12-21 13:20 - 00000000 ____D () C:\ProgramData\saleoffer
Task: {0690C061-3B55-4C3C-BDA8-2EDABEB56529} - \fe573312-f019-4818-a237-155fc74e54e1-5 No Task File <==== ATTENTION
Task: {5DC9DEBB-DF06-44F4-9B2E-1C65267800EF} - \fe573312-f019-4818-a237-155fc74e54e1-10_user No Task File <==== ATTENTION
Task: {5FF0F50D-F50E-408D-B60E-E3A40E160524} - \fe573312-f019-4818-a237-155fc74e54e1-3 No Task File <==== ATTENTION
Task: {6F370CF7-B720-4F1E-94CC-4C41996E6682} - \fe573312-f019-4818-a237-155fc74e54e1-7 No Task File <==== ATTENTION
Task: {7C81833D-ED58-4289-B315-EAC27531C53D} - \fe573312-f019-4818-a237-155fc74e54e1-5_user No Task File <==== ATTENTION
Task: {9AE6A597-861E-4AD4-A8E5-A211832A74EB} - \CheckMeUp Update No Task File <==== ATTENTION
Task: {A250F7CC-DB62-47CA-9512-406918F1AECE} - \upfs7235 No Task File <==== ATTENTION
Task: {AED8E1DA-2B02-4F91-A8B2-7F939ADA0B43} - \fe573312-f019-4818-a237-155fc74e54e1-6 No Task File <==== ATTENTION
Task: {ED8EB45D-BFA3-452A-9750-9EE7C15EFC8C} - \fe573312-f019-4818-a237-155fc74e54e1-1 No Task File <==== ATTENTION
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
c:\Program Files (x86)\Optimizer Pro 3.16
c:\Program Files (x86)\Super Optimizer
C:\ProgramData\JsKATTklk
EmptyTemp:
CMD: bitsadmin /reset /allusers
 
 
 
# AdwCleaner v4.109 - Report created 03/02/2015 at 22:19:18
# Updated 24/01/2015 by Xplode
# Database : 2015-01-24.3 [Local]
# Operating System : Windows 8.1  (64 bits)
# Username : Franny - BOO-MACHINE
# Running from : C:\Users\Franny\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\SecTaskMan
[!] Folder Deleted : C:\Program Files\shopperz
Folder Deleted : C:\Users\Franny\AppData\Local\SecTaskMan
File Deleted : C:\Windows\System32\drivers\cherimoya.sys
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v
 
 
*************************
 
AdwCleaner[R0].txt - [17537 octets] - [03/02/2015 14:02:49]
AdwCleaner[R1].txt - [1032 octets] - [03/02/2015 22:15:26]
AdwCleaner[S0].txt - [17196 octets] - [03/02/2015 14:06:19]
AdwCleaner[S1].txt - [967 octets] - [03/02/2015 22:19:18]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1026 octets] ##########
 

  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets try and sus out this internet problem now... Does windows give an error when you try to connect ?

Please download MiniToolBox, save it to your desktop and run it.
minitoolbox.JPG

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • 0

#7
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Hi Essexboy
 
When trying to run Internet Explorer, I get the warning that "You aren't connected to a network".  When I click to "Fix connection problems" I get a message that the troubleshooter thinks there is a problem with the device drivers - I have attached a screenshot.    

 

Meanwhile, here is the log from MiniToolBox.

 

Charles

 

 

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Franny (administrator) on 04-02-2015 at 18:39:18
Running from "C:\Users\Franny\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Broadcom NetLink ™ Gigabit Ethernet = Ethernet (Disconnected)
Qualcomm Atheros AR956x Wireless Network Adapter = WiFi (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Boo-machine
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/04/2015 06:29:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/04/2015 06:29:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/04/2015 01:53:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/04/2015 01:53:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/04/2015 08:17:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/04/2015 08:17:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/04/2015 08:03:46 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29565297
 
Error: (02/04/2015 08:03:46 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29565297
 
Error: (02/04/2015 08:03:46 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/03/2015 11:50:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (02/03/2015 10:20:25 PM) (Source: Service Control Manager) (User: )
Description: The csrcc service failed to start due to the following error: 
%%216
 
Error: (02/03/2015 10:19:21 PM) (Source: Service Control Manager) (User: )
Description: The CCDMonitorService service terminated unexpectedly. It has done this 1 time(s).
 
Error: (02/03/2015 10:19:21 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (02/03/2015 10:19:21 PM) (Source: Service Control Manager) (User: )
Description: The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (02/03/2015 10:19:21 PM) (Source: Service Control Manager) (User: )
Description: The Volume Shadow Copy service terminated unexpectedly. It has done this 1 time(s).
 
Error: (02/03/2015 10:19:21 PM) (Source: Service Control Manager) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).
 
Error: (02/03/2015 10:19:21 PM) (Source: Service Control Manager) (User: )
Description: The Nero Update service terminated unexpectedly. It has done this 1 time(s).
 
Error: (02/03/2015 10:19:21 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
 
Error: (02/03/2015 10:19:21 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Integrated Clock Controller Service - Intel® ICCS service terminated unexpectedly. It has done this 1 time(s).
 
