Hi,
After some struggles with pop-ups and browser hijacks, I was finally able to run several malware cleaners. Malwarebytes seemed to find the most problems and was able to fix them. However, I also used Spybot, HitManPro, adwcleaner4.11, and a few others, and each found problems. Some of the threats found were:
Open Software Updater
Search Module
Pro PC Cleaner
ArcadeGiant
Trojan.DNSChanger
Adware.EoRezo
Finding Discount
and a fairly large amount of PUP's
After researching some of the threats, I decided it would be best to have someone take a look at things to be sure things are running properly. Also, Windows Defender is disabled and McAfee is apparently running (not listed in add/remove programs) and is not wanted. I don't want to install another antivirus until McAfee is removed.
Thank you for your help.
Ginny
OTL logfile created on: 2/24/2015 2:47:54 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jana\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17631)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.89 Gb Total Physical Memory | 6.42 Gb Available Physical Memory | 81.45% Memory free
9.14 Gb Paging File | 7.54 Gb Available in Paging File | 82.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.69 Gb Total Space | 403.42 Gb Free Space | 89.91% Space Free | Partition Type: NTFS
Drive E: | 3.72 Gb Total Space | 2.96 Gb Free Space | 79.52% Space Free | Partition Type: FAT32
Computer Name: TURTLE0734 | User Name: Jana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015/02/24 14:46:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jana\Desktop\OTL.exe
PRC - [2015/02/06 23:00:52 | 002,971,224 | ---- | M] (Microsoftware) -- C:\Program Files (x86)\YouTube Downloader Services\A2\youtubeserv.exe
PRC - [2014/12/19 21:59:52 | 000,090,880 | ---- | M] () -- C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
PRC - [2014/12/19 21:59:52 | 000,089,344 | ---- | M] () -- C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
PRC - [2014/12/19 21:47:54 | 002,480,384 | ---- | M] (Acer) -- C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe
PRC - [2014/12/19 21:16:44 | 000,062,208 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
PRC - [2014/12/19 07:16:59 | 009,191,168 | ---- | M] (Acer Cloud Technology) -- C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
PRC - [2014/12/19 07:15:49 | 002,713,856 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
PRC - [2014/10/20 23:51:28 | 002,973,600 | ---- | M] (MicroStudio) -- C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe
PRC - [2014/06/27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/06/24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014/06/24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/09/13 20:26:10 | 000,040,168 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe
PRC - [2013/09/13 20:26:08 | 002,323,176 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Screen Grasp\GestureDetection.exe
PRC - [2013/07/16 11:21:38 | 000,235,008 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
PRC - [2012/07/13 18:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
========== Modules (No Company Name) ==========
MOD - [2015/02/20 15:06:02 | 011,926,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6074b87793a7906a01317ea8832e7330\System.Web.ni.dll
MOD - [2015/02/20 15:05:29 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0f06c6152e5384e75e9517c79ed500d4\System.Configuration.ni.dll
MOD - [2015/02/19 16:57:04 | 005,467,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49201f5658aca21352debffb85ff41df\System.Xml.ni.dll
MOD - [2015/02/19 16:56:56 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6b1a3043fa76fc0f83502099411d2a10\System.Windows.Forms.ni.dll
MOD - [2015/02/19 16:56:40 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\828956d62d94914af63efc7fb36d1120\System.Drawing.ni.dll
MOD - [2015/02/19 16:55:29 | 007,995,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\4976746d2f27ea6b60301a84d6c3e4be\System.ni.dll
MOD - [2015/02/19 16:55:17 | 011,500,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni.dll
MOD - [2015/01/22 20:28:48 | 000,015,616 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
MOD - [2014/12/29 13:26:12 | 000,630,528 | ---- | M] () -- C:\Program Files (x86)\Acer\abPhoto\tag.dll
MOD - [2014/12/29 13:26:10 | 000,654,552 | ---- | M] () -- C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
MOD - [2014/12/29 13:26:04 | 000,119,552 | ---- | M] () -- C:\Program Files (x86)\Acer\abPhoto\openldap.dll
MOD - [2014/12/29 13:25:42 | 000,203,008 | ---- | M] () -- C:\Program Files (x86)\Acer\abPhoto\curllib.dll
MOD - [2014/12/19 22:00:22 | 000,279,296 | ---- | M] () -- C:\Program Files (x86)\Acer\abDocs\libcurl.dll
MOD - [2014/12/19 21:59:52 | 000,090,880 | ---- | M] () -- C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
MOD - [2014/12/19 21:59:52 | 000,089,344 | ---- | M] () -- C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
MOD - [2014/12/19 21:48:20 | 000,119,552 | ---- | M] () -- C:\Program Files (x86)\Acer\Acer Portal\openldap.dll
MOD - [2014/12/19 21:48:14 | 000,203,008 | ---- | M] () -- C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
MOD - [2014/12/19 21:16:48 | 000,013,568 | ---- | M] () -- C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
MOD - [2014/12/19 21:10:32 | 000,277,096 | ---- | M] () -- C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
MOD - [2014/05/13 12:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014/05/13 12:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014/05/13 12:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
========== Services (SafeList) ==========
SRV:64bit: - [2015/02/19 12:45:16 | 000,127,752 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2014/12/05 19:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/10/30 22:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/28 21:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/10/28 21:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/10/28 20:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2014/10/28 20:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2014/10/28 20:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2014/10/28 20:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2014/10/28 20:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2014/10/28 20:19:36 | 000,054,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\rundll32.exe -- (353f6e4a)
SRV:64bit: - [2014/10/28 19:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2014/10/28 19:48:36 | 000,780,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/10/28 19:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2014/10/28 19:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2014/10/28 19:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2014/10/28 19:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2014/10/28 19:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2014/10/28 19:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2014/10/28 19:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2014/10/28 19:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2014/10/28 19:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2014/10/28 19:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/10/28 19:26:02 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/10/28 19:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2014/10/28 19:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2014/10/28 19:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2014/10/28 19:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2014/10/28 19:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2014/10/28 19:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/10/28 19:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2014/10/28 19:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/10/28 19:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/10/28 19:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/10/28 19:09:48 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/10/28 19:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2014/10/28 18:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2014/10/28 18:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/10/28 18:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/10/28 18:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/09/21 21:05:56 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/21 21:05:56 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/17 19:54:26 | 000,185,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/03/17 19:47:02 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013/12/04 10:51:34 | 002,577,640 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2013/10/18 23:43:50 | 000,251,688 | ---- | M] (TODO: <Company name>) [Auto | Running] -- C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe -- (TouchToolsLaunchService)
