Ive been having trouble with my laptop since my daughter accidently downloaded some Maleware. Ive tried to get it all out of my system but clearly its not all gone. From what I could tell it was the following programs: ShopperZ, YTDownloader, Flashbeat, PCCleanerPro, Wordsurfer
I manually deleted most of the files and my computer seemed better however last week internet explorer stopped working and the error code says something about using a proxy server. ive also noticed a few digital certificates that clearly don't belong and aren't legit. The most recent scan from Windows Defender quarantined dnsapi.dll and i am stuck on what to do from here.
Also, ive tried to run system file cleaner and it always ends with "found corrupt files, unable to fix".
Ive pasted my FRST log and i believe i am in need of a fixlist now? i was trying to figure out how to create my own because I am leery about posting this info but it seems to complex. Could someone verify that no one can use this information to make my system worse? any help is greatly appreciated as i have much work to do this weekend and cant do it on a laptop that isn't secure and safe.
Ran by Wendy (administrator) on NOTEBOOK (09-10-2015 23:45:37)
Running from C:\Users\Wendy\Desktop
Loaded Profiles: Wendy (Available Profiles: Wendy)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.10.5.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6306.42251.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6306.42251.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
==================== Registry (Whitelisted) ===========================
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-23] (Acer Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3935912 2015-08-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-02-15] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-02-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\...\Run: [ComcastAntispyClient] => C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe [1589208 2009-08-19] ()
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\...\RunOnce: [Uninstall C:\Users\Wendy\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Wendy\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [805888 2015-07-10] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => No File
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => No File
Startup: C:\Users\Wendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-08-02]
ShortcutTarget: Dropbox.lnk -> C:\Users\Wendy\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Wendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-04-05]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
ProxyServer: [HKLM-x32] => 127.0.0.1:9091
AutoConfigURL: [HKLM] => 127.0.0.1:9091
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{5b4fc3c7-a4fe-466a-ad1a-8982deeffde7}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{ec165e47-7983-45dc-b201-36594d8a9bc9}: [DhcpNameServer] 192.168.2.1
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130847823237268288&GUID=25D787AA-CA5F-48BB-BB3C-3640A04FCC3E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130847823237273679&GUID=25D787AA-CA5F-48BB-BB3C-3640A04FCC3E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130847823237285619&GUID=25D787AA-CA5F-48BB-BB3C-3640A04FCC3E
URLSearchHook: HKU\S-1-5-21-2389695071-1928321251-2773591669-1000 - (No Name) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2389695071-1928321251-2773591669-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKU\S-1-5-21-2389695071-1928321251-2773591669-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2389695071-1928321251-2773591669-1000 -> {D62E54FD-024A-4A46-BB39-0AEECC058C51} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-24] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-24] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24] (Google Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2011-05-26] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll [2013-12-27] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
S4 AntiSpywareService; C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [616408 2009-06-17] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVerRECentral; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [373248 2014-01-16] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-16] (WildTangent)
S3 ITMRTSVC; C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe [283912 2007-09-26] (CA, Inc.)
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-03] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-08-03] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-03] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-03] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S4 BrsHelper; C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE [X]
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-03] (Microsoft Corporation)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S1 rncmaqih; C:\WINDOWS\system32\drivers\rncmaqih.sys [55168 2015-10-06] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-08-03] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S1 nqvxuyue; \??\C:\WINDOWS\system32\drivers\nqvxuyue.sys [X]
S2 sbmntr; \??\C:\PROGRA~2\YTDOWN~1\sbmntr.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
==================== One Month Created files and folders ========
2015-10-09 22:37 - 2015-10-09 22:37 - 00000000 ____D C:\Users\Wendy\Downloads\FRST-OlderVersion
2015-10-08 06:09 - 2015-10-08 06:09 - 00159298 _____ C:\Users\Wendy\Desktop\Shortcut.txt
2015-10-08 06:07 - 2015-10-09 21:09 - 00053875 _____ C:\Users\Wendy\Desktop\Addition.txt
2015-10-08 06:02 - 2015-10-09 23:45 - 00023801 _____ C:\Users\Wendy\Desktop\FRST.txt
2015-10-08 06:01 - 2015-10-08 06:01 - 02870984 _____ (ESET) C:\Users\Wendy\Desktop\esetsmartinstaller_enu.exe
2015-10-08 05:59 - 2015-10-09 23:45 - 00000000 ____D C:\FRST
2015-10-08 05:59 - 2015-10-09 22:37 - 02194944 _____ (Farbar) C:\Users\Wendy\Desktop\FRST64.exe
2015-10-06 22:00 - 2015-10-06 22:00 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rncmaqih.sys
2015-10-06 20:15 - 2015-10-06 20:15 - 00000000 ___HD C:\OneDriveTemp
2015-10-05 00:08 - 2015-10-05 00:08 - 00000017 _____ C:\Users\Wendy\AppData\Local\resmon.resmoncfg
2015-10-04 13:49 - 2015-10-04 14:03 - 2421989376 _____ C:\Users\Wendy\Downloads\O365HomePremRetail.img