Error: (02/03/2015 10:19:21 PM) (Source: Service Control Manager) (User: )
Description: The ePower Service service terminated unexpectedly. It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-01 21:20:14.842
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:14.611
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:14.372
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:14.156
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:13.939
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:13.754
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:13.036
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:12.799
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:12.596
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-01 21:20:12.330
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
 
=========================== Installed Programs ============================
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Games (HKCU\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.03.2001.0 - Acer Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version:  - )
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.3126.57 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.1.154 - McAfee, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Nero BackItUp (x32 Version: 12.5.11000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15900 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20900 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picasa Packages (HKCU\...\Picasa Packages) (Version:  - )
Pokki Start Menu (HKCU\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{9913305E-D4AC-4D26-B30F-799D529FB282}) (Version:  - Microsoft)
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{7B9D2746-D03B-442B-A691-90B748E316B4}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
 
========================= Devices: ================================
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
 
Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
 
Name: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D
Description: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
 
Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
 
Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
 
Name: HD WebCam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
 
Name: Root Print Queue
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
 
Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: volmgr
 
Name: Intel® HM77 Express Chipset LPC Controller - 1E57
Description: Intel® HM77 Express Chipset LPC Controller - 1E57
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
 
Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
 
Name: MATSHITA DVD-RAM UJ8E2Q
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
 
Name: WDC WD10JPVX-22JC3T0
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
 
Name: Microsoft Basic Display Driver
Description: Microsoft Basic Display Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: BasicDisplay
 
Name: HID-compliant vendor-defined device
Description: HID-compliant vendor-defined device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
 
Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
 
Name: Microphone (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
 
Name: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26
Description: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
 
Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
 
Name: Microsoft Virtual Drive Enumerator
Description: Microsoft Virtual Drive Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vdrvroot
 
Name: Microsoft Storage Spaces Controller
Description: Microsoft Storage Spaces Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: spaceport
 
Name: USB Root Hub (xHCI)
Description: USB Root Hub (xHCI)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB HUBs)
Service: USBHUB3
 
Name: Microsoft Kernel Debug Network Adapter
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
 
Name: Microsoft XPS Document Writer
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
 
Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
 
Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
 
Name: Qualcomm Atheros AR956x Wireless Network Adapter
Description: Qualcomm Atheros AR956x Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
 
Name: Broadcom SD Host Controller
Description: Broadcom SD Host Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom Corporation
Service: bScsiSDa
 
Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
 
Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
 
Name: Intel® HD Graphics 4000
Description: Intel® HD Graphics 4000
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
 
Name: Microsoft Device Association Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
 
Name: Microsoft Wi-Fi Direct Virtual Adapter
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
 
Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
 
Name: Microsoft Hosted Network Virtual Adapter
Description: Microsoft Hosted Network Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
 
Name: Intel® USB 3.0 eXtensible Host Controller - 0100 (Microsoft)
Description: USB xHCI Compliant Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generic USB xHCI Host Controller
Service: USBXHCI
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: PCI Express Root Complex
Description: PCI Express Root Complex
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
 
Name: Intel® 7 Series/C216 Chipset Family SATA AHCI Controller - 1E03
Description: Intel® 7 Series/C216 Chipset Family SATA AHCI Controller - 1E03
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: storahci
 
Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
 
Name: Microsoft Basic Render Driver
Description: Microsoft Basic Render Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BasicRender
 
Name: Fax
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
 
Name: Intel® Management Engine Interface 
Description: Intel® Management Engine Interface 
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
 
Name: Intel® Display Audio
Description: Intel® Display Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel® Corporation
Service: IntcDAud
 
Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10
Description: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
 
Name: E:\
Description: SD              
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Broadcom
Service: WUDFWpdFs
 
Name: HID-compliant vendor-defined device
Description: HID-compliant vendor-defined device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
 
Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
 
Name: ELAN PS/2 Port Smart-Pad
Description: ELAN PS/2 Port Smart-Pad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: ELAN
Service: i8042prt
 
Name: Intel® 7 Series/C216 Chipset Family SMBus Host Controller - 1E22
Description: Intel® 7 Series/C216 Chipset Family SMBus Host Controller - 1E22
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
 
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
 
Name: Intel® Core™ i3-3217U CPU @ 1.80GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
 
Name: Intel® Core™ i3-3217U CPU @ 1.80GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
 
Name: Intel® Core™ i3-3217U CPU @ 1.80GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
 
Name: Intel® Core™ i3-3217U CPU @ 1.80GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
 
Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
 
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
 
Name: Broadcom NetLink ™ Gigabit Ethernet
Description: Broadcom NetLink ™ Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: k57nd60a
 
Name: 3rd Gen Core processor DRAM Controller - 0154
Description: 3rd Gen Core processor DRAM Controller - 0154
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
 
Name: Broadcom SD SCSI Disk Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
 
Name: NDIS Virtual Network Adapter Enumerator
Description: NDIS Virtual Network Adapter Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisVirtualBus
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
 
Name: HID-compliant wireless radio controls
Description: HID-compliant wireless radio controls
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
 
Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
 
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
 
Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 2 - 1E12
Description: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 2 - 1E12
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
 
Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
 
Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
 
Name: IWD Bus Enumerator
Description: IWD Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: iwdbus
 
Name: Qualcomm Atheros Bluetooth Bus
Description: Qualcomm Atheros Bluetooth Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_BUS
 
Name: Speakers (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
 
Name: Launch Manager Wireless Device
Description: Launch Manager Wireless Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Acer Incorporated
Service: LMDriver
 
Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
 
Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
 
Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 26%
Total physical RAM: 6033.27 MB
Available physical RAM: 4454.38 MB
Total Pagefile: 12433.27 MB
Available Pagefile: 10773.25 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.69 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Acer) (Fixed) (Total:914.19 GB) (Free:839.81 GB) NTFS
3 Drive e: () (Removable) (Total:1.87 GB) (Free:1.59 GB) FAT
 
========================= Users: ========================================
 
User accounts for \\BOO-MACHINE
 
Administrator            Franny                   Guest                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
06-01-2015 15:42:50 Scheduled Checkpoint
19-01-2015 23:34:25 Scheduled Checkpoint
24-01-2015 10:55:14 Windows Update
02-02-2015 11:59:36 Windows Update
03-02-2015 21:58:28 Restore Point Created by FRST
 
**** End of log ****
 

Attached Thumbnails

  • Windows network diagnostics.PNG

  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you run a fresh FRST scan please

A few questions :)

Is the wireless on the computer turned on
Do you experience the same problem if you connect using an Ethernet cable
  • 0

#9
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts

Hello again

 

We have made some progress.  While I was playing around last night, I tried uninstalling the two network drivers in Device Manager and allowing the computer to find and reinstall them.  The result is that the Ethernet connection is now working.  However there is no change on the wifi.