SRV:64bit: - [2013/08/02 20:47:44 | 000,457,768 | ---- | M] (Acer Incorporate) [Auto | Running] -- C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe -- (LMSvc)
SRV:64bit: - [2013/08/02 20:33:16 | 000,448,040 | ---- | M] (Acer Incorporate) [On_Demand | Running] -- C:\Program Files\Acer\Acer Quick Access\RMSvc.exe -- (RMSvc)
SRV:64bit: - [2013/08/02 20:33:14 | 000,457,768 | ---- | M] (Acer Incorporate) [On_Demand | Running] -- C:\Program Files\Acer\Acer Quick Access\QASvc.exe -- (QASvc)
SRV:64bit: - [2013/07/24 20:21:46 | 000,334,608 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2013/07/01 22:08:48 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/07/01 22:08:32 | 000,733,696 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe -- (Intel®
SRV:64bit: - [2013/01/29 17:09:04 | 000,222,168 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)
SRV:64bit: - [2013/01/29 17:08:58 | 000,548,824 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2015/02/06 23:00:52 | 002,971,224 | ---- | M] (Microsoftware) [Auto | Running] -- C:\Program Files (x86)\YouTube Downloader Services\A2\youtubeserv.exe -- (YouTubeDownload_A2)
SRV - [2015/01/23 04:37:25 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/12/19 07:15:49 | 002,713,856 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe -- (CCDMonitorService)
SRV - [2014/10/28 21:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/28 19:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/28 19:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/10/28 18:53:11 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/10/20 23:51:28 | 002,973,600 | ---- | M] (MicroStudio) [Auto | Running] -- C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe -- (WindowsVNT_R3)
SRV - [2013/11/24 19:49:06 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/09/07 03:52:20 | 000,312,448 | ---- | M] (Windows ® Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/07/16 11:21:38 | 000,235,008 | ---- | M] (TODO: <Company name>) [Auto | Running] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2012/07/13 18:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012/04/24 16:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2015/02/06 15:35:48 | 000,042,392 | ---- | M] (Catalytix Web Services) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\CatWSw864.sys -- (CatWSw8)
DRV:64bit: - [2014/12/11 18:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2014/10/28 21:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/10/28 21:59:12 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/10/28 21:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/10/28 21:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/10/28 20:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2014/10/28 20:46:41 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2014/10/28 20:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2014/10/28 20:45:58 | 000,144,384 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2014/10/28 20:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/10/28 20:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2014/10/28 20:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2014/10/15 02:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/10/12 20:43:17 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/10/12 20:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/10/12 20:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/10/08 03:24:09 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/10/07 00:54:45 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/10/07 00:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/10/07 00:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2014/09/21 21:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/21 21:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/21 20:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/08/14 18:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/03/19 21:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/17 20:02:08 | 000,070,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014/03/17 19:54:54 | 000,345,456 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/03/17 19:49:44 | 000,783,864 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/03/17 19:47:30 | 000,522,360 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014/03/17 19:45:38 | 000,311,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/03/17 19:44:40 | 000,180,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/03/17 19:25:42 | 000,069,344 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2014/03/13 06:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/02/22 09:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 06:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/12/04 12:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/01 19:26:42 | 000,449,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/11/01 19:21:34 | 004,207,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/10/28 19:08:35 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/10/28 19:08:35 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/10/25 19:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/05 09:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/14 08:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/07 03:29:14 | 000,594,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/09/07 03:29:14 | 000,338,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/09/07 03:29:14 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/09/07 03:29:14 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/09/07 03:29:14 | 000,116,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/09/07 03:29:14 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/09/07 03:29:14 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/09/07 03:29:14 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/09/04 03:37:00 | 000,309,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:64bit: - [2013/08/28 06:41:52 | 000,524,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/08/22 13:11:03 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 07:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 07:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 06:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 06:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 06:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 06:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 06:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 06:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 06:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 06:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 06:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 06:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 06:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 06:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 06:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 06:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 06:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 06:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 06:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 06:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 06:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 06:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 06:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 06:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 06:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 06:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 06:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 06:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 05:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 05:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 05:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 05:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 05:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 05:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 05:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 05:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 05:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 05:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 05:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 05:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 05:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 05:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 05:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 02:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/15 22:13:30 | 003,859,968 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2013/08/15 00:28:42 | 000,830,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/08/12 17:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 18:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 12:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 13:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/17 04:59:00 | 000,021,360 | ---- | M] (Acer Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMDriver.sys -- (LMDriver)
DRV:64bit: - [2013/07/17 04:59:00 | 000,014,680 | ---- | M] (Acer Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RadioShim.sys -- (RadioShim)
DRV:64bit: - [2013/07/01 22:10:20 | 000,087,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TXEIx64.sys -- (TXEIx64)
DRV:64bit: - [2013/07/01 10:50:06 | 008,536,752 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL63a.SYS -- (BCM43XX)
DRV:64bit: - [2013/01/29 14:28:46 | 000,051,912 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2011/04/19 10:52:20 | 001,254,464 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys -- (BCMH43XX)
DRV:64bit: - [2010/01/07 04:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187.sys -- (RTL8187)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6625CBC6-E68C-4FFF-B387-32C49A1088A8}: "URL" = http://www.bing.com/...=IE10TR&pc=ACJB
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6625CBC6-E68C-4FFF-B387-32C49A1088A8}: "URL" = http://www.bing.com/...=IE10TR&pc=ACJB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0BCC38D0-5C4C-48DF-9AB3-E8203DCF93A9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\..\SearchScopes\{4CA30EA6-D924-428B-8C81-D3AF9285A38B}: "URL" = https://search.yahoo...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2015/02/19 12:35:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jana\AppData\Roaming\mozilla\Extensions
[2015/02/20 12:25:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jana\AppData\Roaming\mozilla\Firefox\Profiles\8gqdfo4n.default-1424382754955\extensions
[2015/02/19 12:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/02/19 12:34:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2015/02/23 16:47:09 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Soluto] c:\program files\soluto\soluto.exe (Soluto)
O4 - HKLM..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe ()
O4 - HKLM..\Run: [BacKGround Agent] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer Incorporated)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [AcerPortal] C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe (Acer)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [Application Restart #3] C:\Users\Jana\AppData\Local\Pokki\Engine\pokki.exe (Pokki)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD342D74-5957-4F52-920F-8ED1FDE7289A}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015/02/24 14:46:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jana\Desktop\OTL.exe
[2015/02/23 18:11:08 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015/02/23 16:50:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2015/02/23 16:46:20 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2015/02/23 16:21:31 | 000,000,000 | ---D | C] -- C:\RegBackup
[2015/02/23 11:17:49 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Roaming\Identities
[2015/02/20 16:38:26 | 000,200,192 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\DscCoreConfProv.dll
[2015/02/20 12:21:01 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2015/02/20 12:20:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2015/02/19 16:33:08 | 000,000,000 | -HSD | C] -- C:\Users\Jana\AppData\Local\EmieBrowserModeList
[2015/02/19 15:52:40 | 000,000,000 | ---D | C] -- C:\Users\Jana\Desktop\Old Firefox Data
[2015/02/19 15:38:27 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2015/02/19 15:38:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
[2015/02/19 12:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2015/02/19 12:45:16 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2015/02/19 12:44:22 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2015/02/19 12:34:48 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Roaming\Mozilla
[2015/02/19 12:34:48 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Local\Mozilla
[2015/02/19 12:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015/02/19 12:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2015/02/19 12:34:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/02/19 12:31:32 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Local\IsolatedStorage
[2015/02/19 12:30:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StatInit
[2015/02/19 12:28:16 | 000,000,000 | ---D | C] -- C:\ProgramData\{3f88607c-6ab8-8232-3f88-8607c6ab81f1}
[2015/02/19 11:55:25 | 000,000,000 | ---D | C] -- C:\Users\Jana\Desktop\Computer Repair
[2015/02/19 11:41:18 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/02/19 10:47:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2015/02/19 10:47:07 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2015/02/19 00:36:37 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2015/02/18 23:25:14 | 000,000,000 | ---D | C] -- C:\Users\Jana\Documents\ProcAlyzer Dumps
[2015/02/18 23:17:36 | 001,388,274 | ---- | C] (Thisisu) -- C:\Users\Jana\Desktop\JRT.exe
[2015/02/18 22:24:01 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2015/02/18 22:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2015/02/18 22:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2015/02/18 22:21:56 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/18 22:21:41 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/02/18 22:21:41 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015/02/18 22:21:41 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/02/18 22:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/02/18 22:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/02/18 21:13:13 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2015/02/17 18:21:03 | 000,042,392 | ---- | C] (Catalytix Web Services) -- C:\Windows\SysNative\drivers\CatWSw864.sys