2015-10-04 13:31 - 2015-10-05 22:16 - 00000000 ____D C:\Users\.NET v4.5 Classic
2015-10-04 13:31 - 2015-10-05 22:16 - 00000000 ____D C:\Users\.NET v4.5
2015-10-04 13:31 - 2015-10-05 22:16 - 00000000 ____D C:\Users\.NET v2.0
2015-10-04 13:31 - 2015-10-05 22:10 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-04 13:31 - 2015-10-05 22:10 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-04 13:31 - 2015-10-05 22:10 - 00000000 ____D C:\Users\.NET v2.0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\Macromedia
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\Intel Corporation
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\InstallShield
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v4.5\AppData\Roaming\Adobe
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v4.5\AppData\Local\Windows Live
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v4.5\AppData\Local\Adobe
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\Macromedia
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\Intel Corporation
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\InstallShield
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Roaming\Adobe
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Local\Windows Live
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v4.5 Classic\AppData\Local\Adobe
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v2.0\AppData\Roaming\Macromedia
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v2.0\AppData\Roaming\Intel Corporation
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v2.0\AppData\Roaming\InstallShield
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v2.0\AppData\Roaming\Adobe
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v2.0\AppData\Local\Windows Live
2015-10-04 13:31 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v2.0\AppData\Local\Adobe
2015-10-04 13:31 - 2011-04-06 16:20 - 00057560 _____ C:\Users\.NET v4.5\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-04 13:31 - 2011-04-06 16:20 - 00057560 _____ C:\Users\.NET v4.5 Classic\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-04 13:31 - 2011-04-06 16:20 - 00057560 _____ C:\Users\.NET v2.0\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-04 13:30 - 2015-10-05 22:10 - 00000000 __RSD C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-04 13:30 - 2015-10-05 22:10 - 00000000 __RSD C:\Users\.NET v2.0 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-04 13:30 - 2015-10-05 22:10 - 00000000 ___RD C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-04 13:30 - 2015-10-05 22:10 - 00000000 ___RD C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-04 13:30 - 2015-10-05 22:10 - 00000000 ___RD C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-04 13:30 - 2015-10-05 22:10 - 00000000 ___RD C:\Users\.NET v2.0 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-04 13:30 - 2015-10-05 22:10 - 00000000 ___RD C:\Users\.NET v2.0 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-04 13:30 - 2015-10-05 22:10 - 00000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-04 13:30 - 2015-10-05 22:10 - 00000000 ____D C:\Users\Classic .NET AppPool
2015-10-04 13:30 - 2015-10-05 22:10 - 00000000 ____D C:\Users\.NET v2.0 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-04 13:30 - 2015-10-05 22:10 - 00000000 ____D C:\Users\.NET v2.0 Classic
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\Macromedia
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\Intel Corporation
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\InstallShield
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\Adobe
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\Classic .NET AppPool\AppData\Local\Windows Live
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\Classic .NET AppPool\AppData\Local\Downloaded Installations
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\Classic .NET AppPool\AppData\Local\Adobe
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v2.0 Classic\AppData\Roaming\Macromedia
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v2.0 Classic\AppData\Roaming\Intel Corporation
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v2.0 Classic\AppData\Roaming\InstallShield
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v2.0 Classic\AppData\Roaming\Adobe
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v2.0 Classic\AppData\Local\Windows Live
2015-10-04 13:30 - 2015-08-03 17:46 - 00000000 ____D C:\Users\.NET v2.0 Classic\AppData\Local\Adobe
2015-10-04 13:30 - 2011-04-06 16:20 - 00057560 _____ C:\Users\Classic .NET AppPool\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-04 13:30 - 2011-04-06 16:20 - 00057560 _____ C:\Users\.NET v2.0 Classic\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-04 13:29 - 2015-10-04 13:29 - 00000000 ____D C:\Program Files\Windows Identity Foundation
2015-10-04 12:31 - 2015-10-04 12:31 - 00000000 ____D C:\Users\Wendy\AppData\Local\Google
2015-10-04 11:36 - 2015-10-04 11:36 - 00997927 _____ C:\Users\Wendy\Downloads\O15CTRRemove.diagcab
2015-10-03 22:22 - 2015-10-03 22:22 - 00000000 ____D C:\Program Files\DisplayLink Graphics
2015-10-03 22:20 - 2015-10-05 22:10 - 00000000 ____D C:\Program Files\DisplayLink Core Software
2015-10-03 22:20 - 2015-10-03 22:21 - 00002930 _____ C:\WINDOWS\system32\MsiExec.log
2015-10-03 21:02 - 2015-10-03 21:02 - 00000000 ____D C:\$SysReset
2015-10-03 19:20 - 2015-10-03 19:20 - 00038563 _____ C:\Users\Wendy\Downloads\cssemerg69697.diagcab
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\Program Files\Microsoft Security Client
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\Program Files (x86)\System Cleaner Pro
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\Program Files (x86)\Itibiti Soft Phone
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\Program Files (x86)\Broadcom
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\be8106b9bc95323fd268ba6235ad69
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\bd9118d39e1f207ee9cd6dcd0939
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\b9c13b78d128895b6e52
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\776e24d3f6aba141bb9c83b3fe63ae77
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\65b66254bc6a4f7c7497ac9d8307
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\4f4fa18d4dd8f99f0ea6a6420281251a
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\419a2caadd4290847864