 

The wifi is definitely switched on.  A lot of the time, I have been able to see the wireless routers that are available for connection, although I can't this morning.

 

Anyway, here are the FRST reports.

 

Charles

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015 01
Ran by Franny (administrator) on BOO-MACHINE on 05-02-2015 08:16:30
Running from C:\Users\Franny\Desktop
Loaded Profiles: Franny (Available profiles: Franny)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Electronic Arts) C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [3D BubbleSound] => "C:\Program Files\BubbleSound\3D BubbleSound.exe"
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-02] (AVAST Software)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM-x32\...\Run: [ZoneAlarm Installer] => "C:\Program Files (x86)\CheckPoint\Install\Launcher.exe" "C:\Program Files (x86)\CheckPoint\Install\Install.exe" /r config /c "C:\Program Files (x86)\CheckPoint\Install\Install.xml" /w
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1104384 2014-03-21] (Spotify Ltd)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30878816 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Run: [Google+ Auto Backup] => C:\Users\Franny\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\RunOnce: [Application Restart #1] => C:\Users\Franny\AppData\Local\Pokki\Engine\HostAppService.exe [7843656 2014-12-31] (Pokki)
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\MountPoints2: {627b6fdb-b133-11e3-8251-806e6f6e6963} - "D:\Autorun.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:65056;https=127.0.0.1:65056
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-786374595-2290240692-171548042-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKU\S-1-5-21-786374595-2290240692-171548042-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-786374595-2290240692-171548042-1001 -> {20ECEAEE-3481-4052-BC3C-3FFE07190605} URL =
SearchScopes: HKU\S-1-5-21-786374595-2290240692-171548042-1001 -> {305170DF-C4C0-42E7-8C0F-6F3DA07089B0} URL = https://uk.search.ya...&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-786374595-2290240692-171548042-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-786374595-2290240692-171548042-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-10-15]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-02]