[2015/02/15 15:15:49 | 000,000,000 | ---D | C] -- C:\Users\Jana\abBox
[2015/02/15 15:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube-Downloader
[2015/02/14 19:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows VXM
[2015/02/14 19:08:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Network Accelerater
[2015/02/08 01:57:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ShopperPro
[2015/02/08 01:55:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\b683d501-8f97-4f40-b0af-5f8c3e3c004b
[2015/02/08 00:29:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SEARCH~1
[2015/02/08 00:28:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Optimizer
[2015/02/08 00:28:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Downloader Services
[2015/02/08 00:28:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Software Update Services
[2015/02/08 00:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solid YouTube Downloader and Converter
[2015/02/08 00:27:57 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Roaming\youtube-downloader-and-converter
[2015/02/08 00:27:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Solid YouTube Downloader and Converter
[2015/02/07 23:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2015/02/07 23:57:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\74b77d2a-1631-4642-8062-65543014489a
[2015/02/07 23:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2015/02/07 23:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\{876a7a01-2e6a-9ff3-876a-a7a012e6e804}
[2015/02/07 23:56:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CloudScout Parental Control
[2015/02/07 23:49:32 | 000,000,000 | ---D | C] -- C:\Users\Jana\AppData\Local\Programs
[2015/02/07 23:49:22 | 000,000,000 | ---D | C] -- C:\85002744-d5dd-42f8-8312-49c15ef98f49
[2015/02/07 23:43:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenSoftwareUpdater
========== Files - Modified Within 30 Days ==========
[2021/10/21 07:36:56 | 000,000,852 | ---- | M] () -- C:\Windows\SysNative\drivers\RTKHDRC.dat
[2021/10/04 01:34:42 | 000,000,712 | ---- | M] () -- C:\Windows\SysNative\drivers\RTMICEQ0.dat
[2015/02/24 14:46:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jana\Desktop\OTL.exe
[2015/02/24 14:26:05 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/02/24 14:26:05 | 000,720,062 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/02/24 14:26:05 | 000,132,038 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/02/24 14:21:35 | 000,001,702 | ---- | M] () -- C:\Windows\tasks\GODMBAU.job
[2015/02/24 14:21:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/02/24 14:19:21 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/02/24 14:19:21 | 2479,116,287 | -HS- | M] () -- C:\hiberfil.sys
[2015/02/23 22:03:57 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/23 21:25:07 | 000,337,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/02/23 16:47:09 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015/02/23 16:39:21 | 000,863,592 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/02/23 16:23:14 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-TURTLE0734-Windows-8.1-(64-bit).dat
[2015/02/23 13:21:27 | 000,002,179 | ---- | M] () -- C:\Users\Jana\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2015/02/23 12:45:12 | 000,000,636 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2015/02/19 16:33:29 | 000,001,483 | ---- | M] () -- C:\Users\Jana\Desktop\iexplore.exe - Shortcut.lnk
[2015/02/19 12:45:16 | 000,001,909 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2015/02/19 12:34:42 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/02/19 10:47:07 | 000,001,284 | ---- | M] () -- C:\Users\Jana\Desktop\Revo Uninstaller.lnk
[2015/02/19 10:42:58 | 002,126,848 | ---- | M] () -- C:\Users\Jana\Desktop\adwcleaner_4.111.exe
[2015/02/18 22:24:06 | 000,001,395 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2015/02/18 22:21:46 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/02/18 22:09:58 | 001,388,274 | ---- | M] (Thisisu) -- C:\Users\Jana\Desktop\JRT.exe
[2015/02/18 21:15:05 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015/02/14 18:44:31 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Acer Portal.lnk
[2015/02/08 02:03:53 | 000,001,631 | ---- | M] () -- C:\ProgramData\tempimage.bmp
[2015/02/08 00:28:01 | 000,001,312 | ---- | M] () -- C:\Users\Jana\Application Data\Microsoft\Internet Explorer\Quick Launch\Solid YouTube Downloader and Converter.lnk
[2015/02/08 00:28:01 | 000,001,288 | ---- | M] () -- C:\Users\Public\Desktop\Solid YouTube Downloader and Converter.lnk
[2015/02/06 15:35:48 | 000,042,392 | ---- | M] (Catalytix Web Services) -- C:\Windows\SysNative\drivers\CatWSw864.sys
========== Files Created - No Company Name ==========
[2015/02/23 16:39:21 | 000,863,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/02/23 16:23:14 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-TURTLE0734-Windows-8.1-(64-bit).dat
[2015/02/20 16:39:29 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2015/02/20 16:39:19 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2015/02/20 16:38:15 | 000,142,848 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2015/02/20 16:37:38 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\BthpanContextHandler.dll
[2015/02/20 16:37:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysNative\BWContextHandler.dll
[2015/02/20 12:21:06 | 000,002,179 | ---- | C] () -- C:\Users\Jana\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2015/02/19 20:35:14 | 000,337,840 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/02/19 16:33:29 | 000,001,483 | ---- | C] () -- C:\Users\Jana\Desktop\iexplore.exe - Shortcut.lnk
[2015/02/19 13:55:34 | 000,391,526 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2015/02/19 12:53:58 | 000,000,636 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2015/02/19 12:45:16 | 000,001,909 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2015/02/19 12:34:42 | 000,001,175 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/02/19 12:34:42 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/02/19 11:42:01 | 002,126,848 | ---- | C] () -- C:\Users\Jana\Desktop\adwcleaner_4.111.exe
[2015/02/19 10:47:07 | 000,001,284 | ---- | C] () -- C:\Users\Jana\Desktop\Revo Uninstaller.lnk
[2015/02/19 07:47:18 | 000,050,745 | ---- | C] () -- C:\Windows\SysNative\srms.dat
[2015/02/18 22:24:06 | 000,001,407 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2015/02/18 22:24:06 | 000,001,395 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2015/02/18 22:21:46 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/02/18 21:15:05 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015/02/14 18:44:18 | 000,002,028 | ---- | C] () -- C:\Users\Public\Desktop\Acer Portal.lnk
[2015/02/08 02:03:53 | 000,001,631 | ---- | C] () -- C:\ProgramData\tempimage.bmp
[2015/02/08 00:28:01 | 000,001,312 | ---- | C] () -- C:\Users\Jana\Application Data\Microsoft\Internet Explorer\Quick Launch\Solid YouTube Downloader and Converter.lnk
[2015/02/08 00:28:01 | 000,001,288 | ---- | C] () -- C:\Users\Public\Desktop\Solid YouTube Downloader and Converter.lnk
[2015/02/07 23:57:14 | 000,001,702 | ---- | C] () -- C:\Windows\tasks\GODMBAU.job
[2015/01/25 10:12:14 | 000,001,248 | ---- | C] () -- C:\Users\Jana\AppData\Roaming\GODMBAU
[2015/01/22 20:41:24 | 000,000,064 | ---- | C] () -- C:\Users\Jana\AppData\Local\336d9f4f1da82efac4478babf0d5c095