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\318cab8197d210aa5c5e
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\3089b6a24ef724d145
2015-10-03 18:54 - 2015-10-03 18:54 - 00000000 _____ C:\04bf7963418bedcfdde09dca48
2015-09-20 18:39 - 2015-09-20 18:39 - 00001040 _____ C:\Users\Wendy\Desktop\9-20-15.txt
2015-09-17 18:55 - 2015-09-17 18:55 - 00003780 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d0e826fa18e252
2015-09-13 15:51 - 2015-09-01 21:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-13 15:51 - 2015-09-01 20:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-13 15:51 - 2015-09-01 20:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-13 15:51 - 2015-08-27 02:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-13 15:51 - 2015-08-27 02:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-13 15:51 - 2015-08-27 02:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-13 15:51 - 2015-08-27 01:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-13 15:51 - 2015-08-27 01:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-13 15:51 - 2015-08-27 01:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-13 15:51 - 2015-08-27 01:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-13 15:51 - 2015-08-27 01:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-13 15:51 - 2015-08-27 01:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-13 15:51 - 2015-08-27 01:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-13 15:51 - 2015-08-27 01:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-13 15:51 - 2015-08-27 01:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-13 15:51 - 2015-08-27 01:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-13 15:51 - 2015-08-27 01:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-13 15:51 - 2015-08-27 01:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-13 15:51 - 2015-08-27 01:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-13 15:51 - 2015-08-27 01:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-13 15:51 - 2015-08-27 01:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-13 15:51 - 2015-08-27 01:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-13 15:51 - 2015-08-27 01:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-13 15:51 - 2015-08-27 01:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-13 15:51 - 2015-08-27 01:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-13 15:51 - 2015-08-27 01:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-13 15:51 - 2015-08-27 01:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-13 15:51 - 2015-08-27 01:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-13 15:51 - 2015-08-27 01:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-13 15:51 - 2015-08-27 01:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-13 15:51 - 2015-08-27 01:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-13 15:51 - 2015-08-27 01:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 01:46 - 2015-09-09 01:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-10-09 23:09 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-09 23:06 - 2015-07-10 08:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-09 23:00 - 2013-02-21 22:12 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-09 20:11 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-09 20:09 - 2015-08-03 17:35 - 01006528 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-09 20:08 - 2011-12-25 20:30 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2015-10-08 19:00 - 2015-09-05 18:05 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0e826fa18e252.job
2015-10-08 14:55 - 2013-02-21 22:12 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-07 22:44 - 2014-03-03 18:27 - 00000000 ____D C:\Users\Wendy\OneDrive
2015-10-06 20:16 - 2011-10-08 22:42 - 00000000 ____D C:\ProgramData\clear.fi
2015-10-06 20:15 - 2015-01-25 17:58 - 00000000 ___RD C:\Users\Wendy\iCloudDrive
2015-10-06 10:38 - 2015-07-10 06:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-06 10:29 - 2015-08-03 17:37 - 00000000 ____D C:\Users\Wendy
2015-10-06 10:27 - 2015-07-10 08:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 __RSD C:\WINDOWS\Media
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ___SD C:\WINDOWS\system32\Nui
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system\Speech
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-06 10:21 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\IME
2015-10-06 10:20 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-06 10:20 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-10-06 10:20 - 2015-07-10 05:05 - 00000000 ____D C:\WINDOWS\servicing
2015-10-06 10:20 - 2013-03-06 21:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-10-06 10:19 - 2015-08-03 18:04 - 00000000 ____D C:\Users\Wendy\AppData\Local\Packages
2015-10-06 10:19 - 2015-08-03 17:37 - 00000000 ___RD C:\Users\Wendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-06 10:19 - 2011-10-08 22:16 - 00000000 ____D C:\Users\Wendy\AppData\Local\PowerCinema
2015-10-06 10:17 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-06 10:17 - 2015-03-21 09:56 - 00000000 ____D C:\Users\Wendy\AppData\Local\Microsoft Help
2015-10-06 10:17 - 2014-03-03 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-06 10:17 - 2014-03-03 18:17 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-06 10:17 - 2013-03-06 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
2015-10-06 10:17 - 2013-03-06 21:38 - 00000000 ____D C:\Program Files\Microsoft Office
2015-10-06 10:17 - 2013-03-06 21:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-10-06 10:17 - 2013-02-21 22:13 - 00000000 ____D C:\Program Files\Google
2015-10-06 10:17 - 2013-02-21 22:12 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-06 10:17 - 2011-05-14 10:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-06 10:17 - 2011-04-06 17:00 - 00000000 ____D C:\ProgramData\BackupManager
2015-10-06 10:05 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\registration
2015-10-06 10:00 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-10-06 10:00 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\SystemResources