Chrome:
=======
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSearchURL: Default -> https://uk.search.ya...&p={searchTerms}
CHR Profile: C:\Users\Franny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SiteAdvisor) - C:\Users\Franny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-11-27]
CHR Extension: (Avast Online Security) - C:\Users\Franny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-02]
StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows ® Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-02] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-02-02] (Avast Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
S2 csrcc; C:\Program Files\shopperz\csrcc.exe [1449352 2015-01-26] () [File not signed]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\MCSACORE.EXE [154320 2014-12-03] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-02-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-02] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R1 bsdriver; C:\Windows\system32\drivers\bsdriver.sys [35320 2015-01-30] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-02] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-02-02] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 08:16 - 2015-02-05 08:16 - 00021946 _____ () C:\Users\Franny\Desktop\FRST.txt
2015-02-05 08:16 - 2015-02-05 08:16 - 00000000 ____D () C:\Users\Franny\Desktop\FRST-OlderVersion
2015-02-05 08:11 - 2015-02-05 08:11 - 00000000 ____D () C:\Users\Franny\Documents\Temp
2015-02-05 08:06 - 2015-02-05 08:06 - 00001961 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-02-04 23:10 - 2015-02-04 23:10 - 00000197 _____ () C:\Windows\system32\2015-02-04-23-10-26.044-AvastVBoxSVC.exe-2584.log
2015-02-04 22:47 - 2015-02-04 22:47 - 00000197 _____ () C:\Windows\system32\2015-02-04-22-47-54.041-AvastVBoxSVC.exe-2628.log
2015-02-04 22:33 - 2015-02-04 22:34 - 00000197 _____ () C:\Windows\system32\2015-02-04-22-33-54.062-AvastVBoxSVC.exe-2528.log
2015-02-04 22:18 - 2015-02-04 22:19 - 00000197 _____ () C:\Windows\system32\2015-02-04-22-18-36.065-AvastVBoxSVC.exe-2472.log
2015-02-04 18:39 - 2015-02-04 18:39 - 00051162 _____ () C:\Users\Franny\Desktop\Result.txt
2015-02-04 18:37 - 2015-02-04 18:32 - 00401920 _____ (Farbar) C:\Users\Franny\Desktop\MiniToolBox (1).exe
2015-02-03 22:22 - 2015-02-03 22:23 - 00000197 _____ () C:\Windows\system32\2015-02-03-22-22-57.067-AvastVBoxSVC.exe-3440.log
2015-02-03 22:03 - 2015-02-03 22:04 - 00000197 _____ () C:\Windows\system32\2015-02-03-22-03-08.092-AvastVBoxSVC.exe-2900.log
2015-02-03 21:57 - 2015-02-03 21:55 - 02194432 _____ () C:\Users\Franny\Desktop\AdwCleaner.exe
2015-02-03 20:38 - 2015-02-03 20:38 - 00000621 _____ () C:\Users\Franny\Desktop\aswMBR.txt
2015-02-03 20:33 - 2015-02-05 08:16 - 00000000 ____D () C:\FRST
2015-02-03 20:32 - 2015-02-05 08:16 - 02131968 _____ (Farbar) C:\Users\Franny\Desktop\FRST64.exe
2015-02-03 20:32 - 2015-02-03 20:32 - 00000197 _____ () C:\Windows\system32\2015-02-03-20-32-05.027-AvastVBoxSVC.exe-3368.log
2015-02-03 20:32 - 2015-02-03 20:29 - 05200384 _____ (AVAST Software) C:\Users\Franny\Desktop\aswmbr.exe
2015-02-03 20:04 - 2015-02-03 20:06 - 00000000 ____D () C:\Users\Franny\Desktop\SD
2015-02-03 19:40 - 2015-02-03 19:40 - 00240874 _____ () C:\Users\Franny\Desktop\Extras.Txt
2015-02-03 19:38 - 2015-02-03 19:38 - 00139442 _____ () C:\Users\Franny\Desktop\OTL.Txt
2015-02-03 19:24 - 2015-02-03 19:23 - 00602112 _____ (OldTimer Tools) C:\Users\Franny\Desktop\OTL.exe
2015-02-03 17:50 - 2015-02-03 17:50 - 00000197 _____ () C:\Windows\system32\2015-02-03-17-50-03.091-AvastVBoxSVC.exe-3536.log
2015-02-03 14:30 - 2015-02-03 14:30 - 00000197 _____ () C:\Windows\system32\2015-02-03-14-30-09.018-AvastVBoxSVC.exe-3408.log
2015-02-03 14:21 - 2015-02-03 14:21 - 00000197 _____ () C:\Windows\system32\2015-02-03-14-21-11.084-AvastVBoxSVC.exe-2724.log
2015-02-03 14:11 - 2015-02-03 14:11 - 00000197 _____ () C:\Windows\system32\2015-02-03-14-11-21.080-AvastVBoxSVC.exe-3436.log
2015-02-03 14:02 - 2015-02-03 22:19 - 00000000 ____D () C:\AdwCleaner
2015-02-03 14:01 - 2015-02-03 13:59 - 02194432 _____ () C:\Users\Franny\Downloads\adwcleaner_4.109.exe
2015-02-02 18:24 - 2015-02-02 18:24 - 00000247 _____ () C:\Windows\system32\2015-02-02-18-24-33.033-aswFe.exe-2360.log
2015-02-02 18:17 - 2015-02-02 18:24 - 00000247 _____ () C:\Windows\system32\2015-02-02-18-17-37.013-aswFe.exe-4440.log
2015-02-02 18:17 - 2015-02-02 18:17 - 00000197 _____ () C:\Windows\system32\2015-02-02-18-17-31.057-AvastVBoxSVC.exe-3152.log
2015-02-02 18:05 - 2015-02-02 18:05 - 00000000 ____D () C:\Users\Franny\AppData\Local\iGware
2015-02-02 18:04 - 2015-02-02 18:04 - 00494120 _____ () C:\Windows\Minidump\020215-92484-01.dmp
2015-02-02 17:17 - 2015-02-05 08:03 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-02 17:17 - 2015-02-04 23:54 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-02 17:17 - 2015-02-04 22:49 - 00003902 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-02 17:17 - 2015-02-04 22:49 - 00003666 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-02 17:17 - 2015-02-02 17:17 - 00000000 ____D () C:\Users\Franny\AppData\Roaming\SUPERAntiSpyware.com
2015-02-02 17:16 - 2015-02-04 22:47 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-02 17:16 - 2015-02-02 17:16 - 00001824 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-02-02 17:16 - 2015-02-02 17:16 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-02-02 17:16 - 2015-02-02 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-02-02 17:15 - 2015-02-01 15:34 - 21227848 _____ (SUPERAntiSpyware) C:\Users\Franny\Downloads\SUPERAntiSpyware.exe
2015-02-02 16:46 - 2015-02-02 16:47 - 00006130 _____ () C:\Users\Franny\Downloads\download
2015-02-02 16:17 - 2015-02-02 16:17 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\Franny\Downloads\zafwSetupWeb_133_209_000 (1).exe
2015-02-02 16:17 - 2015-02-02 16:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-02 16:16 - 2015-02-02 18:02 - 00000000 ____D () C:\ProgramData\CheckPoint
2015-02-02 16:15 - 2015-02-02 16:15 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\Franny\Downloads\zafwSetupWeb_133_209_000.exe
2015-02-02 15:36 - 2015-02-05 08:12 - 00000000 ____D () C:\Users\Franny\AppData\Local\CrashDumps
2015-02-02 15:36 - 2015-02-02 15:36 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-02-02 15:35 - 2015-02-02 15:36 - 00002060 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-02-02 15:34 - 2015-02-02 15:34 - 00002001 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-02-02 15:34 - 2015-02-02 15:34 - 00000000 ____D () C:\Users\Franny\AppData\Local\AcerCloud
2015-02-02 15:33 - 2015-02-02 15:33 - 00000000 ____D () C:\Users\Franny\AppData\Local\Doc
2015-02-02 14:11 - 2015-02-02 14:11 - 00000247 _____ () C:\Windows\system32\2015-02-02-14-11-22.051-aswFe.exe-2860.log
2015-02-02 14:04 - 2015-02-02 14:11 - 00000247 _____ () C:\Windows\system32\2015-02-02-14-04-13.080-aswFe.exe-3148.log
2015-02-02 14:04 - 2015-02-02 14:04 - 00000197 _____ () C:\Windows\system32\2015-02-02-14-04-10.050-AvastVBoxSVC.exe-2584.log
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 ____D () C:\Windows\system32\vbox
2015-02-02 12:21 - 2015-02-02 12:21 - 00000000 ____D () C:\Users\Franny\AppData\Roaming\AVAST Software
2015-02-02 12:20 - 2015-02-04 22:47 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-02 12:20 - 2015-02-02 12:20 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-02 12:20 - 2015-02-02 12:20 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-02 12:20 - 2015-02-02 12:20 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-02-02 12:20 - 2015-02-02 12:20 - 00001984 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-02 12:20 - 2015-02-02 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-02 12:19 - 2015-02-02 12:19 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-02 10:01 - 2015-02-02 12:19 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-02 10:01 - 2015-02-02 10:01 - 05006864 _____ (AVAST Software) C:\Users\Franny\Downloads\avast_free_antivirus_setup_online.exe