[2014/06/29 18:06:25 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/05/12 18:39:16 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2014/01/19 00:03:28 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/12/16 07:31:51 | 000,317,440 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2013/12/16 07:31:50 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/12/16 07:31:50 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2013/08/22 09:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 09:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 08:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 01:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/21 17:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/21 17:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2013/07/01 21:44:46 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2014/01/19 00:32:08 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/10/28 21:57:39 | 022,295,200 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/10/28 21:10:55 | 019,734,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/28 19:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/28 18:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/28 19:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/05/13 18:47:44 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\acer
[2015/02/08 00:32:23 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\Azureus
[2014/11/14 00:56:35 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\Elephant Games
[2014/05/12 18:26:19 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\Synaptics
[2014/07/02 07:01:36 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\WildTangent
[2015/02/08 00:27:57 | 000,000,000 | ---D | M] -- C:\Users\Jana\AppData\Roaming\youtube-downloader-and-converter
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 237 bytes -> C:\Users\Jana\SkyDrive:ms-properties
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:2CB9631F
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:5539129F
< End of report >
OTL Extras logfile created on: 2/24/2015 2:47:54 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jana\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17631)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.89 Gb Total Physical Memory | 6.42 Gb Available Physical Memory | 81.45% Memory free
9.14 Gb Paging File | 7.54 Gb Available in Paging File | 82.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.69 Gb Total Space | 403.42 Gb Free Space | 89.91% Space Free | Partition Type: NTFS
Drive E: | 3.72 Gb Total Space | 2.96 Gb Free Space | 79.52% Space Free | Partition Type: FAT32
Computer Name: TURTLE0734 | User Name: Jana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C16A150-2A85-4A75-A07E-0F40AB3FF1C2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0CB049B7-4C64-4CB9-8FEA-8147DDF7BE9B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1A0930F6-1F3D-4D1C-8769-B6C7A09B48C8}" = rport=137 | protocol=17 | dir=out | app=system |
"{1E25550B-5154-478F-B62D-E91C93B09533}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{20A40A20-21E0-4145-9A61-BDE3945A1699}" = lport=445 | protocol=6 | dir=in | app=system |
"{22FF0810-804D-4CEE-A6A1-61B64B158CF4}" = rport=137 | protocol=17 | dir=out | app=system |
"{38DD737F-E484-4B99-8288-316AA7B87153}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3F417902-30FF-49AB-AB45-160B157DA5A4}" = lport=138 | protocol=17 | dir=in | app=system |
"{43008ABD-875A-4E97-B07F-8B17468F2901}" = rport=138 | protocol=17 | dir=out | app=system |
"{4BA58658-DF18-4E41-8401-3577F74AB50D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4CFCA931-F428-47BB-B221-2DB8F1A5D90B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{4DD0AE74-3B60-43EA-8C03-4837D83085A6}" = rport=138 | protocol=17 | dir=out | app=system |
"{57BDE062-6AA0-402F-A42D-F85EBB642BC8}" = lport=137 | protocol=17 | dir=in | app=system |
"{5DF22867-9FB1-44F7-AC34-A797B4EC3602}" = lport=138 | protocol=17 | dir=in | app=system |
"{61BF9E70-49CB-4931-9FCB-5D41CAB797BD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6441A857-2BE2-4F80-9CD3-D4938E6718C9}" = rport=445 | protocol=6 | dir=out | app=system |
"{6A6029CF-6A90-4DB0-98BC-CED3081D0D37}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6D59CBDB-2B46-4FEC-B78F-EA79758325F9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6EAD04A1-20D4-4DB2-8232-62FEB24BFD8A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{77BAFFE6-F476-453D-957D-C0B7F49B951D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{858E8939-C76E-497B-ADB3-54B54045AF83}" = lport=137 | protocol=17 | dir=in | app=system |
"{86B8CA50-B459-4E0F-9C97-3CE2E4D7242F}" = rport=139 | protocol=6 | dir=out | app=system |
"{890FC062-B831-4743-AD6C-1075290361AF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8F0D0F6B-ABBB-44D3-BA0B-19375FED789A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{94CC00C2-03E3-46D4-834E-CA95C9EDEEE6}" = lport=445 | protocol=6 | dir=in | app=system |
"{95C3931D-B097-416C-993F-7890DF4F2A0A}" = rport=445 | protocol=6 | dir=out | app=system |
"{9A0012EF-F83D-4BA2-84C5-52553771C48F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9F4AB298-0440-49EF-88A2-F405B6CFBD1A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9FF876A7-E40A-47E5-BFBA-68F4057138AD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B0616085-5765-4D92-B1B1-D0E15EA1F4A7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B4D5D0E7-2461-4971-9D0F-1FCE7E6A10E6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B79D5564-53CC-4521-AE0F-8FE37E8EF6FA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C219CBD1-9027-4E53-A6D7-EA635F7B66F3}" = rport=139 | protocol=6 | dir=out | app=system |
"{C2D1A823-95FC-4BE3-846A-37ABE0DB6E09}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CD417129-40AB-4539-9A24-8DCE1B7C43E8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D100A445-0CA3-40BA-B3A2-043CD48C88C2}" = lport=139 | protocol=6 | dir=in | app=system |
"{D45F9354-D5BA-48FD-B109-6F9491D41D89}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E5510E52-4AD4-4B0F-9CB8-C8770561CB38}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E68B0A2D-D681-41AE-B3EF-0497A9AD50DD}" = lport=139 | protocol=6 | dir=in | app=system |
"{E6F28E8D-EAAC-42C9-9F3E-AFA70969C183}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{F4CA97EA-40DB-4C53-B8F1-5C0A4C1382ED}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F7D1193F-71F1-4FB4-90FD-DCBC1E86F633}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F85938EE-89BF-465F-8994-50CBC6D4C0C1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FF39D525-8BE9-47E9-A13B-A20AD69AA80A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0135DFF7-4AB5-48E4-B150-755A274D71E4}" = dir=in | app=c:\program files (x86)\youtube downloader services\a2\winphp.exe |
"{02006069-304C-4CD5-9956-E1CCFC3BFA74}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{04F64DAC-9100-4CB1-B6E6-7EB1EA9BAC26}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{06CA3FED-59E4-40D5-8756-9DF23083AC9A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abphoto\windowsupnp.exe |
"{0725483C-4D95-4CC3-9B83-63F53FDCD41F}" = dir=out | name=@{microsoft.bingmaps_2.0.2009.2356_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{086794FC-0079-4AE1-AFAF-46530D220938}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D7ACA47-DAA3-49B8-9DE7-07B0702D92A6}" = protocol=58 | dir=in | [email protected],-28545 |
"{0F4DE48A-0FD4-48EB-AC32-D2EBD0E8E231}" = dir=out | name=@{microsoft.bingsports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{1191F33E-0761-4A8C-A2C9-4A0B756C883E}" = dir=out | name=zinio |
"{128AFB10-C0EE-48D0-BFAD-8529F6A1058B}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{137E8B30-2159-4DAF-A74C-F89904DAD30E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{17CD4253-633D-4C25-BB06-45ED3FCA15E5}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe |
"{1912C3E4-2315-4DFE-A3AE-C29389573725}" = protocol=6 | dir=out | app=system |
"{1918D6CD-EFE1-4157-9856-46400492205E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1B240794-27F3-4601-9E51-CF09F8AD131C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1D1FA46A-F870-409D-A2A3-E7E0E159633E}" = protocol=58 | dir=in | [email protected],-28545 |
"{1E4B39AC-FE0D-4999-8A91-CA77F6295B2F}" = protocol=58 | dir=out | [email protected],-28546 |
"{1F011833-9431-481B-AFFB-D689F4893CFD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1F0E26A5-D746-4BEB-92CD-86A233037D42}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{266D4B7A-3235-41F0-A5C7-C201B69C145D}" = dir=out | name=@{microsoft.bingweather_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{27A5946B-B332-45D3-A6CF-9BC5924F0DDD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2947272A-4F67-4A0F-A825-E1B7D81B7F12}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2C06F874-9C54-4322-BD4A-05520B8DFDCA}" = dir=out | name=netflix |
"{2C1D8AB5-B567-44B6-9591-4564108FDC46}" = protocol=58 | dir=out | [email protected],-28546 |
"{2E4262DA-ECD5-44B3-812E-742D5C497763}" = dir=in | app=c:\program files (x86)\youtube downloader services\a2\youtubeserv.exe |
"{2F246937-4807-4002-9F34-2D6D9DF69CDC}" = dir=in | name=evernote touch |
"{33FA78CF-D105-4576-8216-DFE34C56542C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3601C6EF-3CB5-433D-AAC7-B03C8598F22B}" = dir=out | name=stumbleupon |
"{383EA6B7-B9C9-42C8-88DE-5CDFAE2CC35A}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{39950590-FB74-445B-8AF2-71291CA61AB6}" = dir=out | name=chacha |
"{3ACE5822-1254-44D4-85DB-262C07F80886}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4111DE43-EC32-46E8-9A43-C585EFA8DAB7}" = protocol=1 | dir=in | [email protected],-28543 |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4A574D59-A4D6-4ED5-B8BD-1199E2021D87}" = protocol=6 | dir=out | app=system |
"{4B0C6224-396D-49E7-8C15-F9271D70FA7C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd.exe |
"{4FF1D99A-2049-4B2E-982D-301632A432D9}" = dir=in | name=skype |
"{50EB05C6-2699-4248-AFD0-BB9609FFEFA0}" = dir=out | name=next issue magazines for acer |
"{5158FFA2-3057-4AE7-8DAA-7D7DAE2DFB94}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5216270A-FFC3-471C-B505-D5AC153C8962}" = dir=out | name=@{microsoft.zunevideo_2.6.434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5ADBE34F-A0DF-4A13-B17F-632AEAA68041}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5F469EE9-888B-4C55-9418-8CADE9CB2AE3}" = dir=out | name=@{microsoft.bingfinance_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{62C0D405-6F55-4B32-A37E-41106B2995BD}" = dir=out | name=@{microsoft.xboxlivegames_2.0.20.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{6421BBE9-11B8-4EC8-A1EB-F810DA72F37B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6604ACBE-0CE6-4814-AAB3-9CDB4526FFD0}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.177_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{66BE11F1-510F-4C1D-AA61-D7B97206CFEE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{676C940D-A76E-48D0-A9EB-44AAE81FA618}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6975BC38-377F-426A-9650-39D3FD9C96F6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abphoto\dmcdaemon.exe |
"{6B6B9971-92E3-466F-A84D-F190184EE7D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6D2D1181-111A-4509-B47D-E6835B8919E7}" = dir=out | name=amazon |
"{6EA4DE58-C8DD-49BE-B749-C9AB1F03CE6B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abphoto\windowsupnp.exe |
"{7232CED0-6B6C-4D14-9B36-D2E14EB12BBF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{733821CC-C2D7-4320-ACA4-56290F6BABFB}" = dir=out | name=@{microsoft.xboxcompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{738A5F8C-F1E5-4C65-B9E0-CF93FE42ADD2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{73F90FD6-936A-436F-BA12-F4F34EEBDE3A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abphoto\dmcdaemon.exe |
"{74F7D40C-60C3-478B-8113-7E0A66880326}" = dir=out | name=hulu plus |
"{751A6F89-F8A6-4AEE-850D-EBF686EEA376}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{765121A1-9431-4E6A-92DD-D958537A1DAF}" = dir=out | name=@{microsoft.bingtravel_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{795D1727-6339-46CC-98FA-CCD700E4CD44}" = dir=in | name=zinio |
"{79E5BE03-0E73-444D-929F-5B80C3C45CBE}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{7B0D0B11-A9AE-455C-A25C-71F8A8A3BF89}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{7DBCC072-30C3-46A0-9673-D4FB7E5777AF}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{7E883D2E-C756-4912-973F-BAC2ECFCE565}" = dir=in | app=c:\program files\soluto\solutocleanup.exe |
"{850FB24E-DFBA-489C-B8DA-B50B2CD2261E}" = dir=out | name=@{microsoft.zunemusic_2.2.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{852D0224-E6FC-4A0E-8568-2F910F9203AA}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{861CB39A-4CC3-4B08-B48C-DCD6B127AAD5}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{86DA678E-35BC-40BD-B669-DA4043B7DFF9}" = dir=out | name=@{microsoft.bingtravel_3.0.4.303_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{872BB1D4-D147-426E-B15B-D0F5233C2115}" = dir=out | name=acer explorer |
"{895B9433-0BE8-466E-AEAB-39F82AC298D2}" = dir=out | name=didlr |
"{8C8EACB0-8690-4419-8318-84BF37DF196C}" = dir=in | name=@{magix.musicmakerjam_2.1.1034.3_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{91B36F75-B092-4F59-AF9F-92983BC30F17}" = dir=out | name=- games app - |
"{97C56256-CF01-4DC1-92A9-AFB4B25FCE72}" = dir=in | name=next issue magazines for acer |
"{987275CA-AE26-4962-9277-2C401909D101}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{98BBA978-D5B2-45AC-A665-15903CE7BC1F}" = dir=out | name=kindle |
"{9949955E-6C00-4CBD-882D-2474405780A9}" = dir=out | name=@{microsoft.bingfinance_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{9A2FD185-E098-49E0-8D60-FDC46F394BED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9DEF4AFB-3402-4337-A7BF-476996F93328}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A05CC6EE-E547-407F-9EBC-FFAD32EFB060}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A1B3215E-BFEC-4C82-846C-43FA9CA065B7}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{A80BD40C-3347-411A-BED6-95548BD84976}" = protocol=1 | dir=out | [email protected],-28544 |
"{A9A3F03F-D7EB-4FB1-A0DE-8D67916C4C6A}" = dir=out | name=ebay |
"{A9F931E9-0952-4420-A465-D43F1CFE165D}" = dir=in | app=c:\program files\soluto\solutoservice.exe |
"{AB2B38CD-662B-43F9-BD64-1195CCC1C57A}" = dir=out | name=icookbook se |
"{B1476847-1BD3-4309-9917-615C1B001B81}" = dir=out | name=@{microsoft.bingweather_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{B2F9A3FD-220C-403B-8386-EAA3A32578B8}" = dir=out | name=@{microsoft.zunemusic_2.6.653.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{B495ECC6-4752-4756-89A6-33921492288A}" = dir=out | name=@{magix.musicmakerjam_2.1.1034.3_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{B4CAD245-DD01-4A1A-8F18-5A31ADD13659}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B53E4E7F-47B6-4B0B-A72C-FCBBFB05B7AA}" = dir=out | name=evernote touch |
"{B56E0D89-967B-4BF0-850D-0B3B12807606}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\windowsupnpmv.exe |
"{B77FBEF0-ABEC-4ADF-A31F-D457B1DC94FA}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.253_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{B7E17F99-E727-430E-9373-46F56A15B586}" = dir=out | name=@{microsoft.zunevideo_2.2.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{B84859E9-41F6-4BF0-A030-8397E9A30D1F}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{BD20F178-B1AA-4704-9C5A-3F3A684A5CF4}" = dir=in | name=skype |
"{BEF42826-6A44-41A6-8726-07DCF58E5E01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C0A6FE5E-06E4-4EFE-9449-6FEF41052543}" = protocol=1 | dir=out | [email protected],-28544 |
"{C1033242-82D9-4F2A-84F4-4764594E6C2F}" = dir=out | name=booking.com partner edition |
"{C166BAB6-C94C-4B0C-9F1D-FEB738A997AB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C174D7E5-D9DF-4B07-BCEB-C7428A45359C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{C44DA0C2-E99A-4170-8144-2F2329BE69B9}" = dir=out | name=@{microsoft.bingnews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{CD99D4EA-55A1-4EC0-9EF5-3F35085915A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CEBB35D0-F006-4E5E-87B8-8A917C35AD34}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DA1BBC98-EB79-4A3F-BF69-C1CC476E7C33}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.176_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DEC1F62D-9BDD-4648-B9A6-D376CA404D1A}" = dir=out | name=@{microsoft.bingsports_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{E1D87492-2FA0-4719-939B-518D5A812A7D}" = dir=in | name=newsxpresso |
"{E297124A-65C1-47E6-9C55-CC96D48D2A9A}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E77E2F84-3A96-4698-A0E0-53AC75B5AA06}" = dir=out | name=@{microsoft.bingnews_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{E9704149-79A6-48B5-AAAE-570916F9E487}" = dir=in | app=c:\program files\soluto\soluto.exe |
"{E9C71FDD-970B-463A-A42D-DDD7431517AB}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abmedia\dmcdaemon.exe |
"{E9F3ACDF-2E03-4ECF-B78F-346DA167256D}" = dir=in | name=acer explorer |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ED0A56D2-D2DC-43D9-98B5-6FE0473B302C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ED807402-BF6D-4888-ACEE-089BD71E5765}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EFA15450-6CDA-4F9B-89A5-93229DCDE1AC}" = dir=out | name=windows_ie_ac_001 |
"{F22C5C94-72E7-426B-9E68-12B9BFD9B4BE}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{F460A4C3-06A0-4302-8FCC-DC0EF126D025}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F55FE2E3-9C5B-432E-9DD3-32AE7B7B9DC5}" = dir=out | name=skype |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6D494C6-3D85-4E21-83B6-7B0F1E130C3E}" = dir=out | name=acer scrapboard |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F8709567-33D0-46E9-AA4F-AC18CFB54595}" = protocol=1 | dir=in | [email protected],-28543 |
"{F98EF007-822E-49B3-A61F-57F9303D4943}" = dir=out | name=skype |
"{F9D3879B-7BFD-4D7C-B627-2BF2F0B99601}" = dir=out | name=newsxpresso |
"{FBDCB20A-7B59-424E-9EBF-D4C88DF7E72B}" = dir=in | name=@{microsoft.xboxcompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{FC1759E7-36E8-46F4-82F1-D402E08C41B7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FCBCC0CA-FE86-4EA2-93D3-D2A2767AF881}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{FCDA3288-5337-46AD-8A36-816EA47EDF03}" = dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{FD492345-DB33-4409-A37A-529E5D1D6F80}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FD7D6604-CAD2-4994-8D55-ECFBC1EAD122}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{FDBF22E2-B6B1-4194-A4EB-10F4FDD5563A}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{FF0A0D9C-8AE7-4AD9-94D1-2E6B35C8B98D}" = dir=in | app=c:\program files\soluto\solutoconsole.exe |
"TCP Query User{A1CB6FF2-80F3-4E8D-8161-A2139BA3503C}C:\program files (x86)\internet camera\connectsky wizard\connectsky.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet camera\connectsky wizard\connectsky.exe |
"TCP Query User{E9A8DD70-72B3-41FD-BDD3-BDE5A5211532}C:\program files (x86)\internet camera\connectsky viewer\connectsky_viewer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet camera\connectsky viewer\connectsky_viewer.exe |
"UDP Query User{0C8F22FC-BD3A-42AC-AFC7-A8237B038EE8}C:\program files (x86)\internet camera\connectsky viewer\connectsky_viewer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet camera\connectsky viewer\connectsky_viewer.exe |
"UDP Query User{7A89E236-8E27-4A43-93A9-960DE716100A}C:\program files (x86)\internet camera\connectsky wizard\connectsky.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet camera\connectsky wizard\connectsky.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{13885028-098C-4799-9B71-27DAC96502D5}" = Acer Remote Files
"{176E2755-0A17-42C6-88E2-192AB2131278}" = Intel® Trusted Execution Engine
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{3685B5E8-A0A8-494B-B035-B221547A4B63}" = Intel® Trusted Execution Engine Driver
"{560EF349-46D0-4F6B-A208-482CC19D1E5E}" = Update for Microsoft en-us Dictionary
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{A40888FC-B545-46F3-8628-6AE98C1C75C6}" = Soluto
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{BB1F8130-3CB3-4896-9D28-770DFFFDE59C}" = Acer Touch Tools
"{BCCACFE6-91A0-4F32-80A0-ADC0CA048C7B}" = Intel® Trusted Execution Engine
"{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}" = Acer Launch Manager
"{C1FA525F-D701-4B31-9D32-504FC0CF0B98}" = Acer Quick Access
"{E438A632-CADC-49E4-9492-C9F50F9AE37F}" = Acer Power Management
"CCleaner" = CCleaner
"HitmanPro37" = HitmanPro 3.7
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WLAN and Bluetooth Client Installation Program
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{4A37A114-702F-4055-A4B6-16571D4A5353}" = AOP Framework
"{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}" = Nero BackItUp 12 Essentials OEM.a01
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66732EEE-ECBC-4CA6-A474-ytd}_is1" = Solid YouTube Downloader and Converter 6.2.0.1
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84443E5D-0767-438B-B1C8-6A52FAB2101B}" = Acer Screen Grasp
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{91589413-6675-4C27-8AFC-EFB9103B90A5}" = eBay Worldwide
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}" = Nero RescueAgent
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = Acer Portal
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = abPhoto
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C46E44D8-208A-41CD-9D8B-5226B634A5E0}" = Airlink101 SkyIPCam Utility
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = abDocs
"{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}" = Nero BackItUp
"{DCBF3379-246B-47E1-8173-639B63940838}" = abDocs Office AddIn
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = abMedia
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"ConnectSky Viewer_is1" = Airlink101 ConnectSky Viewer
"ConnectSky_is1" = ConnectSky Setup Wizard
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox 35.0.1 (x86 en-US)" = Mozilla Firefox 35.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.95
"Spotify" = Spotify
"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WildTangentGameProvider-acer-genres" = Game Channels
"WTA-0cf69751-fbd7-4c0d-92ad-d4b122177af7" = Peggle Nights
"WTA-25a6e998-a2eb-44a7-ae15-ffa7cb86177d" = The Chronicles of Emerland Solitaire
"WTA-3a46511f-bc5b-48c2-8370-c8b8a2383264" = Cradle Of Egypt Collector's Edition
"WTA-3be9f4d5-2caf-4d52-865b-15b12af852e3" = Magic Academy
"WTA-5be77061-f652-49ce-8d1a-80b388d217ef" = Trinklit Supreme
"WTA-6fbfc08c-96c4-426b-a21a-93025d5ae924" = Plants vs. Zombies - Game of the Year
"WTA-b0b01765-b186-4a4b-b82b-f6d46bd0954a" = Aloha TriPeaks
"WTA-c654ffe4-cede-4759-abd6-66bb4eb29794" = Luxor Evolved
"WTA-e6f3e810-9c4a-4a31-942c-f1ec4c72bbf5" = Governor of Poker 2 Premium Edition
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Pokki_03d432a7e610c3e908213e7689d4342ce2111caf" = Acer Games
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2/23/2015 9:29:54 PM | Computer Name = Turtle0734 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with
error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional
information.