2015-10-06 09:59 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-10-06 09:58 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-10-06 09:58 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-10-06 09:57 - 2015-07-10 07:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-10-06 09:55 - 2013-03-06 21:39 - 00000000 ____D C:\Users\Wendy\AppData\Roaming\SoftGrid Client
2015-10-06 09:34 - 2015-08-03 21:18 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-10-06 09:34 - 2015-07-10 09:14 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-06 09:34 - 2015-07-10 07:04 - 00000000 ____D C:\Program Files\Windows NT
2015-10-06 09:34 - 2013-03-14 03:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-06 09:30 - 2015-08-03 21:18 - 00000000 ____D C:\inetpub
2015-10-06 09:30 - 2011-04-06 16:56 - 00000000 ___HD C:\OEM
2015-10-06 09:30 - 2011-04-06 16:55 - 00000000 ____D C:\Program Files (x86)\EgisTec Shredder
2015-10-06 09:30 - 2011-04-06 16:54 - 00000000 ____D C:\Program Files (x86)\EgisTec MyWinLocker
2015-10-06 09:30 - 2011-04-06 16:53 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-06 09:30 - 2011-04-06 16:52 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-10-06 09:30 - 2011-04-06 16:21 - 00000000 ____D C:\Program Files (x86)\Acer Games
2015-10-04 22:04 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-04 16:29 - 2015-09-05 19:15 - 00006208 _____ C:\WINDOWS\PFRO.log
2015-10-04 13:31 - 2015-08-03 17:35 - 00042366 _____ C:\WINDOWS\iis.log
2015-10-03 18:54 - 2013-03-06 21:38 - 00000000 ____D C:\Users\Wendy\AppData\Roaming\TP
2015-10-01 18:25 - 2015-07-10 08:20 - 00018136 _____ C:\WINDOWS\setupact.log
2015-09-27 15:46 - 2015-09-07 18:52 - 00000000 ____D C:\Users\Wendy\AppData\Local\Comms
2015-09-21 00:00 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-20 23:22 - 2011-10-08 22:15 - 00000000 ____D C:\Users\Wendy\AppData\Local\VirtualStore
2015-09-20 20:41 - 2015-07-10 08:20 - 00336488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-20 20:40 - 2015-07-10 05:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-20 20:21 - 2013-08-15 03:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-20 18:46 - 2015-08-23 20:31 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-20 18:39 - 2015-08-03 18:13 - 00002378 _____ C:\Users\Wendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-20 18:39 - 2015-08-03 18:09 - 00001331 _____ C:\Users\Wendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan.lnk
2015-09-20 18:39 - 2015-08-03 18:07 - 00001313 _____ C:\Users\Wendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio Manager.lnk
2015-09-20 18:39 - 2015-08-03 17:46 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-20 18:39 - 2015-07-10 07:01 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2015-09-20 18:39 - 2015-07-10 07:01 - 00002289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2015-09-20 18:39 - 2015-07-10 07:01 - 00002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2015-09-20 18:39 - 2015-07-10 07:00 - 00002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2015-09-20 18:39 - 2015-07-10 07:00 - 00001578 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-09-20 18:39 - 2015-07-10 07:00 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2015-09-20 18:39 - 2015-03-21 09:27 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-09-20 18:39 - 2014-08-18 02:33 - 00001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-09-20 18:39 - 2014-07-12 18:05 - 00001366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-09-20 18:39 - 2014-03-03 18:27 - 00002162 _____ C:\Users\Wendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-09-20 18:39 - 2012-10-14 10:52 - 00001866 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fooz Kids.lnk
2015-09-20 18:39 - 2011-12-02 19:21 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-20 18:39 - 2011-10-08 22:16 - 00000915 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Times Reader.lnk
2015-09-20 18:39 - 2011-05-14 10:14 - 00002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-09-20 18:39 - 2011-04-06 16:52 - 00001450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-09-20 18:38 - 2015-09-07 14:00 - 00000989 _____ C:\Users\Wendy\Desktop\CBS.log - Shortcut.lnk
2015-09-20 18:38 - 2015-08-23 20:31 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-20 18:38 - 2015-07-18 15:05 - 00001751 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-20 18:38 - 2015-07-18 14:54 - 00001843 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-09-20 18:38 - 2015-03-21 09:27 - 00002017 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-09-20 18:38 - 2014-08-18 02:34 - 00001015 _____ C:\Users\Wendy\Desktop\Audacity.lnk
2015-09-20 18:38 - 2014-07-26 09:52 - 00001211 _____ C:\Users\Wendy\Desktop\Kaspersky Security Scan.lnk
2015-09-20 18:38 - 2014-07-12 18:59 - 00001216 _____ C:\Users\Public\Desktop\XSplit Gamecaster.lnk
2015-09-20 18:38 - 2014-07-12 18:05 - 00001297 _____ C:\Users\Wendy\Desktop\Movie Maker.lnk
2015-09-20 18:38 - 2014-07-12 17:52 - 00002691 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-20 18:38 - 2014-07-11 19:19 - 00002151 _____ C:\Users\Public\Desktop\AVerMedia RECentral.lnk
2015-09-20 18:38 - 2012-10-14 10:52 - 00001860 _____ C:\Users\Public\Desktop\Fooz Kids.lnk
2015-09-20 18:38 - 2011-10-16 14:23 - 00002229 _____ C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
2015-09-20 18:38 - 2011-10-08 22:17 - 00002603 _____ C:\Users\Public\Desktop\eBay.lnk
2015-09-20 18:38 - 2011-10-08 22:17 - 00001962 _____ C:\Users\Public\Desktop\Netflix.lnk
2015-09-20 18:38 - 2011-10-08 22:16 - 00000909 _____ C:\Users\Public\Desktop\Times Reader.lnk
2015-09-20 18:38 - 2011-05-14 10:11 - 00001206 _____ C:\Users\Public\Desktop\NOOK for PC.lnk
2015-09-20 18:38 - 2011-05-14 10:09 - 00002165 _____ C:\Users\Public\Desktop\clear.fi.lnk
2015-09-20 18:38 - 2011-04-06 16:57 - 00001984 _____ C:\Users\Public\Desktop\Norton Online Backup.lnk
2015-09-20 18:38 - 2011-04-06 16:51 - 00002727 _____ C:\Users\Public\Desktop\clear.fi Tutorial.lnk
2015-09-20 18:38 - 2011-04-06 16:20 - 00002562 _____ C:\Users\Public\Desktop\WildTangent Games App - acer.lnk
2015-09-20 14:48 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2015-09-20 11:26 - 2015-02-02 01:57 - 00000000 ____D C:\Users\Wendy\Documents\Outlook Files
2015-09-17 18:55 - 2013-02-21 22:12 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-13 11:37 - 2011-10-09 09:37 - 00000000 ____D C:\Users\Wendy\AppData\Local\Apple Computer
2015-09-09 05:06 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-03 18:54 - 2015-10-03 18:54 - 0000000 _____ () C:\Program Files (x86)\Broadcom
2015-10-03 18:54 - 2015-10-03 18:54 - 0000000 _____ () C:\Program Files (x86)\Itibiti Soft Phone
2015-10-03 18:54 - 2015-10-03 18:54 - 0000000 _____ () C:\Program Files (x86)\System Cleaner Pro
2011-10-16 14:23 - 2011-10-16 14:56 - 0000077 _____ () C:\Users\Wendy\AppData\Roaming\Rim.Desktop.Exception.log
2011-10-16 14:23 - 2011-10-16 14:23 - 0001153 _____ () C:\Users\Wendy\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-10-16 14:23 - 2011-10-16 14:56 - 0000077 _____ () C:\Users\Wendy\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-08-25 02:24 - 2014-08-28 14:02 - 0000089 _____ () C:\Users\Wendy\AppData\Roaming\WB.CFG
2015-10-05 00:08 - 2015-10-05 00:08 - 0000017 _____ () C:\Users\Wendy\AppData\Local\resmon.resmoncfg
2011-05-14 10:07 - 2011-05-14 10:10 - 0015152 _____ () C:\ProgramData\ArcadeDeluxe5.log
2015-08-03 17:33 - 2015-08-03 17:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll
[2015-07-10 07:00] - [2015-08-22 14:52] - 0680256 ____A (Microsoft Corporation) F84D50EF068750CB192D15D4FDD7088C
[2015-07-10 07:00] - [2015-08-22 14:53] - 0534064 ____A () D41D8CD98F00B204E9800998ECF8427E
LastRegBack: 2015-10-06 10:41
Ran by Wendy (2015-10-09 23:47:05)
Running from C:\Users\Wendy\Desktop
Windows 10 Home (X64) (2015-08-03 22:04:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
DefaultAccount (S-1-5-21-2389695071-1928321251-2773591669-503 - Limited - Disabled)
Guest (S-1-5-21-2389695071-1928321251-2773591669-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2389695071-1928321251-2773591669-1002 - Limited - Enabled)
Wendy (S-1-5-21-2389695071-1928321251-2773591669-1000 - Administrator - Enabled) => C:\Users\Wendy
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1510 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1510 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3006 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.4 - WildTangent)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.1130.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Agatha Christie - 4:50 from Paddington (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVerMedia C875 Live Gamer Portable 3.7.64.23 (HKLM-x32\...\AVerMedia C875 Live Gamer Portable) (Version: 3.7.64.23 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia Live Gamer HD Series 3.3.64.42 (HKLM-x32\...\AVerMedia Live Gamer HD Series) (Version: 3.3.64.42 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia RECentral (HKLM-x32\...\InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}) (Version: 1.3.0.84 - AVerMedia Technologies, Inc.)
AVerMedia RECentral (x32 Version: 1.3.0.84 - AVerMedia Technologies, Inc.) Hidden
Backup Manager V3 (x32 Version: 3.0.0.85 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version: - )
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
BlackBerry Desktop Software 6.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.1.0.35 - Research In Motion Ltd.)
BlackBerry Desktop Software 6.1 (x32 Version: 6.1.0.35 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.2 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CA Pest Patrol Realtime Protection (HKLM-x32\...\{F05A5232-CE5E-4274-AB27-44EB8105898D}) (Version: 001.001.0034 - Computer Associates Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1422.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1422.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7418 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3008 - Acer Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
FFCB_IEAddon (HKLM-x32\...\{F6E481AE-2288-4C26-9F16-D16BADD83BF0}) (Version: 1.0.0 - SpinBall)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlashBeat (HKLM-x32\...\FlashBeat) (Version: - ) <==== ATTENTION
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.2.16 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.2.16 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 4.1.0.8 - WildTangent, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.0.82.0 - Intel)
iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Quest Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 12.0.1.881 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.)
MediaEspresso (x32 Version: 1.0.1418_35759 - CyberLink Corp.) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.1.237 - Barnesandnoble.com)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version: - ) <==== ATTENTION
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.13.0 - Synaptics Incorporated)
System Cleaner Pro 2.01 (HKLM-x32\...\System Cleaner Pro 2.01) (Version: 2.01 - System Cleaner Pro)
Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)
Times Reader (x32 Version: 2.055 - The New York Times Company) Hidden
Torchlight (x32 Version: 2.2.0.95 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.31 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WordSurfer 1.10.0.19 (HKLM-x32\...\WordSurfer_1.10.0.19) (Version: 1.10.0.19 - WordSurfer)
XSplit Gamecaster (HKLM-x32\...\{69A0FDE5-407D-4325-81F2-D5005F847DF3}) (Version: 1.9.1407.0414 - SplitmediaLabs)
YTDownloader (HKLM-x32\...\YTDownloader) (Version: - YTDownloader) <==== ATTENTION
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
05-10-2015 21:21:36 Restore Operation
Task: {092967F0-C66E-43BA-9123-49BC48F6611C} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {10E330AE-3E91-4F54-B7E8-0891B502A503} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-02-22] (CyberLink)
Task: {120DDF2E-EADA-43F3-9AFD-FEB676787D48} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {166EEEC2-A08F-4350-9FFE-21D8BB9BCAD2} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {1FE10AA4-E496-4207-BA7E-1A5F2F748DA9} - \YTDownloaderUpd -> No File <==== ATTENTION
Task: {24153C4F-1501-4D78-939E-F3887B76F5A7} - \bvxvbxvd -> No File <==== ATTENTION
Task: {29532EFE-5BB6-45D5-B494-CDA701FEE8A0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {2B35341E-58B8-495B-AF97-E8F0687A5E38} - \YTDownloader -> No File <==== ATTENTION
Task: {2E67F01C-3553-40E0-A907-8A6F176605F5} - \PaintTool SAI -> No File <==== ATTENTION
Task: {47529FDE-C74C-4DE6-9682-9200DA923BD4} - \Notify Helper -> No File <==== ATTENTION
Task: {4CDAD28F-D583-468F-B667-2FFE6356202F} - \SmartWeb Upgrade Trigger Task -> No File <==== ATTENTION
Task: {4D693E52-0515-4FA1-8AE4-E36FF19222C0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {53F4E837-D6CA-455B-81F3-7344057C1A79} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {55FC2B12-A712-4FAC-8760-0128CF6D2FEE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {566C12AB-5147-4F47-A950-24F10AF60870} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {56D716D7-79A5-4E90-8A2C-C3518FFDF2F1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {577ACAFA-6441-46FD-AA5D-BE639C1AC677} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {5C69B07C-CC92-4368-A738-A993CB848D95} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {5D46809A-8869-4606-A198-B5FADA739E2F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6000EC01-A51F-4CF3-9587-5AC45C9ACF01} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {62288D2C-2758-4446-85B1-E9F187F37733} - \SPBIW_UpdateTask_Time_333939363932333431332d5a376c5a4a6c573250344141 -> No File <==== ATTENTION
Task: {64F88B8C-E57D-4AD7-B274-4AD807215EC2} - System32\Tasks\{5C2DCAC9-A1A8-4AEE-A6C6-68B5A9EE31EE} => pcalua.exe -a "C:\Users\Wendy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K1R5SIVH\C985_application_and_driver_v1.3.0.46_20130617.exe" -d C:\Users\Wendy\Desktop
Task: {67958CCE-3DB1-4735-A3F4-2BA4557D7E65} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {67BFFA79-86B2-41CC-908A-C6A50F3BF91B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {68908337-05AB-4C4A-8C30-AB64B867C70A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {68C25381-E76D-4DD0-9829-39797230EC14} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {696BEDE9-AAA6-4829-80AC-2EB888CA5DFC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {745B77A7-4DB9-4466-9015-BAB6EC44CF5F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {74E1404F-9371-4D44-9F5D-45AC16B1C07E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {7C9C84BB-49F2-42A0-8E25-392354C6C397} - \WordSurfer Auto Updater 1.10.0.19 Core -> No File <==== ATTENTION
Task: {7E5BF3F7-EDFF-4E52-A48A-A3DC317C43BA} - \WordSurfer Auto Updater 1.10.0.19 Pending Update -> No File <==== ATTENTION
Task: {803D9411-8EB3-44A3-9C21-EA5EF601FB75} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {830A2863-E81E-4877-AAD9-B579247EC3BA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {88029952-6572-4631-A033-28BEA5D204A8} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e826fa18e252 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {89BB221D-DF91-4AF6-B785-FE601F3DE962} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {902C14BD-9365-4536-BB1A-39B79ED53A1E} - \System Cleaner Pro Auto Start -> No File <==== ATTENTION
Task: {920D5B1A-A935-43E8-B5DF-A3B21CBD8166} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {99B3E716-F1AA-4F2A-B33C-3AE29D29D961} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-09-11] (Microsoft Corporation)
Task: {9C4FC0D6-AEE0-4519-95CD-6FE2BED0229F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {A367959F-6398-4208-8BEA-FFEA61E70294} - System32\Tasks\{6EB71239-E329-4DC7-A8F3-A64AFDC138C2} => pcalua.exe -a "C:\Program Files (x86)\DailyPcClean Support\unins000.exe"
Task: {A6BA20F8-819D-42F2-BA40-AA8E07731D11} - \Jarmeee -> No File <==== ATTENTION
Task: {A808A96E-D5B3-42CB-AD89-B351C29B7C11} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-02-22] (Acer Incorporated)
Task: {AD9DB6BB-1BE5-481B-8DA2-D88CA2820DE7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AE9EE3EE-775E-469B-B574-89FA8611079A} - \updateTask -> No File <==== ATTENTION
Task: {B0D3CF47-F3D5-4D53-B270-CB588680A2E1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {B1D89B5A-D5DD-4961-A5DB-F9737392A0CA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-18] (Adobe Systems Incorporated)
Task: {BC650C00-6A30-4412-B709-2D8E194AA581} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {BC6BEFE2-E2C9-4683-9BB1-ED447830D7B9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BC9902D7-F2B6-4982-A984-0A86AEF77929} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BDEC4C9E-2A8B-4BD1-B2ED-AD0818A09852} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {C516EFA9-F2F5-4DC2-998C-A10FAE4EB79E} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-02-22] (CyberLink Corp.)
Task: {C5812387-F344-4101-AF50-F391FF880614} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C586E004-3D6A-4FA4-BF04-1BB37CB2386D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C73A8AC1-5ED6-471C-94B6-68B18CDEA617} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C8213448-346D-452D-81BA-AAA398B57DC5} - \4a752bbc-e718-4ff5-8948-5413ae8b7094 -> No File <==== ATTENTION
Task: {CC9322D8-8113-40E7-BC9C-D3CE404A3BB2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D01BAF9E-BB7E-44F4-BF6F-0695A078AB93} - \runTask -> No File <==== ATTENTION
Task: {D35AE52A-482C-4656-BFA0-429FDE04BD24} - \ShopperProJSUpd -> No File <==== ATTENTION
Task: {D875E597-84B7-4AAE-AE3A-7A71AB312978} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {DA781ED4-5DE4-4753-B292-F717851D6C7C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DB335640-3E12-4EC2-910D-9E98E48A0780} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {E0A35B6F-31D6-4901-859F-B285695EA54B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E1FB7C5E-7341-4C5A-812B-9ACFB6DBEE67} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {EE680E16-2613-4220-AE25-F4D39B1747A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {F727FFEE-9EC8-4ABD-A89C-7ABCF977FBC6} - System32\Tasks\{2517B75F-59B6-40E8-83DA-494CD712841E} => pcalua.exe -a C:\ProgramData\FlashBeat\SoftConfigTest.exe
Task: {FF967F5C-F8B1-4AE8-B2F2-D24594F0704B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0e826fa18e252.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-20 09:37 - 2015-08-11 05:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-03-03 18:17 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-09-07 21:23 - 2015-08-18 03:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-07 21:23 - 2015-08-18 03:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-24 13:05 - 2015-08-11 23:15 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2009-01-21 19:45 - 2009-01-21 19:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2009-08-19 13:25 - 2009-08-19 13:25 - 01589208 _____ () C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
2015-10-07 17:38 - 2015-10-07 17:38 - 08395776 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.10.5.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-10-07 17:38 - 2015-10-07 17:38 - 02311680 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.10.5.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-08-13 14:53 - 2015-08-02 21:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-20 09:37 - 2015-08-11 04:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-13 14:53 - 2015-08-02 21:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-20 09:37 - 2015-08-11 05:10 - 00293376 _____ () C:\WINDOWS\SYSTEM32\textinputframework.dll
2012-09-01 16:14 - 2012-02-23 15:57 - 00022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2014-06-15 23:40 - 2014-06-15 23:40 - 02124256 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll
2014-06-15 23:39 - 2014-06-15 23:39 - 07422144 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll
2014-06-15 23:39 - 2014-06-15 23:39 - 02453696 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll
2014-06-15 23:39 - 2014-06-15 23:39 - 00794816 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll
2014-06-15 23:39 - 2014-06-15 23:39 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll
2014-06-15 23:39 - 2014-06-15 23:39 - 00192704 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll
2011-02-15 14:37 - 2011-02-15 14:37 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-02-15 14:37 - 2011-02-15 14:37 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-02-15 14:36 - 2011-02-15 14:36 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2015-08-07 20:38 - 2015-08-07 20:38 - 00169984 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c481f8491232123e86ffb7cccffebdfb\IsdiInterop.ni.dll
2011-04-06 16:15 - 2010-09-13 21:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2011-02-22 13:01 - 2011-02-22 13:01 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-01 16:14 - 2010-08-22 20:01 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2012-09-01 16:14 - 2010-08-22 20:01 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2012-09-01 16:14 - 2010-08-22 20:01 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2012-09-01 16:14 - 2010-08-22 20:01 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2012-09-01 16:14 - 2010-08-22 19:32 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2012-09-01 16:14 - 2012-02-23 15:19 - 00669696 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2015-07-23 10:26 - 2015-07-23 10:26 - 00122024 _____ () C:\Program Files\Microsoft Office 15\root\Office15\JitV.dll
2014-11-22 14:15 - 2014-11-22 14:15 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll
AlternateDataStreams: C:\3089b6a24ef724d145:Win32App
AlternateDataStreams: C:\318cab8197d210aa5c5e:Win32App
AlternateDataStreams: C:\419a2caadd4290847864:Win32App
AlternateDataStreams: C:\4f4fa18d4dd8f99f0ea6a6420281251a:Win32App
AlternateDataStreams: C:\65b66254bc6a4f7c7497ac9d8307:Win32App
AlternateDataStreams: C:\776e24d3f6aba141bb9c83b3fe63ae77:Win32App
AlternateDataStreams: C:\b9c13b78d128895b6e52:Win32App
AlternateDataStreams: C:\bd9118d39e1f207ee9cd6dcd0939:Win32App
AlternateDataStreams: C:\be8106b9bc95323fd268ba6235ad69:Win32App
AlternateDataStreams: C:\DOLBY PCEE4:Win32App
AlternateDataStreams: C:\Program Files\Bonjour:Win32App
AlternateDataStreams: C:\Program Files\Broadcom:Win32App
AlternateDataStreams: C:\Program Files\iTunes:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Security Client:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App
AlternateDataStreams: C:\Program Files (x86)\Acer Games:Win32App
AlternateDataStreams: C:\Program Files (x86)\Apple Software Update:Win32App
AlternateDataStreams: C:\Program Files (x86)\Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App
AlternateDataStreams: C:\Program Files (x86)\Broadcom:Win32App
AlternateDataStreams: C:\Program Files (x86)\EgisTec MyWinLocker:Win32App
AlternateDataStreams: C:\Program Files (x86)\EgisTec MyWinLockerSuite:Win32App
AlternateDataStreams: C:\Program Files (x86)\EgisTec Shredder:Win32App
AlternateDataStreams: C:\Program Files (x86)\Itibiti Soft Phone:Win32App
AlternateDataStreams: C:\Program Files (x86)\Launch Manager:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App
AlternateDataStreams: C:\Program Files (x86)\newsXpresso:Win32App
AlternateDataStreams: C:\Program Files (x86)\QuickTime:Win32App
AlternateDataStreams: C:\Program Files (x86)\System Cleaner Pro:Win32App
AlternateDataStreams: C:\Program Files (x86)\Times Reader:Win32App
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App
AlternateDataStreams: C:\Program Files (x86)\WinRAR:Win32App
AlternateDataStreams: C:\WINDOWS\SysWOW64:Win32App
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rncmaqih.sys:changelist
AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App
AlternateDataStreams: C:\Users\Wendy\Desktop\REC:Win32App
AlternateDataStreams: C:\Users\Wendy\AppData\Local\Temp:Win32App
==================== Internet Explorer trusted/restricted ===============
==================== Other Areas ============================
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
HKLM\...\StartupApproved\Run: => "shopperz1208201564"
HKLM\...\StartupApproved\Run32: => "SmartWeb"
HKLM\...\StartupApproved\Run32: => "gmsd_us_005010068"
HKLM\...\StartupApproved\Run32: => "YTDownloader"
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\...\StartupApproved\StartupFolder: => "crossbrowse.lnk"
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\...\StartupApproved\StartupFolder: => "SmartWeb.lnk"
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C2B59C6CEFF9726828003DBE1F6BF7E2"
HKU\S-1-5-21-2389695071-1928321251-2773591669-1000\...\StartupApproved\Run: => "YTDownloader"
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{3DB77488-D00C-4AEF-A1B6-5346B57DB9E6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [UDP Query User{F581FA8E-90AB-414B-83CC-2D2CCAD4BC7F}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{B764241D-551B-463F-96DB-5DF56FADFC33}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{3251DACF-D388-4E6C-A220-B8AA88D4ACF7}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{2C2F53D6-AA3E-49F5-AD08-4F88AB3BAEB6}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{A9AE3580-6D0F-4D5C-9DA4-867C776CA1C9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F9AC5A3F-EDD1-48C1-B69F-D620E7EDEFBC}] => (Allow) LPort=1900
FirewallRules: [{70C72209-A639-4527-AA42-7D4763163A35}] => (Allow) LPort=2869
FirewallRules: [{B7E50A7B-8687-4FC1-9CFD-8B618353F45C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4E55DA83-AED6-4EFD-B252-0B032CAE8896}] => (Allow) C:\Users\Wendy\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{53D69301-BF2D-4C70-9264-281F3F081404}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [UDP Query User{5EDD340E-005F-4D94-AC4C-AA47AA88882F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{DDE6527E-4BBD-4C47-ACF1-39B2E90C131C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{262B95DF-BA2C-43C4-947F-F099F94F80A9}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{A0A27374-FE0D-41EE-928F-9727C5476EED}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{C827F6CA-70DB-4677-B48C-A4313DE3CCCC}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{6B53BBB4-DD3D-41AF-A40B-905B9538724F}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{AA9AA1EA-8F9B-4534-94FF-EC75CEDD2442}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{508B16B2-32B0-4DC7-86FF-6A7EF77F0C56}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{89F0035A-49CD-4689-9C7F-02187E40C343}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{65C4E871-F869-44F2-BD1C-362A936973BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{798BF025-6514-4D74-B137-B5FC656DBA8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{18C0A254-8AE6-4923-A137-4C11EA503C32}] => (Allow) LPort=4482
FirewallRules: [{D5CF7AB0-CDA3-433D-B405-3ADF78221863}] => (Allow) LPort=4482
FirewallRules: [{72CA7657-64C0-4511-820A-5F009D1EF9A5}] => (Allow) LPort=4481
FirewallRules: [{6E0A5D7C-7FF2-4212-B67B-6984D7BFC08C}] => (Allow) LPort=4481
FirewallRules: [{55B275CA-5713-4412-807C-C06DE5D2E50A}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{57B69D87-95F7-42AB-BE3A-5398B35B5C14}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{7E013D39-8398-4810-98DA-55A38296AF9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2B419DC0-AE11-45D8-9FB3-C1CA4BCEDC9C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe
FirewallRules: [{CE798B7B-3CF3-4CF7-84D2-1FA194BC1FED}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe
FirewallRules: [{FD6BD230-5815-46DA-8154-DC1B853F1D98}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{344655B9-671D-47F9-B842-10575BA65E89}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{C0E5225C-B739-4A34-9D3B-697DA31A9AE6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{65C478B0-25D6-4FDF-9501-31A2158DDAE9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{F092A236-2A7F-4E8F-A736-C2F3BF2170C8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{68B9BC7C-2F2C-4607-A754-DAFA26D9744A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{DDD8EC91-FF64-42C6-BE3C-18A2065BFF88}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{C4E00E0C-3DF3-454E-BD03-C0E845228F66}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{4431C433-B35C-45E4-A8DE-86FC541A6304}] => (Allow) C:\Torrentex\Torrentex.exe
FirewallRules: [{2ABAA82A-9A6B-4991-9150-EE6249CCCCB5}] => (Allow) C:\Torrentex\Torrentex.exe
FirewallRules: [{155E6D08-9385-4385-AF1E-7FBAAD1D5EA9}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [{ADF7AED6-F76B-4994-AC07-C59B8822209F}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [{1F48D41A-7AA7-4D70-A5A9-02C80576659B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe
FirewallRules: [{E8F5EF16-F369-454A-982D-9FC44CC2B1EB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe
==================== Event log errors: =========================
==================
Error: (10/09/2015 11:37:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Description: Local Hostname Notebook.local already in use; will try Notebook-2.local instead
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Notebook.local. Addr 10.0.0.3
Description: mDNSCoreReceiveResponse: Received from 10.0.0.3:5353 16 Notebook.local. AAAA 2601:0085:4500:12C0:0000:0000:0000:0005
Description: The program HxMail.exe version 16.0.6224.4228 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Description: Package microsoft.windowscommunicationsapps_17.6224.42281.0_x64__8wekyb3d8bbwe+microsoft.windowslive.mail was terminated because it took too long to suspend.
Description: Information only.
The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.
Description: Faulting application name: BelkinSetup.exe, version: 4.1.0.25491, time stamp: 0x4f46b479
Faulting module name: KERNELBASE.dll, version: 10.0.10240.16384, time stamp: 0x559f3b2a
Exception code: 0xc06d007e
Fault offset: 0x000b3e28
Faulting process id: 0x1ef0
Faulting application start time: 0xBelkinSetup.exe0
Faulting application path: BelkinSetup.exe1
Faulting module path: BelkinSetup.exe2
Report Id: BelkinSetup.exe3
Faulting package full name: BelkinSetup.exe4
Faulting package-relative application ID: BelkinSetup.exe5
Description: Information only.
The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.
System errors:
=============
Error: (10/06/2015 08:17:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NotebookWendyS-1-5-21-2389695071-1928321251-2773591669-1000LocalHost (Using LRPC)Microsoft.WindowsStore_2015.9.9.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}
Description: The Intel® Management and Security Application User Notification Service service depends on the Intel® Management and Security Application Local Management Service service which failed to start because of the following error:
%%1053
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error:
%%1053
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Management and Security Application Local Management Service service to connect.
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error:
%%1053
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Management and Security Application Local Management Service service to connect.
Description: The Net.Msmq Listener Adapter service failed to start due to the following error:
%%1053
CodeIntegrity:
===================================
Date: 2015-10-09 22:38:12.203
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Percentage of memory in use: 68%
Total physical RAM: 3947.86 MB
Available physical RAM: 1245.29 MB
Total Virtual: 7915.86 MB
Available Virtual: 4859.45 MB
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 526033AE)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS)
Edited by mistywjd, 10 October 2015 - 12:00 PM.