2015-02-02 08:57 - 2015-02-02 20:11 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 08:57 - 2015-02-02 08:57 - 00001078 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-02 08:57 - 2015-02-02 08:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-02 08:57 - 2015-02-02 08:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-02 08:57 - 2015-02-02 08:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-02 08:57 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-02 08:57 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-02 08:57 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-02 08:56 - 2015-02-02 08:56 - 00000711 _____ () C:\Users\Franny\Desktop\mbam-setup-2.0.4.1028.exe - Shortcut.lnk
2015-01-30 15:39 - 2015-01-30 15:40 - 00002037 _____ () C:\Users\Public\Desktop\abPhoto.lnk
2015-01-30 15:37 - 2014-12-31 11:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-30 15:36 - 2015-01-30 15:37 - 00000000 ____D () C:\Users\Franny\AppData\Local\ClearfiPhoto
2015-01-30 15:21 - 2015-01-30 15:21 - 00035320 _____ () C:\Windows\system32\Drivers\bsdriver.sys
2015-01-30 15:20 - 2015-02-02 09:29 - 00000000 ____D () C:\Program Files\shopperz
2015-01-30 15:20 - 2015-01-06 12:38 - 00014040 _____ () C:\Windows\system32\Drivers\cherimoya.sys
2015-01-24 11:23 - 2015-01-24 11:23 - 00284832 _____ () C:\Windows\Minidump\012415-23593-01.dmp
2015-01-21 23:17 - 2014-12-19 06:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-21 23:17 - 2014-12-12 02:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-21 23:17 - 2014-12-12 00:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-21 23:17 - 2014-12-09 01:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-21 23:17 - 2014-12-06 03:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-21 23:17 - 2014-12-06 01:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-21 23:17 - 2014-10-29 01:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-21 23:17 - 2014-10-29 01:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-16 18:20 - 2014-12-08 19:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-16 18:20 - 2014-12-08 19:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-16 18:20 - 2014-12-08 19:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-16 18:20 - 2014-12-08 19:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-16 18:20 - 2014-12-06 01:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-16 18:20 - 2014-10-29 04:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-16 18:20 - 2014-10-29 03:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-16 18:20 - 2014-10-29 03:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-16 18:19 - 2014-12-08 19:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-16 18:19 - 2014-12-08 19:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-16 18:19 - 2014-12-08 19:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-16 18:19 - 2014-12-08 19:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-16 18:19 - 2014-10-29 04:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-16 18:19 - 2014-10-29 03:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-16 18:19 - 2014-10-29 03:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-16 18:19 - 2014-10-29 03:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-16 18:19 - 2014-10-29 03:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-16 18:19 - 2014-10-29 03:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-16 18:19 - 2014-10-29 03:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-16 18:19 - 2014-10-29 03:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-16 18:19 - 2014-10-29 02:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-16 18:19 - 2014-10-29 01:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-16 18:19 - 2014-10-29 01:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2021-10-21 13:36 - 2014-03-21 20:28 - 00000852 _____ () C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 07:34 - 2014-03-21 20:28 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2015-02-05 08:12 - 2014-12-07 10:07 - 00000000 ____D () C:\Users\Franny\AppData\Roaming\Skype
2015-02-05 08:12 - 2014-11-26 23:04 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1D7379BC-7224-49AF-B98F-58EF838D200C}
2015-02-05 08:09 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-05 08:08 - 2014-11-26 23:05 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-786374595-2290240692-171548042-1001
2015-02-05 08:06 - 2013-10-15 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-05 08:04 - 2014-11-26 23:02 - 00000000 ____D () C:\Users\Franny\AppData\Local\clear.fi
2015-02-05 08:03 - 2014-12-20 18:48 - 00000000 ____D () C:\Users\Franny\Tracing
2015-02-05 08:03 - 2014-11-27 00:03 - 00000000 __RDO () C:\Users\Franny\SkyDrive
2015-02-05 08:02 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-04 23:42 - 2014-03-21 20:10 - 02031376 _____ () C:\Windows\WindowsUpdate.log
2015-02-04 23:08 - 2013-08-22 14:46 - 00026809 _____ () C:\Windows\setupact.log
2015-02-04 23:08 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-04 23:07 - 2013-10-15 14:21 - 00858030 _____ () C:\Windows\PFRO.log
2015-02-04 23:07 - 2013-08-22 13:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-02-04 22:57 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-04 20:56 - 2013-10-15 14:30 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-03 22:00 - 2014-12-04 19:56 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-02-03 21:58 - 2013-08-22 15:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-03 15:28 - 2014-03-21 20:45 - 00001969 _____ () C:\Users\Public\Desktop\PRIVATE WiFi.lnk
2015-02-03 14:06 - 2014-11-26 23:00 - 00001005 _____ () C:\Users\Franny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-03 10:39 - 2014-11-29 01:30 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-03 10:32 - 2014-11-29 01:30 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-02 20:16 - 2014-11-27 00:08 - 00000000 ____D () C:\Users\Franny\AppData\Local\Google
2015-02-02 18:04 - 2014-12-30 22:37 - 00000000 ____D () C:\Windows\Minidump
2015-02-02 18:02 - 2014-12-30 22:37 - 2031824163 _____ () C:\Windows\MEMORY.DMP
2015-02-02 17:19 - 2014-11-27 00:08 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-02 15:37 - 2013-10-15 14:42 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-02-02 15:36 - 2014-03-21 20:43 - 00000000 ____D () C:\ProgramData\OEM
2015-02-02 12:00 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-01 19:11 - 2014-11-27 23:06 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-02-01 18:40 - 2014-11-27 00:08 - 00000000 ____D () C:\Users\Franny\AppData\Local\Deployment
2015-01-30 21:31 - 2014-11-26 23:00 - 00000000 ____D () C:\Users\Franny
2015-01-30 21:04 - 2013-08-22 13:25 - 00000301 _____ () C:\Windows\win.ini
2015-01-30 21:01 - 2014-11-26 23:00 - 00000000 ____D () C:\Users\Franny\AppData\Local\Pokki
2015-01-30 15:58 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-30 15:43 - 2014-12-01 22:43 - 00000173 _____ () C:\Users\Franny\AppData\Roaming\WB.CFG
2015-01-30 15:37 - 2013-10-15 15:14 - 00000000 ___HD () C:\OEM
2015-01-30 15:33 - 2013-10-15 14:43 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-30 15:33 - 2013-10-15 14:43 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-30 15:33 - 2013-10-15 14:43 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-24 20:20 - 2014-12-20 18:07 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 20:20 - 2014-12-20 18:07 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-07 17:36 - 2014-11-30 17:34 - 00002295 _____ () C:\Users\Franny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