Error - 2/23/2015 9:36:44 PM | Computer Name = Turtle0734 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with
error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional
information.
Error - 2/23/2015 9:58:58 PM | Computer Name = Turtle0734 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with
error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional
information.
Error - 2/23/2015 10:13:37 PM | Computer Name = Turtle0734 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with
error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional
information.
Error - 2/23/2015 10:40:35 PM | Computer Name = Turtle0734 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with
error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional
information.
Error - 2/23/2015 11:17:00 PM | Computer Name = Turtle0734 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with
error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional
information.
Error - 2/23/2015 11:20:42 PM | Computer Name = Turtle0734 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with
error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional
information.
Error - 2/24/2015 12:01:11 AM | Computer Name = Turtle0734 | Source = Application Error | ID = 1000
Description = Faulting application name: AcerPortal.exe, version: 3.0.4.2002, time
stamp: 0x54942c87 Faulting module name: SHELL32.dll, version: 6.3.9600.17415, time
stamp: 0x54503a17 Exception code: 0xc0000005 Fault offset: 0x0017025b Faulting process
id: 0x102c Faulting application start time: 0x01d04fe686357b6b Faulting application
path: C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe Faulting module path:
C:\Windows\SYSTEM32\SHELL32.dll Report Id: c43c9ae0-bbd9-11e4-828c-201a06d6d51a Faulting
package full name: Faulting package-relative application ID:
Error - 2/24/2015 4:23:36 PM | Computer Name = Turtle0734 | Source = Application Error | ID = 1000
Description = Faulting application name: AcerPortal.exe, version: 3.0.4.2002, time
stamp: 0x54942c87 Faulting module name: SHELL32.dll, version: 6.3.9600.17415, time
stamp: 0x54503a17 Exception code: 0xc0000005 Fault offset: 0x0017025b Faulting process
id: 0x998 Faulting application start time: 0x01d0506fc354c2dc Faulting application
path: C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe Faulting module path:
C:\Windows\SYSTEM32\SHELL32.dll Report Id: 022c724d-bc63-11e4-828d-201a06d6d51a Faulting
package full name: Faulting package-relative application ID:
Error - 2/24/2015 4:26:18 PM | Computer Name = Turtle0734 | Source = Application Error | ID = 1000
Description = Faulting application name: BackgroundAgent.exe, version: 1.0.1.6,
time stamp: 0x5494253a Faulting module name: MSVCR90.dll, version: 9.0.30729.8387,
time stamp: 0x51ea24a5 Exception code: 0xc0000005 Fault offset: 0x00056b1d Faulting
process id: 0x130c Faulting application start time: 0x01d0506f939a31a8 Faulting application
path: C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe Faulting module
path: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll
Report
Id: 62a37658-bc63-11e4-828d-201a06d6d51a Faulting package full name: Faulting package-relative
application ID:
[ System Events ]
Error - 2/23/2015 4:49:18 PM | Computer Name = Turtle0734 | Source = DCOM | ID = 10010
Description =
Error - 2/23/2015 4:49:18 PM | Computer Name = Turtle0734 | Source = DCOM | ID = 10010
Description =
Error - 2/23/2015 4:49:19 PM | Computer Name = Turtle0734 | Source = DCOM | ID = 10010
Description =
Error - 2/23/2015 4:49:19 PM | Computer Name = Turtle0734 | Source = DCOM | ID = 10010
Description =
Error - 2/23/2015 4:49:19 PM | Computer Name = Turtle0734 | Source = DCOM | ID = 10010
Description =
Error - 2/23/2015 4:49:19 PM | Computer Name = Turtle0734 | Source = DCOM | ID = 10010
Description =
Error - 2/23/2015 4:49:24 PM | Computer Name = Turtle0734 | Source = Service Control Manager | ID = 7023
Description = The Superfetch service terminated with the following error: %%1062
Error - 2/23/2015 11:27:11 PM | Computer Name = Turtle0734 | Source = Service Control Manager | ID = 7000
Description = The Windows Defender Service service failed to start due to the following
error: %%577
Error - 2/24/2015 1:08:02 AM | Computer Name = Turtle0734 | Source = Service Control Manager | ID = 7023
Description = The Superfetch service terminated with the following error: %%1062
Error - 2/24/2015 4:21:24 PM | Computer Name = Turtle0734 | Source = Service Control Manager | ID = 7000
Description = The Windows Defender Service service failed to start due to the following
error: %%577
< End of report >