==================== Files in the root of some directories =======

2014-12-01 22:43 - 2015-01-30 15:43 - 0000173 _____ () C:\Users\Franny\AppData\Roaming\WB.CFG
2014-12-03 19:44 - 2014-12-17 19:43 - 0000001 _____ () C:\Users\Franny\AppData\Local\DSI.DAT
2014-12-03 19:43 - 2014-12-03 19:43 - 0022528 _____ () C:\Users\Franny\AppData\Local\dsisetup2673992652.exe
2014-12-17 19:43 - 2014-12-17 19:43 - 0022528 _____ () C:\Users\Franny\AppData\Local\dsisetup8989879682.exe
2014-03-21 20:28 - 2014-03-21 20:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Franny\AppData\Local\Temp\EAD8BB0.exe
C:\Users\Franny\AppData\Local\Temp\Quarantine.exe
C:\Users\Franny\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-04 18:48

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2015 01
Ran by Franny at 2015-02-05 08:17:25
Running from C:\Users\Franny\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.03.2001.0 - Acer Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version:  - )
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.1.154 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picasa Packages (HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Picasa Packages) (Version:  - ) <==== ATTENTION
Pokki Start Menu (HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-786374595-2290240692-171548042-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Franny\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

06-01-2015 15:42:50 Scheduled Checkpoint
19-01-2015 23:34:25 Scheduled Checkpoint
24-01-2015 10:55:14 Windows Update
02-02-2015 11:59:36 Windows Update
03-02-2015 21:58:28 Restore Point Created by FRST

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {14AAFAB8-E5F3-42DD-B06F-27C61C375DCB} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate)
Task: {273E690B-ED52-4013-8A5E-C3D6CE0A26D1} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {3CE7933F-4566-432F-A499-B4194CCBDEA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-02] (Google Inc.)
Task: {5CC426FB-7DF4-4078-A9EC-DCD34E2A712F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {61CBE4FD-DD68-4966-815A-682A0618C2A8} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {69631CE1-D20B-4627-9B3D-67C46D32A084} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-02] (AVAST Software)
Task: {79AE8142-DF42-46DD-8159-76DEFB1DC44B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-03] (Microsoft Corporation)
Task: {7A83FCB6-3B9D-4383-AF8B-989088C9504A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {81C5280C-EDD3-4A73-92F2-490CFCA30CD9} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {8BDFF953-64A4-4A65-9779-88BC9C2153C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-02] (Google Inc.)
Task: {ABA4CC3A-5873-4C21-A9CE-0D44B779522F} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {AD08E39C-0C7B-4967-BB35-46A3CFA32521} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {EE3482C3-2D27-4A97-A674-C6E4CF7E917C} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-786374595-2290240692-171548042-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {EF78A963-3067-40E2-9879-BB64E468FDD4} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-02 12:20 - 2015-02-02 12:20 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-02-02 12:20 - 2015-02-02 12:20 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-10-15 15:14 - 2013-09-03 19:45 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-19 21:59 - 2014-12-19 21:59 - 00090880 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-12-19 21:59 - 2014-12-19 21:59 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-11-27 23:18 - 2014-11-27 23:19 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-02-04 22:47 - 2015-02-04 22:47 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020401\algo.dll
2015-02-02 12:20 - 2015-02-02 12:20 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-21 20:22 - 2013-09-03 23:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-02-02 12:20 - 2015-02-02 12:20 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-19 22:00 - 2014-12-19 22:00 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2014-12-29 13:25 - 2014-12-29 13:25 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-01-30 15:39 - 2015-01-30 15:39 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-12-19 21:16 - 2014-12-19 21:16 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-12-19 21:10 - 2014-12-19 21:10 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Franny\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-786374595-2290240692-171548042-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img2.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "SpywareClearShield"
HKLM\...\StartupApproved\Run: => "SpywareClearUpdater"
HKLM\...\StartupApproved\Run: => "shopperz"
HKLM\...\StartupApproved\Run: => "shopperz64"
HKLM\...\StartupApproved\Run32: => "gmsd_gb_29"
HKLM\...\StartupApproved\Run32: => "PCTechHotline"
HKLM\...\StartupApproved\Run32: => "WinCheck"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\StartupFolder: => "StormWatch.lnk"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\StartupFolder: => "StormWatchApp.lnk"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\Run: => "Optimizer Pro"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\Run: => "PCSpeedUp"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\Run: => "Selection Tools"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\Run: => "Super Optimizer"
HKU\S-1-5-21-786374595-2290240692-171548042-1001\...\StartupApproved\Run: => "WindApp"

==================== Accounts: =============================

Administrator (S-1-5-21-786374595-2290240692-171548042-500 - Administrator - Disabled)
Franny (S-1-5-21-786374595-2290240692-171548042-1001 - Administrator - Enabled) => C:\Users\Franny
Guest (S-1-5-21-786374595-2290240692-171548042-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/05/2015 08:11:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BackgroundAgent.exe, version: 1.0.1.6, time stamp: 0x5494253a
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process ID: 0x18d0
Faulting application start time: 0xBackgroundAgent.exe0
Faulting application path: BackgroundAgent.exe1
Faulting module path: BackgroundAgent.exe2
Report ID: BackgroundAgent.exe3
Faulting package full name: BackgroundAgent.exe4
Faulting package-relative application ID: BackgroundAgent.exe5

Error: (02/05/2015 08:11:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/05/2015 08:11:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/04/2015 11:42:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BackgroundAgent.exe, version: 1.0.1.6, time stamp: 0x5494253a
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process ID: 0x1740
Faulting application start time: 0xBackgroundAgent.exe0
Faulting application path: BackgroundAgent.exe1
Faulting module path: BackgroundAgent.exe2
Report ID: BackgroundAgent.exe3
Faulting package full name: BackgroundAgent.exe4
Faulting package-relative application ID: BackgroundAgent.exe5

Error: (02/04/2015 11:40:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/04/2015 11:01:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BackgroundAgent.exe, version: 1.0.1.6, time stamp: 0x5494253a
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea24a5
Exception code: 0xc0000005
Fault offset: 0x00056b1d
Faulting process ID: 0x1b54
Faulting application start time: 0xBackgroundAgent.exe0
Faulting application path: BackgroundAgent.exe1
Faulting module path: BackgroundAgent.exe2
Report ID: BackgroundAgent.exe3
Faulting package full name: BackgroundAgent.exe4
Faulting package-relative application ID: BackgroundAgent.exe5

Error: (02/04/2015 10:38:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 6.3.9600.17324, time stamp: 0x53f834a5
Faulting module name: Windows.UI.Xaml.dll, version: 6.3.9600.17238, time stamp: 0x53d0d45c
Exception code: 0xc000027b
Fault offset: 0x000000000084a6f2
Faulting process ID: 0x1014
Faulting application start time: 0xSystemSettings.exe0
Faulting application path: SystemSettings.exe1
Faulting module path: SystemSettings.exe2
Report ID: SystemSettings.exe3
Faulting package full name: SystemSettings.exe4
Faulting package-relative application ID: SystemSettings.exe5

Error: (02/04/2015 10:12:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/04/2015 09:45:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/04/2015 08:50:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BOO-MACHINE)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

System errors:
=============
Error: (02/04/2015 11:08:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The csrcc service failed to start due to the following error:
%%216

Error: (02/04/2015 10:48:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (02/04/2015 10:48:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

Error: (02/04/2015 10:46:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The csrcc service failed to start due to the following error:
%%216

Error: (02/04/2015 10:31:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The csrcc service failed to start due to the following error:
%%216

Error: (02/04/2015 10:16:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The csrcc service failed to start due to the following error:
%%216

Error: (02/04/2015 10:15:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%1062

Error: (02/03/2015 10:20:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The csrcc service failed to start due to the following error:
%%216

Error: (02/03/2015 10:19:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CCDMonitorService service terminated unexpectedly. It has done this 1 time(s).

Error: (02/03/2015 10:19:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-02-01 21:20:14.842
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 21:20:14.611
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 21:20:14.372
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 21:20:14.156
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 21:20:13.939
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 21:20:13.754
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 21:20:13.036
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 21:20:12.799
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 21:20:12.596
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-02-01 21:20:12.330
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i3-3217U CPU @ 1.80GHz
Percentage of memory in use: 27%
Total physical RAM: 6033.27 MB
Available physical RAM: 4372.13 MB
Total Pagefile: 12433.27 MB
Available Pagefile: 10706.31 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:914.19 GB) (Free:826.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 07A72123)

Partition: GPT Partition Type.

==================== End Of Log ============================


  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets get the last of the adware and then determine where the problem with the wifi is

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Save the attached fixlist.txt, in the same location as FRST.exe
Attached File  fixlist.txt   380bytes   117 downloads
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

OK WIFI

First could you go to control panel > device manager
Are there any yellow triangles alongside the network adaptors ?
Capture.JPG

What is the make and model of the computer
  • 0

Advertisements


#11
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts

OK, the fixlog is below.

 

There are no yellow triangles in device manager.  The computer is an Acer Aspire E1-570.

 

Charles

 

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-02-2015 01
Ran by Franny at 2015-02-05 20:00:43 Run:2
Running from C:\Users\Franny\Desktop
Loaded Profiles: Franny (Available profiles: Franny)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CreateRestorePoint:
2015-01-30 15:20 - 2015-02-02 09:29 - 00000000 ____D () C:\Program Files\shopperz
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
EmptyTemp:
CMD: bitsadmin /reset /allusers

*****************

Restore point was successfully created.

"C:\Program Files\shopperz" directory move:

Could not move "C:\Program Files\shopperz\csrcc.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\garrus.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\grunt.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\kasumi32.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\kasumi64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\krios.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\krios64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\liara.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\liara64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\mseff32.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\nfregdrv64.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\nseven.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\prc64.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\prexec.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\spdata.dat" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\tree.js" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\tsoni.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\tsoni64.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\unins000.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz\wrex64.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\shopperz" directory. => Scheduled to move on reboot.

=========  netsh advfirewall reset =========

Ok.

========= End of CMD: =========

=========  netsh advfirewall set allprofiles state ON =========

Ok.

========= End of CMD: =========

=========  ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

=========  netsh winsock reset catalog =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

=========  netsh int ip reset c:\resetlog.txt =========

Resetting Global, OK!
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.

========= End of CMD: =========

=========  ipconfig /release =========

Windows IP Configuration

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::a440:32d7:4ab1:efd3%4
   Default Gateway . . . . . . . . . :

========= End of CMD: =========

=========  ipconfig /renew =========

Windows IP Configuration

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : lan
   Link-local IPv6 Address . . . . . : fe80::a440:32d7:4ab1:efd3%4
   IPv4 Address. . . . . . . . . . . : 192.168.1.84
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.254

========= End of CMD: =========

=========  bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{59EB3421-4E6F-4C9C-B43E-23D20A4D5D50} canceled.
{ECF081E5-DBE9-48A2-9C68-5ED36C47784C} canceled.
{7EB6B70B-2C9F-4BB3-A6C0-5FCC45ADF6CB} canceled.
{9BDF6DC9-185C-4796-BD76-9792A1DD8455} canceled.
Unable to cancel {88E5898B-65CF-428C-B383-72547BC7B056}.
4 out of 5 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 4.2 GB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-02-05 20:03:21)<=

"C:\Program Files\shopperz\csrcc.exe" => File could not move.
"C:\Program Files\shopperz\garrus.dll" => File could not move.
"C:\Program Files\shopperz\grunt.exe" => File could not move.
"C:\Program Files\shopperz\kasumi32.dll" => File could not move.
"C:\Program Files\shopperz\kasumi64.dll" => File could not move.
"C:\Program Files\shopperz\krios.dll" => File could not move.
"C:\Program Files\shopperz\krios64.dll" => File could not move.
"C:\Program Files\shopperz\liara.dll" => File could not move.
"C:\Program Files\shopperz\liara64.dll" => File could not move.
"C:\Program Files\shopperz\mseff32.dll" => File could not move.
"C:\Program Files\shopperz\nfregdrv64.exe" => File could not move.
"C:\Program Files\shopperz\nseven.exe" => File could not move.
"C:\Program Files\shopperz\prc64.exe" => File could not move.
"C:\Program Files\shopperz\prexec.exe" => File could not move.
"C:\Program Files\shopperz\spdata.dat" => File could not move.
"C:\Program Files\shopperz\tree.js" => File could not move.
"C:\Program Files\shopperz\tsoni.dll" => File could not move.
"C:\Program Files\shopperz\tsoni64.dll" => File could not move.
"C:\Program Files\shopperz\unins000.exe" => File could not move.
"C:\Program Files\shopperz\wrex64.exe" => File could not move.
"C:\Program Files\shopperz" => Directory could not move.

==== End of Fixlog 20:03:23 ====


  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you manually remove this folder ?

C:\Program Files\shopperz

Just having a look at the computer specs now
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you download and install this driver http://global-downlo...RE&Step3=ASPIRE E1-570&OS=ALL&LC=en&BC=ACER&SC=EMEA_27

Taken from this page http://www.acer.co.u...3797.1423169383
  • 0

#14
charles.actuary

charles.actuary

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts

Well that was interesting!  I tried to delete the shopperz folder.  Up popped a dialog box that said that I would need Administrator status to delete the folder.  Except it was not quite the usual Windows wording.  I then went into the folder and tried to delete a random file (not an exe).  The Windows message about needing to be an administrator came up, the real one this time, but when I clicked it, it disappeared and the shopperz version of the same message popped up and would not disappear.

 

After that the laptop carried on doing something, with the hard disk running and the activity thing spinning.  There were also a few occasions when it looked as if a new window started opening on the left of the screen, but it then disappeared before it resolved itself into anything.  It was behaving like this when I first started trying to clean up the machine, before we had had some success at removing some of the infection.  I have re-awoken the sleeping giant!

 

So, I have no idea whether it was actually doing anything unpleasant, but for safety's sake I have removed the ethernet cable and turned the laptop off for the time being.

 

Any thoughts?  I was spending a couple of minutes looking to see if anyone else had reported how they were dealing with the shopperz problems, and I came across the following: worth a try?  http://www.bleepingcomputer.com/forums/t/565230/cant-delete-a-folder-permission-denied/ 

 

Thank you for the Acer driver.  If you don't mind I'll sit on this until we get shopperz sorted out.  I think there might temporarily be some advantage in having a laptop that cannot talk to the internet.

 

Charles


  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets try this then. If it fails I will have to reset the permissions manually

Please download OTM
  • Save it to your desktop.
  • Please double-click OTM to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :Files
    C:\Program Files\shopperz
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [EMPTYFLASH]
    [Reboot]
    
  • Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM and reboot your PC.
    Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
  • [/list]

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP