A friend came to me to see and asked if I would take a look at her PC. I asked her to tell me as completely as she could what happened, so this is what I have;
She has a Kodak digital camera, and was trying to download the newest version of Kodak Easy Share software when a window that she didn't recognize popped up. She doesn't remember what it said, but she closed it. Later that day her husband was trying to log on to rtsports.com and they started seeing a bunch of different popups and things flashing and other assorted weird behaviors. She restarted the PC, and then ran an AV scan (McAfee) when it came back up that did not show any problems, but did show that it quarantined a few files. After that she thought she was good.
Judging from the programs on the PC, it looks like a few things were installed on November 1st, so I assume that is when this all went down.
A little while later she had a blue screen pop up that looked similar to a BSOD with a number to call. She called the number and let a technician who said he was from Microsoft connect in. She said she could not follow what all he was doing, but that he told her she had many issues. As soon as he told her that she would have to pay him to clean everything up, she disconnected it from the internet. At the time she brought it to me, It had not been connected again. I have it now, and it is not connected at this point.
I explained to her as plainly as I could how these scams work, but I really couldn't give her a good answer on what caused the original infection or issue. She asked me if I could just get it back to normal for her.
The PC is an Acer touch screen all in one, with 4 GB of RAM, running Windows 8.1. Below are the results from running FRST64.exe.
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-11-2015
Ran by Shawn&Stacy (administrator) on HOMECOMPUTER (04-11-2015 17:01:15)
Running from E:\Stacy PC
Loaded Profiles: Shawn&Stacy (Available Profiles: Shawn&Stacy & Shawn & Guest)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
() C:\Users\Shawn&Stacy\AppData\Local\Crsoft\crsvc.exe
() C:\Program Files (x86)\DCE8D5F2-1446302749-11E3-BA14-F80F41B551A7\knsqBC8F.tmp
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
() C:\Users\Shawn&Stacy\AppData\Roaming\NetService\netservice.exe
() C:\Windows\SysWOW64\OSDSrv\OSDSrv.exe
() C:\Program Files (x86)\DCE8D5F2-1446302749-11E3-BA14-F80F41B551A7\hnsl1934.tmp
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
(FlashBeat) C:\ProgramData\FlashBeat\FlashBeat.exe
(FlashBeat) C:\ProgramData\FlashBeat\FlashBeat.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
() C:\Users\Shawn&Stacy\AppData\Local\gmsd_us_005010133\upgmsd_us_005010133.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Screen Grasp\GestureDetection.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
() C:\Users\Public\Documents\windows.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
() C:\Users\Public\Documents\windows.exe
(Acer) C:\Windows\SysWOW64\OSDSrv\OSDApp.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\gmsd_us_005010133\gmsd_us_005010133.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
() C:\Users\Shawn&Stacy\AppData\Roaming\DailyWiki\DailyWiki.exe
() C:\Users\Shawn&Stacy\AppData\Roaming\DailyWiki\DailyWiki.exe
() C:\Users\Shawn&Stacy\AppData\Roaming\DailyWiki\DailyWiki.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.6.1180.0\McCSPServiceHost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\Core\mchost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM-x32\...\Run: [OSDAPP] => C:\Windows\SysWOW64\OSDSrv\OSDApp.exe [2054656 2013-05-16] (Acer)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-09-16] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [385024 2008-01-31] (Apple Inc.)
HKLM-x32\...\Run: [popup] => C:\windows\SysWOW64\MyTrayApp.exe [14336 2015-09-09] (Microsoft)
HKLM-x32\...\Run: [gmsd_us_005010132] => [X]
HKLM-x32\...\Run: [gmsd_us_005010133] => C:\Program Files (x86)\gmsd_us_005010133\gmsd_us_005010133.exe [3972784 2015-11-01] ()
HKLM-x32\...\Run: [DailyWiki] => C:\Users\Shawn&Stacy\AppData\Roaming\DailyWiki\DailyWiki.exe [48673472 2015-10-13] ()
HKLM-x32\...\RunOnce: [upgmsd_us_005010133.exe] => C:\Users\Shawn&Stacy\AppData\Local\gmsd_us_005010133\upgmsd_us_005010133.exe [3332784 2015-11-01] ()
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732448 2015-10-15] (Acer)
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\Run: [DV] => C:\ProgramData\DataFile\Downloads\DV.exe [277504 2015-09-04] ()
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\Run: [Wixkv] => C:\ProgramData\DataFile\DV.exe [283648 2015-11-01] ()
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\Run: [Application] => C:\Users\Public\Documents\windows.exe [7601110 2015-09-27] ()
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\MountPoints2: {d7cfe58a-9aea-11e3-8250-806e6f6e6963} - "D:\Setup.exe"
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-09-16] ()
AppInit_DLLs: C:\ProgramData\FlashBeat\FlashBeat64.dll => C:\ProgramData\FlashBeat\FlashBeat64.dll [989696 2015-09-27] (FlashBeat)
AppInit_DLLs-x32: C:\ProgramData\FlashBeat\FlashBeat32.dll => C:\ProgramData\FlashBeat\FlashBeat32.dll [755200 2015-09-27] (FlashBeat)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-14] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-14] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-14] (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk [2014-09-22]
ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare software.lnk [2015-07-25]
ShortcutTarget: Kodak EasyShare software.lnk -> C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\Localadsiw.dll [283496 2015-10-31] ()
Winsock: Catalog9 02 C:\Windows\SysWOW64\Localadsiw.dll [283496 2015-10-31] ()
Winsock: Catalog9 03 C:\Windows\SysWOW64\Localadsiw.dll [283496 2015-10-31] ()
Winsock: Catalog9 04 C:\Windows\SysWOW64\Localadsiw.dll [283496 2015-10-31] ()
Winsock: Catalog9 05 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-31] (Lavasoft Limited)
Winsock: Catalog9 06 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-31] (Lavasoft Limited)
Winsock: Catalog9 07 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-31] (Lavasoft Limited)
Winsock: Catalog9 08 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-31] (Lavasoft Limited)
Winsock: Catalog9 20 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-31] (Lavasoft Limited)
Winsock: Catalog9 21 C:\Windows\SysWOW64\Localadsiw.dll [283496 2015-10-31] ()
Winsock: Catalog9-x64 01 C:\Windows\system32\Localadsiw64.dll [353640 2015-10-31] ()
Winsock: Catalog9-x64 02 C:\Windows\system32\Localadsiw64.dll [353640 2015-10-31] ()
Winsock: Catalog9-x64 03 C:\Windows\system32\Localadsiw64.dll [353640 2015-10-31] ()
Winsock: Catalog9-x64 04 C:\Windows\system32\Localadsiw64.dll [353640 2015-10-31] ()
Winsock: Catalog9-x64 05 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-31] (Lavasoft Limited)
Winsock: Catalog9-x64 06 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-31] (Lavasoft Limited)
Winsock: Catalog9-x64 07 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-31] (Lavasoft Limited)
Winsock: Catalog9-x64 08 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-31] (Lavasoft Limited)
Winsock: Catalog9-x64 20 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-31] (Lavasoft Limited)
Winsock: Catalog9-x64 21 C:\Windows\system32\Localadsiw64.dll [353640 2015-10-31] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2CD635BC-E781-4274-B67C-F70D05666F27}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.tohotweb.com?oem=sunadusv3&uid=S2ANG3CL_ST500DM002-1BD142&tm=1446414608
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.tohotweb.com?oem=sunadusv3&uid=S2ANG3CL_ST500DM002-1BD142&tm=1446414608
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.tohotweb.com?oem=sunadusv3&uid=S2ANG3CL_ST500DM002-1BD142&tm=1446414608
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1384006192-1193351791-2402037821-1001 -> DefaultScope {FC657D0B-7E98-44D7-B45D-496A95A05471} URL = hxxp://www-searching.com/search.aspx?s=FB1ztutbl011,27728558-f312-4ba6-87db-f8177ba16063&site=shyosie&prd=set&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1384006192-1193351791-2402037821-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D103115-AB747CC590BEC44CD91F&form=CONBDF&conlogo=CT3330962&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1384006192-1193351791-2402037821-1001 -> {30E9E740-D162-11E4-8278-28E347809B30} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1384006192-1193351791-2402037821-1001 -> {7817E5E7-AA31-11E4-8273-28E347809B30} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1384006192-1193351791-2402037821-1001 -> {AA6B1CEC-2D28-46D3-88F5-DA9E49ADFF11} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US662D20140703&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1384006192-1193351791-2402037821-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1384006192-1193351791-2402037821-1001 -> {FC657D0B-7E98-44D7-B45D-496A95A05471} URL = hxxp://www-searching.com/search.aspx?s=FB1ztutbl011,27728558-f312-4ba6-87db-f8177ba16063&site=shyosie&prd=set&q={searchTerms}
BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2014-09-22] (McAfee)
BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll [2014-09-22] (McAfee)
Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2014-09-22] (McAfee)
Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll [2014-09-22] (McAfee)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-10-27] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-10-27] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-10-27] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-10-27] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-08-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-08-21] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe www.tohotweb.com?oem=sunadusv3&uid=S2ANG3CL_ST500DM002-1BD142&tm=1446414608
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-28] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-28] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2015-01-03] ()
FF Plugin HKU\S-1-5-21-1384006192-1193351791-2402037821-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Shawn&Stacy\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-03] (Citrix Online)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-10-21]
FF HKLM\...\Firefox\Extensions: [{9DBE6922-419B-4936-84AE-4D1FE3A06BAC}] - C:\Program Files\shopperz311020151629\Firefox\{9DBE6922-419B-4936-84AE-4D1FE3A06BAC}.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{9DBE6922-419B-4936-84AE-4D1FE3A06BAC}] - C:\Program Files\shopperz311020151629\Firefox\{9DBE6922-419B-4936-84AE-4D1FE3A06BAC}.xpi => not found
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-08-14] [not signed]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-11-01]
CHR HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-11-01]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows ® Win 7 DDK provider) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-09-09] (Acer Incorporated)
R2 Crashhd; C:\Users\Shawn&Stacy\AppData\Local\Crsoft\crsvc.exe [185800 2015-09-24] () [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-01-03] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 jofoqyze; C:\Program Files (x86)\DCE8D5F2-1446302749-11E3-BA14-F80F41B551A7\knsqBC8F.tmp [460800 2015-11-01] () [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-10-27] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-21] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe [1694152 2015-09-01] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 NetTcpHandler; C:\Users\Shawn&Stacy\AppData\Roaming\NetService\netservice.exe [173088 2015-07-08] () [File not signed]
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 OSDSrv; C:\Windows\SysWOW64\OSDSrv\OSDSrv.exe [220672 2013-05-08] () [File not signed]
R2 qymylofy; C:\Program Files (x86)\DCE8D5F2-1446302749-11E3-BA14-F80F41B551A7\hnsl1934.tmp [624640 2015-10-31] () [File not signed]
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346416 2015-10-27] (ShopperPro)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3855872 2013-09-10] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [56736 2015-10-31] (Windows ® Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-10-27] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 PQAWRwa; C:\Windows\SysWOW64\OSDSrv\PQAWDrv.sys [10464 2011-09-08] () [File not signed]
R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [29912 2013-07-18] (Realtek semiconductor corp)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41632 2015-10-27] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S1 swsedrvr_vw_1_10_0_25; system32\drivers\swsedrvr_vw_1_10_0_25.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-04 17:00 - 2015-11-04 17:01 - 00000000 ____D C:\FRST
2015-11-03 14:29 - 2015-11-03 14:29 - 00006958 _____ C:\Users\SHAWNmgn_service-remove_00.log
2015-11-03 14:29 - 2015-11-03 14:29 - 00001627 _____ C:\Users\Shawn\g2ax_uninstaller_customer.log
2015-11-03 14:29 - 2015-11-03 14:29 - 00001185 _____ C:\Users\SHAWNmgn_service-force_shutdown_00.log
2015-11-03 14:16 - 2015-11-03 14:29 - 00304606 _____ C:\Users\SHAWNGoToAssist Remote Support Customer_00.LOG
2015-11-03 14:16 - 2015-11-03 14:29 - 00004604 _____ C:\Users\SHAWNmgn_service-service_00.log
2015-11-03 14:16 - 2015-11-03 14:16 - 00007348 _____ C:\Users\SHAWNmgn_service-install_manual_00.log
2015-11-03 14:16 - 2015-11-03 14:16 - 00001438 _____ C:\Users\SHAWNmgn_service-start_session_00.log
2015-11-03 14:15 - 2015-11-03 14:29 - 00000000 ____D C:\Program Files (x86)\Citrix
2015-11-03 14:15 - 2015-11-03 14:15 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Local\Citrix
2015-11-01 20:18 - 2015-11-04 16:46 - 00003750 _____ C:\Windows\System32\Tasks\Inst_Rep
2015-11-01 19:35 - 2015-11-03 14:00 - 00000010 _____ C:\Users\Public\Documents\test.txt
2015-11-01 19:34 - 2015-11-04 16:32 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Local\gmsd_us_005010133
2015-11-01 19:34 - 2015-11-01 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
2015-11-01 19:33 - 2015-11-04 16:30 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Local\DailyWiki
2015-11-01 19:33 - 2015-11-01 19:34 - 00001360 _____ C:\Windows\unins000.dat
2015-11-01 19:33 - 2015-11-01 19:33 - 00929953 _____ C:\Windows\unins000.exe
2015-11-01 19:33 - 2015-11-01 19:33 - 00004272 _____ C:\Windows\System32\Tasks\F6E70F42-AA4B-47A7-9CC8-E592976436A7
2015-11-01 19:33 - 2015-11-01 19:33 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DailyWiki
2015-11-01 19:33 - 2015-11-01 19:33 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Roaming\DailyWiki
2015-11-01 19:33 - 2015-11-01 19:33 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Local\F6E70F42-AA4B-47A7-9CC8-E592976436A7
2015-11-01 19:33 - 2015-11-01 19:33 - 00000000 ____D C:\Program Files (x86)\MyRegCleaner
2015-11-01 19:33 - 2015-11-01 19:33 - 00000000 ____D C:\Program Files (x86)\CinePlus-1.44V01.11
2015-11-01 19:33 - 2015-09-27 23:48 - 07601110 _____ C:\Users\Public\Documents\windows.exe
2015-11-01 19:30 - 2015-11-01 19:31 - 00000000 ___HD C:\$Windows.~BT
2015-11-01 18:55 - 2015-11-01 18:55 - 00000485 _____ C:\Users\Shawn&Stacy\Desktop\Administrative Tools - Shortcut.lnk
2015-11-01 18:28 - 2015-11-01 18:28 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Local\Google
2015-11-01 18:07 - 2015-11-01 18:21 - 00000000 ____D C:\Users\Shawn\AppData\Local\WebBar
2015-11-01 18:04 - 2015-11-01 18:04 - 00000000 ____D C:\Users\Shawn\AppData\Roaming\PCAcceleratePro
2015-11-01 18:04 - 2015-11-01 18:04 - 00000000 ____D C:\Users\Shawn\AppData\Roaming\InstantSupport
2015-11-01 15:17 - 2015-11-01 15:17 - 00000008 _____ C:\END
2015-11-01 15:14 - 2015-11-01 18:32 - 00003790 _____ C:\Windows\System32\Tasks\SecurityApps2
2015-11-01 15:13 - 2015-11-01 19:34 - 00000000 ____D C:\Program Files (x86)\gmsd_us_005010133
2015-11-01 15:13 - 2015-11-01 15:13 - 00000000 ____D C:\Program Files (x86)\PCAPDownloader
2015-11-01 14:50 - 2015-11-01 14:50 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Roaming\shortCutStore
2015-11-01 14:50 - 2015-11-01 14:50 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Local\Crsoft
2015-11-01 14:45 - 2015-11-01 14:45 - 00000000 ____D C:\ProgramData\Radio
2015-11-01 13:48 - 2015-11-01 13:48 - 00002393 _____ C:\Users\Shawn&Stacy\Desktop\BrowserAir.lnk
2015-11-01 13:48 - 2015-11-01 13:48 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserAir
2015-11-01 13:47 - 2015-11-01 13:48 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Local\BrowserAir
2015-11-01 13:47 - 2015-11-01 13:47 - 00004282 _____ C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_313335333032383432342d324a574123346c2a556c2a5a
2015-11-01 13:47 - 2015-11-01 13:47 - 00000000 ____D C:\ProgramData\ShopperPro
2015-11-01 13:46 - 2015-11-01 13:47 - 00000000 ____D C:\Program Files\Common Files\ShopperPro
2015-11-01 13:46 - 2015-11-01 13:47 - 00000000 ____D C:\Program Files (x86)\ShopperPro
2015-11-01 13:46 - 2015-11-01 13:46 - 00004430 _____ C:\Windows\System32\Tasks\Installer_smknnodesk
2015-11-01 13:46 - 2015-11-01 13:46 - 00000000 ____D C:\Users\Public\Documents\ShopperPro
2015-11-01 11:55 - 2015-11-01 11:55 - 00000000 ____D C:\Users\Shawn\AppData\Local\TVTime
2015-11-01 11:54 - 2015-11-01 11:54 - 00000000 ____D C:\ProgramData\Browser
2015-10-31 08:04 - 2015-11-04 16:34 - 00000000 ____D C:\ProgramData\Ruwsiawi
2015-10-31 08:02 - 2015-10-31 08:02 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-10-31 08:01 - 2015-10-31 08:01 - 00004228 _____ C:\Windows\System32\Tasks\A282C480-6087-4AB1-A04A-7C7516C6330
2015-10-31 08:01 - 2015-10-31 08:01 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Local\A282C480-6087-4AB1-A04A-7C7516C6330
2015-10-31 08:00 - 2015-11-04 17:00 - 00003172 _____ C:\Windows\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-1-7.job
2015-10-31 08:00 - 2015-11-04 17:00 - 00003172 _____ C:\Windows\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-1-6.job
2015-10-31 08:00 - 2015-11-04 17:00 - 00002146 _____ C:\Windows\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-10_user.job
2015-10-31 08:00 - 2015-11-04 16:29 - 00002480 _____ C:\Windows\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-5_user.job
2015-10-31 08:00 - 2015-11-04 16:29 - 00002480 _____ C:\Windows\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-5.job
2015-10-31 08:00 - 2015-10-31 08:00 - 00006184 _____ C:\Windows\System32\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-1-7
2015-10-31 08:00 - 2015-10-31 08:00 - 00006184 _____ C:\Windows\System32\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-1-6
2015-10-31 08:00 - 2015-10-31 08:00 - 00005492 _____ C:\Windows\System32\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-5
2015-10-31 08:00 - 2015-10-31 08:00 - 00003620 _____ C:\Windows\System32\Tasks\GoogleUp
2015-10-31 08:00 - 2015-10-31 08:00 - 00003612 _____ C:\Windows\System32\Tasks\import
2015-10-31 08:00 - 2015-10-31 08:00 - 00003610 _____ C:\Windows\System32\Tasks\impo
2015-10-31 08:00 - 2015-10-31 08:00 - 00003502 _____ C:\Windows\System32\Tasks\Googleuptodate
2015-10-31 08:00 - 2015-10-31 08:00 - 00003494 _____ C:\Windows\System32\Tasks\MyDailyBackup
2015-10-31 08:00 - 2015-10-31 08:00 - 00003490 _____ C:\Windows\System32\Tasks\win
2015-10-31 08:00 - 2015-10-31 08:00 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Roaming\dlg
2015-10-31 08:00 - 2015-10-31 08:00 - 00000000 ____D C:\Program Files (x86)\CinePlus-1.44V31.10
2015-10-31 07:59 - 2015-11-01 18:32 - 00000000 ____D C:\ProgramData\DataFile
2015-10-31 07:58 - 2015-11-01 14:50 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Roaming\RunDir
2015-10-31 07:58 - 2015-11-01 14:40 - 00004792 _____ C:\Windows\SysWOW64\Localadsiw.ini
2015-10-31 07:58 - 2015-11-01 14:40 - 00002504 _____ C:\Windows\SysWOW64\LocaladsiwOff.ini
2015-10-31 07:58 - 2015-11-01 14:40 - 00002504 _____ C:\Windows\system32\LocaladsiwOff.ini
2015-10-31 07:58 - 2015-10-31 07:58 - 00003362 _____ C:\Windows\System32\Tasks\Gelomo
2015-10-31 07:58 - 2015-10-31 07:58 - 00000000 ____D C:\Windows\system32\sek
2015-10-31 07:58 - 2015-10-31 07:58 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Roaming\ortmp
2015-10-31 07:58 - 2015-10-31 07:58 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Roaming\NetService
2015-10-31 07:58 - 2015-10-31 07:58 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Local\Tempfolder
2015-10-31 07:58 - 2015-10-31 07:31 - 00353640 _____ C:\Windows\system32\Localadsiw64.dll
2015-10-31 07:58 - 2015-10-31 07:30 - 00283496 _____ C:\Windows\SysWOW64\Localadsiw.dll
2015-10-31 07:57 - 2015-11-01 15:01 - 00000000 ____D C:\Program Files\shopperz311020151629
2015-10-31 07:57 - 2015-10-31 07:57 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\LocalLow\Company
2015-10-31 07:57 - 2015-10-31 07:57 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2015-10-31 07:57 - 2015-10-31 07:57 - 00000000 ____D C:\uninst
2015-10-31 07:56 - 2015-11-04 16:29 - 00000368 _____ C:\Windows\Tasks\DGPUOYA1.job
2015-10-31 07:56 - 2015-10-31 07:56 - 00002890 _____ C:\Windows\System32\Tasks\DGPUOYA1
2015-10-31 07:56 - 2015-10-31 07:56 - 00000000 ____D C:\ProgramData\Service1291
2015-10-31 07:56 - 2015-10-31 07:56 - 00000000 ____D C:\ProgramData\FlashBeat
2015-10-31 07:56 - 2015-10-31 07:56 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-10-31 07:46 - 2015-11-01 14:44 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Local\DCE8D5F2-1446281210-11E3-BA14-F80F41B551A7
2015-10-31 07:46 - 2013-08-22 06:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-31 07:45 - 2015-11-01 13:55 - 00000000 ____D C:\Program Files (x86)\DCE8D5F2-1446302749-11E3-BA14-F80F41B551A7
2015-10-31 07:45 - 2015-10-31 07:45 - 00000000 ____D C:\Users\Shawn&Stacy\Documents\DailyPCClean
2015-10-31 07:44 - 2015-11-01 14:56 - 00000000 ____D C:\Program Files (x86)\DailyPcClean Support
2015-10-31 07:43 - 2015-11-01 15:22 - 00000158 _____ C:\prefs.js
2015-10-31 07:43 - 2015-10-31 07:43 - 00000000 ____D C:\searchplugins
2015-10-31 07:42 - 2015-11-01 14:39 - 00002976 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-10-31 07:42 - 2015-11-01 14:39 - 00002976 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-10-31 07:42 - 2015-10-31 07:42 - 00425744 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-10-31 07:42 - 2015-10-31 07:42 - 00345360 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-10-31 07:42 - 2015-10-31 07:42 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-10-31 07:39 - 2015-10-31 07:39 - 00000000 ____D C:\Users\Shawn\AppData\Local\KodakGallery
2015-10-31 07:32 - 2015-10-31 07:57 - 00056736 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\cherimoya.sys
2015-10-31 07:16 - 2015-10-31 07:17 - 00003286 _____ C:\Windows\System32\Tasks\SweetLabs App Platform
2015-10-31 07:16 - 2015-10-31 07:16 - 00000000 ____D C:\Users\Shawn\AppData\Local\SweetLabs App Platform
2015-10-28 16:43 - 2015-11-01 20:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-28 16:43 - 2015-10-28 17:11 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-28 16:40 - 2015-10-28 16:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2015-10-26 03:29 - 2015-10-26 03:29 - 00002005 _____ C:\Users\Public\Desktop\abPhoto.lnk
2015-10-22 18:24 - 2015-10-22 18:24 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2015-10-22 18:24 - 2015-10-22 18:24 - 00002028 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-10-22 18:19 - 2015-10-22 18:19 - 00001969 _____ C:\Users\Public\Desktop\abDocs.lnk
2015-10-16 03:24 - 2015-09-18 20:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-16 03:24 - 2015-09-18 06:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-16 03:24 - 2015-09-18 06:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-16 03:24 - 2015-09-18 06:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-16 03:24 - 2015-09-18 06:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-16 03:24 - 2015-09-18 06:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-16 03:24 - 2015-09-18 06:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-14 07:22 - 2015-10-15 21:51 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-14 07:22 - 2015-10-15 21:51 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 06:52 - 2015-09-29 05:31 - 07457624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 06:52 - 2015-09-29 05:31 - 01658536 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 06:52 - 2015-09-29 05:31 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-14 06:52 - 2015-09-29 05:31 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 06:52 - 2015-09-29 05:31 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-14 06:52 - 2015-09-24 09:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-10-14 06:52 - 2015-09-24 09:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-10-14 06:52 - 2015-08-26 19:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 06:52 - 2015-08-26 19:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 06:52 - 2015-08-07 14:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 06:52 - 2015-08-07 14:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 06:52 - 2015-08-07 14:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 06:52 - 2015-08-07 14:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-14 06:52 - 2015-08-07 14:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-14 06:52 - 2015-08-07 07:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 06:52 - 2015-08-06 10:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-10-14 06:52 - 2015-08-06 09:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-14 06:52 - 2015-08-06 09:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-10-14 06:52 - 2015-08-06 09:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-10-14 06:51 - 2015-09-29 05:29 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 06:51 - 2015-09-28 11:45 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 06:51 - 2015-09-28 11:26 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-10-14 06:51 - 2015-09-28 11:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 06:51 - 2015-09-28 11:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 06:51 - 2015-09-28 11:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 06:51 - 2015-09-28 11:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 06:51 - 2015-09-28 11:22 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 06:51 - 2015-09-28 11:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 06:51 - 2015-09-28 11:15 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 06:51 - 2015-09-28 11:13 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 06:51 - 2015-09-28 11:12 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 06:51 - 2015-09-10 11:02 - 25851392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 06:51 - 2015-09-10 10:19 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 06:51 - 2015-09-10 10:18 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 06:51 - 2015-09-10 10:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 06:51 - 2015-09-10 10:14 - 05990400 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 06:51 - 2015-09-10 10:09 - 20358144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 06:51 - 2015-09-10 10:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 06:51 - 2015-09-10 10:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 06:51 - 2015-09-10 09:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 06:51 - 2015-09-10 09:39 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 06:51 - 2015-09-10 09:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 06:51 - 2015-09-10 09:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 06:51 - 2015-09-10 09:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 06:51 - 2015-09-10 09:33 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 06:51 - 2015-09-10 09:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-10-14 06:51 - 2015-09-10 09:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 06:51 - 2015-09-10 09:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 06:51 - 2015-09-10 09:24 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 06:51 - 2015-09-10 09:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 06:51 - 2015-09-10 09:19 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 06:51 - 2015-09-10 09:19 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 06:51 - 2015-09-10 09:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 06:51 - 2015-09-10 09:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 06:51 - 2015-09-10 09:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 06:51 - 2015-09-10 09:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 06:51 - 2015-09-10 09:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 06:51 - 2015-09-10 09:02 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 06:51 - 2015-09-10 09:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-10-14 06:51 - 2015-09-10 09:00 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 06:51 - 2015-09-10 08:57 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 06:51 - 2015-09-10 08:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 06:51 - 2015-09-10 08:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 06:51 - 2015-09-10 08:55 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 06:51 - 2015-09-10 08:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 06:51 - 2015-09-10 08:45 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 06:51 - 2015-09-10 08:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 06:51 - 2015-09-10 08:31 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 06:51 - 2015-09-10 08:27 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 06:51 - 2015-09-10 08:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 06:51 - 2015-07-16 11:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 06:50 - 2015-08-22 06:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-10 08:04 - 2015-10-10 08:04 - 00000000 ____D C:\Users\Shawn\AppData\Local\Amazon_Services_LLC
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-04 17:02 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-04 16:56 - 2013-09-17 22:55 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-04 16:53 - 2013-08-22 07:46 - 00029079 _____ C:\Windows\setupact.log
2015-11-04 16:46 - 2014-02-21 04:32 - 01238055 _____ C:\Windows\WindowsUpdate.log
2015-11-04 16:39 - 2014-07-03 16:55 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1384006192-1193351791-2402037821-1001
2015-11-04 16:31 - 2014-07-03 16:52 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Local\clear.fi
2015-11-04 16:29 - 2014-07-03 17:40 - 00000000 __RDO C:\Users\Shawn&Stacy\SkyDrive
2015-11-04 16:27 - 2013-09-17 22:48 - 00060568 _____ C:\Windows\PFRO.log
2015-11-04 16:27 - 2013-08-22 07:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-03 17:35 - 2013-08-22 06:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-11-03 14:29 - 2014-07-05 14:02 - 00000000 ____D C:\Users\Shawn
2015-11-02 07:08 - 2014-02-21 04:48 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-11-01 20:20 - 2014-07-03 16:49 - 00000000 ____D C:\Users\Shawn&Stacy
2015-11-01 19:36 - 2013-09-17 23:47 - 00000000 ____D C:\Windows\Panther
2015-11-01 18:34 - 2014-07-03 16:56 - 00003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A89C9A3A-19B4-4FA1-937E-D2CB8095155A}
2015-11-01 18:28 - 2013-08-22 07:44 - 00363320 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-01 18:19 - 2014-07-05 15:03 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{644AD842-6A1E-41E8-A61F-A97471BA9E31}
2015-11-01 18:14 - 2014-07-05 14:29 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1384006192-1193351791-2402037821-1004
2015-11-01 18:04 - 2014-07-05 14:25 - 00000000 ____D C:\Users\Shawn\Documents\Bluetooth Folder
2015-11-01 18:03 - 2014-08-09 18:32 - 00000000 ___DO C:\Users\Shawn\OneDrive
2015-11-01 14:48 - 2014-11-24 18:18 - 00000000 ____D C:\Users\Shawn&Stacy\AppData\Roaming\Skype
2015-11-01 13:54 - 2014-07-03 16:51 - 00000000 ____D C:\Users\Shawn&Stacy\Documents\Bluetooth Folder
2015-10-31 07:58 - 2015-04-16 02:40 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-10-31 07:58 - 2015-04-16 02:39 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-10-31 07:33 - 2014-07-03 16:50 - 00000000 ____D C:\ProgramData\OEM
2015-10-31 07:26 - 2014-07-05 14:25 - 00000000 ____D C:\Users\Shawn\AppData\Local\clear.fi
2015-10-31 07:17 - 2014-07-05 14:02 - 00000000 ____D C:\Users\Shawn\AppData\Local\Pokki
2015-10-31 01:25 - 2013-08-22 06:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-10-26 03:29 - 2013-09-17 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-10-26 03:28 - 2015-07-22 04:20 - 00003352 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2015-10-26 03:28 - 2013-09-17 23:42 - 00000000 ___HD C:\OEM
2015-10-25 01:23 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\AppReadiness
2015-10-22 19:51 - 2014-12-11 18:34 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-22 19:51 - 2014-07-13 13:07 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-22 19:40 - 2013-08-22 08:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-22 18:24 - 2013-09-17 23:02 - 00000000 ____D C:\Program Files (x86)\Acer
2015-10-15 02:50 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\rescache
2015-10-14 07:16 - 2013-08-22 08:36 - 00000000 ___RD C:\Windows\ToastData
2015-10-14 07:00 - 2014-07-05 13:59 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 06:55 - 2014-07-05 13:59 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-10 08:04 - 2015-04-18 06:39 - 00000000 __SHD C:\Users\Shawn\AppData\Local\EmieBrowserModeList
2015-10-10 08:04 - 2014-08-21 06:24 - 00000000 __SHD C:\Users\Shawn\AppData\Local\EmieUserList
2015-10-10 08:04 - 2014-08-21 06:24 - 00000000 __SHD C:\Users\Shawn\AppData\Local\EmieSiteList
2015-10-10 08:02 - 2014-11-27 18:31 - 00000000 __SHD C:\Users\Shawn\AppData\LocalLow\EmieBrowserModeList
2015-10-10 08:02 - 2014-08-21 06:24 - 00000000 __SHD C:\Users\Shawn\AppData\LocalLow\EmieUserList
2015-10-10 08:02 - 2014-08-17 15:46 - 00000000 __SHD C:\Users\Shawn\AppData\LocalLow\EmieSiteList
2015-10-07 04:34 - 2015-04-04 15:09 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-05 19:25 - 2015-04-04 15:09 - 00000000 ___SD C:\Windows\SysWOW64\GWX
==================== Files in the root of some directories =======
2014-09-22 19:15 - 2014-09-22 19:15 - 32372200 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-02-21 04:57 - 2014-02-21 04:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-03 17:03 - 2014-07-03 17:03 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
Some files in TEMP:
====================
C:\Users\Shawn&Stacy\AppData\Local\Temp\3564.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\7.8.20.2-EasyShrx.Dll
C:\Users\Shawn&Stacy\AppData\Local\Temp\8202.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oct1521.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oct22FE.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oct269A.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oct2E14.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oct2E6E.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oct3768.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oct71DE.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oct7239.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oct75E8.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oct76A7.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oct8BB3.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oct927B.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\octB778.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\octB8F7.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\octCA7D.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\octCC39.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\octE914.tmp.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\oprun2973.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Shawn&Stacy\AppData\Local\Temp\SpOrder.dll
C:\Users\Shawn&Stacy\AppData\Local\Temp\UninstallModule.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2015-04-16 02:40] - [2015-10-31 07:58] - 0657920 ____A (Microsoft Corporation) AB885282BC94C27A363E91A1D3CF1354
C:\Windows\SysWOW64\dnsapi.dll
[2015-04-16 02:39] - [2015-10-31 07:58] - 0498688 ____A (Microsoft Corporation) C713C83A39F881353163AC621D2FBEA3
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-24 04:28
==================== End of FRST.txt ============================
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-11-2015
Ran by Shawn&Stacy (2015-11-04 17:03:52)
Running from E:\Stacy PC
Windows 8.1 (X64) (2014-07-03 23:49:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1384006192-1193351791-2402037821-500 - Administrator - Disabled)
Guest (S-1-5-21-1384006192-1193351791-2402037821-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1384006192-1193351791-2402037821-1003 - Limited - Enabled)
Shawn (S-1-5-21-1384006192-1193351791-2402037821-1004 - Limited - Enabled) => C:\Users\Shawn
Shawn&Stacy (S-1-5-21-1384006192-1193351791-2402037821-1001 - Administrator - Enabled) => C:\Users\Shawn&Stacy
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.08.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.05.2001.1 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer PanelOnOff (HKLM-x32\...\{55F2D48B-6022-4722-9B55-47CC4FA7DBD6}) (Version: 1.0.3.822 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.08.2006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Acer Screen Grasp (HKLM-x32\...\{84443E5D-0767-438B-B1C8-6A52FAB2101B}) (Version: 1.01.3004 - Acer Incorporated)
Acer Touch Tools (HKLM\...\{BB1F8130-3CB3-4896-9D28-770DFFFDE59C}) (Version: 1.00.3013 - Acer Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{D32B2CEB-7220-9558-DF92-787B0E715684}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AOL (HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\Pokki_b6e646d11b719eb1b6efa13bd5a9bd1897ee4eb5) (Version: v1.0.3 - Pokki)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.11.2000.2 - Acer Incorporated)
CCScore (x32 Version: 7.00.0000.0001 - EASTMAN KODAK Company) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3323.57 - CyberLink Corp.)
DailyWiki - DailyWiki for Desktop (HKLM-x32\...\DailyWiki) (Version: 5.4.0cm - DailyWiki)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ESSBrwr (x32 Version: 7.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSCDBK (x32 Version: 7.00.0000.0002 - EASTMAN KODAK Company) Hidden
ESScore (x32 Version: 7.00.0000.0008 - EASTMAN KODAK Company) Hidden
ESSgui (x32 Version: 7.00.0000.0002 - EASTMAN KODAK Company) Hidden
ESSini (x32 Version: 7.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSPCD (x32 Version: 7.00.0000.0002 - EASTMAN KODAK Company) Hidden
ESSPDock (x32 Version: 6.03.0001.0004 - EASTMAN KODAK Company) Hidden
ESSSONIC (x32 Version: 6.4.0000.0001 - EASTMAN KODAK Company) Hidden
ESSTOOLS (x32 Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (x32 Version: 7.00.0000.0002 - EASTMAN KODAK Company) Hidden
fflink (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden
FlashBeat (HKLM-x32\...\FlashBeat) (Version: - ) <==== ATTENTION
FlextimePlayer1.0.3 (HKLM-x32\...\{AEAC4397-9CE9-4DCE-850C-8E0AF7728DDF}) (Version: 1.0.3 - south-star)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 9.2.0.11 - WildTangent, Inc.)
GamesDesktop 025.005010133 (HKLM-x32\...\gmsd_us_005010133_is1) (Version: - GAMESDESKTOP) <==== ATTENTION
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\Pokki) (Version: 0.269.7.698 - Pokki)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8101 - Acer Incorporated)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
kgcbaby (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgcbase (x32 Version: 5.03.0000.0004 - EASTMAN KODAK Company) Hidden
kgchday (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgchlwn (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
kgcinvt (x32 Version: 5.03.0000.0003 - EASTMAN KODAK Company) Hidden
kgckids (x32 Version: 6.03.0001.0001 - EASTMAN KODAK Company) Hidden
kgcmove (x32 Version: 6.03.0001.0001 - EASTMAN KODAK Company) Hidden
kgcvday (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
Kodak EasyShare software (HKLM-x32\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version: - Eastman Kodak Company)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.4121 - McAfee, Inc.)
McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.2.3 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.192 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
netbrdg (x32 Version: 7.00.0000.0003 - EASTMAN KODAK Company) Hidden
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{E142AB79-FD0D-34F7-8D4D-56E78C536467}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
OfotoXMI (x32 Version: 7.00.0000.0002 - EASTMAN KODAK Company) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\Pokki_Start_Menu) (Version: 0.269.7.698 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.11 - Qualcomm Atheros)
QuickTime (HKLM-x32\...\{BFD96B89-B769-4CD6-B11E-E79FFD46F067}) (Version: 7.4.1.14 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
Registry Cleaner version 2.0.0 (HKLM-x32\...\{B3E84B4A-ACDB-4B40-BA8A-5AD2675B8735}_is1) (Version: 2.0.0 - Wasoftware)
Respondus LockDown Browser (HKLM-x32\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION
SFR (x32 Version: 7.00.0000.0004 - Eastman Kodak Company) Hidden
SHASTA (x32 Version: 6.04.0000.0001 - EASTMAN KODAK Company) Hidden
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version: - ) <==== ATTENTION
skin0001 (x32 Version: 7.00.0000.0002 - EASTMAN KODAK Company) Hidden
SKINXSDK (x32 Version: 7.00.0000.0001 - EASTMAN KODAK Company) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Soluto (HKLM\...\{A40888FC-B545-46F3-8628-6AE98C1C75C6}) (Version: 1.3.1193.1 - Soluto)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
staticcr (x32 Version: 7.00.0000.0002 - EASTMAN KODAK Company) Hidden
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
tooltips (x32 Version: 7.00.0000.0002 - EASTMAN KODAK Company) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VPRINTOL (x32 Version: 7.00.0000.0001 - EASTMAN KODAK Company) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.14 - WildTangent) Hidden
WIRELESS (x32 Version: 7.00.0000.0002 - EASTMAN KODAK Company) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
13-10-2015 04:13:32 Scheduled Checkpoint
22-10-2015 19:38:08 Windows Update
31-10-2015 01:27:43 Scheduled Checkpoint
01-11-2015 14:57:47 Removed OnePCOptimizer.
01-11-2015 18:42:35 Restore Operation
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02318FF0-DF16-46D3-9A4C-3B1AF3E75C00} - System32\Tasks\MyDailyBackup => C:\Windows\system32\winupd.exe <==== ATTENTION
Task: {064C78EB-8723-446D-AE33-FCAC638EA4E9} - System32\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-1-6 => C:\Program Files (x86)\CinePlus-1.44V31.10\f52c8f69-3487-4ac4-bfff-b1aa07793633-1-6.exe <==== ATTENTION
Task: {0D1E3881-F144-4D72-8D66-9EB30FEE3687} - System32\Tasks\GoogleUp => C:\Windows\system32\hsysinfo.exe
Task: {10A72AE7-1A25-4DAE-BE5A-37C564FD4554} - System32\Tasks\import => C:\Windows\system32\Mint.exe
Task: {11E3DEA9-8E3A-4D7C-9E8E-765D58B6C675} - System32\Tasks\A282C480-6087-4AB1-A04A-7C7516C6330 => C:\Users\Shawn&Stacy\AppData\Local\A282C480-6087-4AB1-A04A-7C7516C6330\A282C480-6087-4AB1-A04A-7C7516C6330.exe [2015-10-31] () <==== ATTENTION
Task: {17511F17-937C-43E8-8E5D-B2AF1C8179C8} - System32\Tasks\prelauncher_First => C:\Program Files (x86)\Acer\Screen Grasp\InputTask.exe [2013-07-01] (Acer Incorporated)
Task: {2B0CBDC2-0F0A-423B-891E-BED0825EF3CE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
Task: {2B90FF25-DA06-41C1-BC94-412150ECAA58} - System32\Tasks\DGPUOYA1 => C:\ProgramData\FlashBeat\FlashBeat.exe [2015-09-27] (FlashBeat) <==== ATTENTION
Task: {2DA13C03-D570-453A-870A-0D4855211503} - System32\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-10_user => C:\Program Files (x86)\CinePlus-1.44V31.10\f52c8f69-3487-4ac4-bfff-b1aa07793633-10.exe <==== ATTENTION
Task: {2F8736E1-91A2-4D76-BD42-D0B88FA53A3D} - System32\Tasks\win => C:\Windows\system32\win.exe
Task: {3A374187-C67C-4EF7-BAC2-1AA82CEDAA48} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {3C6CA005-6220-4BFE-9DB6-F46B194CB55E} - System32\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-5 => C:\Program Files (x86)\CinePlus-1.44V31.10\f52c8f69-3487-4ac4-bfff-b1aa07793633-5.exe <==== ATTENTION
Task: {4B9D7097-EB42-4502-AE86-9798B9475DDE} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {4FC81656-989E-49A3-B41E-E553D23F29DD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {51443AFA-5D49-4C0F-A2CB-75042A7EDE56} - System32\Tasks\EasyShare Registration Task => Rundll32.exe C:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_7.8.20.2.sxt _RegistrationOffer@16
Task: {6042C362-59D5-4245-AAD6-4DDF8ACE0EFE} - System32\Tasks\Gelomo => C:\PROGRA~1\SHOPPE~1\Uifevfan.bat
Task: {6C05B76E-812C-47A3-9DBB-546574A95880} - System32\Tasks\Launch Screen Grasp_First => C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe [2013-08-12] (Acer Incorporated)
Task: {6CE13A9A-CF04-49E2-AE19-67D7039423E2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {703FE3C1-2E63-4DE7-8E29-E09399DA4143} - System32\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-1-7 => C:\Program Files (x86)\CinePlus-1.44V31.10\f52c8f69-3487-4ac4-bfff-b1aa07793633-1-7.exe <==== ATTENTION
Task: {74D43DA1-A8B5-4CD8-B706-ACDEBF1D5E28} - System32\Tasks\SweetLabs App Platform => %LOCALAPPDATA%\Pokki\Engine\ServiceHostAppUpdater.exe
Task: {74F4637D-B0CD-4FD7-87B2-E8C3268EC013} - System32\Tasks\Dolby Selector => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-08-08] (Dolby Laboratories Inc.)
Task: {78710094-4D08-4701-93AD-98CFE5EE564D} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {7D1E590C-B816-4C65-BBEA-580C1CBB9E29} - System32\Tasks\Prelauncher => C:\Program Files (x86)\Acer\Screen Grasp\InputTask.exe [2013-07-01] (Acer Incorporated)
Task: {82CA3464-8725-4207-8B6D-1D9B3FBF3C46} - System32\Tasks\Screen Grasp GestureDetection => C:\Program Files (x86)\Acer\Screen Grasp\GestureDetection.exe [2013-08-26] (Acer Incorporated)
Task: {8884467B-CFCC-4E17-964F-6DB84BDB63FD} - System32\Tasks\Installer_smknnodesk => C:\Users\Shawn&Stacy\AppData\Local\Installer\Installsmknnodesk_27399\brakietut_tutbl_setup.exe [2015-11-01] () <==== ATTENTION
Task: {8DD1FD75-546E-4AF8-BB44-02BFD98B11ED} - System32\Tasks\impo => C:\Windows\system32\bs1.exe
Task: {9307E414-2143-40D7-A6C5-861529E57DC6} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-09-10] (Acer Incorporated)
Task: {AD2E9353-B0FB-46BA-9D70-457BC78B7956} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {B4063394-9776-4FAA-ABDF-EE9D892572A9} - System32\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-5_user => C:\Program Files (x86)\CinePlus-1.44V31.10\f52c8f69-3487-4ac4-bfff-b1aa07793633-5.exe <==== ATTENTION
Task: {BCD4D772-64BF-4C04-AC41-D5F033F40B89} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2013-08-22] (Acer Incorporated)
Task: {BF11D8DA-B994-4F42-91F4-08DF5A707577} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-06-01] (McAfee, Inc.)
Task: {C3DA6889-734A-418E-A830-A911999F1D43} - System32\Tasks\Googleuptodate => C:\Windows\system32\Wimboldon.exe
Task: {C8543B43-2872-45EC-BD11-D1602E420070} - System32\Tasks\SPBIW_UpdateTask_Time_313335333032383432342d324a574123346c2a556c2a5a => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {CCA551B1-CC04-4C17-8B3C-87CE5ED4A5A0} - System32\Tasks\SecurityApps2 => C:\Program Files (x86)\PC FIX LABS LLC\Smart Security Suite\SecurityApps.exe
Task: {D5F43C43-FC2F-4990-9EDD-A654824AD4B2} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-10-15] (Acer)
Task: {D8A618D9-A8F4-4B69-A788-A2A6DAB40297} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [2015-07-21] (McAfee, Inc.)
Task: {E49C164B-1294-43C0-9318-B08E06A7965F} - System32\Tasks\F6E70F42-AA4B-47A7-9CC8-E592976436A7 => C:\Users\Shawn&Stacy\AppData\Local\F6E70F42-AA4B-47A7-9CC8-E592976436A7\F6E70F42-AA4B-47A7-9CC8-E592976436A7.exe [2015-11-01] () <==== ATTENTION
Task: {F40101A4-305F-40EF-ABF1-51EC9F3DB20C} - System32\Tasks\Inst_Rep => C:\Users\Shawn&Stacy\AppData\Local\Installer\Install_23488\brakietut_tutbl_setup.exe [2015-11-01] () <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DGPUOYA1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: C:\Windows\Tasks\EasyShare Registration Task.job => C:\Windows\system32\rundll32.exeZC:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_7.8.20.2.sxt
Task: C:\Windows\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-1-6.job => C:\Program Files (x86)\CinePlus-1.44V31.10\f52c8f69-3487-4ac4-bfff-b1aa07793633-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-1-7.job => C:\Program Files (x86)\CinePlus-1.44V31.10\f52c8f69-3487-4ac4-bfff-b1aa07793633-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-10_user.job => C:\Program Files (x86)\CinePlus-1.44V31.10\f52c8f69-3487-4ac4-bfff-b1aa07793633-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-5.job => C:\Program Files (x86)\CinePlus-1.44V31.10\f52c8f69-3487-4ac4-bfff-b1aa07793633-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\f52c8f69-3487-4ac4-bfff-b1aa07793633-5_user.job => C:\Program Files (x86)\CinePlus-1.44V31.10\f52c8f69-3487-4ac4-bfff-b1aa07793633-5.exe <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2015-10-31 07:58 - 2015-10-31 07:31 - 00353640 _____ () C:\Windows\system32\Localadsiw64.dll
2015-11-01 14:50 - 2015-09-24 19:19 - 00185800 _____ () C:\Users\Shawn&Stacy\AppData\Local\Crsoft\crsvc.exe
2015-11-01 13:21 - 2015-11-01 13:21 - 00460800 _____ () C:\Program Files (x86)\DCE8D5F2-1446302749-11E3-BA14-F80F41B551A7\knsqBC8F.tmp
2015-10-31 07:58 - 2015-07-08 18:26 - 00173088 _____ () C:\Users\Shawn&Stacy\AppData\Roaming\NetService\netservice.exe
2014-02-21 04:46 - 2013-05-08 10:21 - 00220672 _____ () C:\Windows\SysWOW64\OSDSrv\OSDSrv.exe
2015-10-31 07:46 - 2015-10-31 07:46 - 00624640 _____ () C:\Program Files (x86)\DCE8D5F2-1446302749-11E3-BA14-F80F41B551A7\hnsl1934.tmp
2013-01-29 13:28 - 2013-01-29 13:28 - 00109024 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2013-01-29 13:28 - 2013-01-29 13:28 - 00055352 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2014-10-28 17:12 - 2014-10-28 17:12 - 00101376 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Management\5638c05aebdbb990686165fb14eb3c88\Windows.Management.ni.dll
2014-10-28 17:12 - 2014-10-28 17:12 - 01782784 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\3f4dc590466037f015f65bc07d1ea923\Windows.ApplicationModel.ni.dll
2014-10-28 17:12 - 2014-10-28 17:12 - 00207872 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.System\a4efa88b742703220e527956d8ab4e84\Windows.System.ni.dll
2014-10-28 17:12 - 2014-10-28 17:12 - 00363520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll
2013-01-29 13:28 - 2013-01-29 13:28 - 00109024 _____ () c:\program files\soluto\PCGDllExportInspector.dll
2015-11-01 19:34 - 2015-11-01 09:19 - 03332784 _____ () C:\Users\Shawn&Stacy\AppData\Local\gmsd_us_005010133\upgmsd_us_005010133.exe
2013-09-25 04:04 - 2013-09-25 04:04 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-25 04:01 - 2013-09-25 04:01 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-25 04:08 - 2013-09-25 04:08 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-08-08 17:53 - 2013-08-08 17:53 - 00050904 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2015-11-01 19:33 - 2015-09-27 23:48 - 07601110 _____ () C:\Users\Public\Documents\windows.exe
2015-09-16 13:58 - 2015-09-16 13:58 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-11-01 19:34 - 2015-11-01 09:19 - 03972784 _____ () C:\Program Files (x86)\gmsd_us_005010133\gmsd_us_005010133.exe
2015-09-16 13:58 - 2015-09-16 13:58 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-10-13 11:38 - 2015-10-13 11:38 - 48673472 _____ () C:\Users\Shawn&Stacy\AppData\Roaming\DailyWiki\DailyWiki.exe
2015-10-15 10:56 - 2015-10-15 10:56 - 00201568 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-10-15 10:56 - 2015-10-15 10:56 - 00118112 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-11-04 16:29 - 2015-11-04 16:29 - 00046080 _____ () C:\Users\Shawn&Stacy\AppData\Local\Temp\_MEI62562\_socket.pyd
2015-11-04 16:29 - 2015-11-04 16:29 - 01160704 _____ () C:\Users\Shawn&Stacy\AppData\Local\Temp\_MEI62562\_ssl.pyd
2015-11-04 16:29 - 2015-11-04 16:29 - 00715264 _____ () C:\Users\Shawn&Stacy\AppData\Local\Temp\_MEI62562\_hashlib.pyd
2015-11-04 16:29 - 2015-11-04 16:29 - 00686080 _____ () C:\Users\Shawn&Stacy\AppData\Local\Temp\_MEI62562\unicodedata.pyd
2015-11-04 16:29 - 2015-11-04 16:29 - 00010240 _____ () C:\Users\Shawn&Stacy\AppData\Local\Temp\_MEI62562\select.pyd
2015-11-04 16:29 - 2015-11-04 16:29 - 00087552 _____ () C:\Users\Shawn&Stacy\AppData\Local\Temp\_MEI62562\_ctypes.pyd
2015-11-04 16:29 - 2015-11-04 16:29 - 00036352 _____ () C:\Users\Shawn&Stacy\AppData\Local\Temp\_MEI62562\_tkinter.pyd
2015-11-04 16:29 - 2015-11-04 16:29 - 00027136 _____ () C:\Users\Shawn&Stacy\AppData\Local\Temp\_MEI62562\pyHook._cpyHook.pyd
2015-11-04 16:29 - 2015-11-04 16:29 - 00110080 _____ () C:\Users\Shawn&Stacy\AppData\Local\Temp\_MEI62562\pywintypes27.dll
2015-11-04 16:29 - 2015-11-04 16:29 - 00358912 _____ () C:\Users\Shawn&Stacy\AppData\Local\Temp\_MEI62562\pythoncom27.dll
2008-05-10 06:33 - 2015-07-25 13:18 - 00403968 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Kfx.dll
2008-05-10 06:31 - 2015-07-25 13:18 - 00258560 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\AppCore.dll
2008-05-10 06:28 - 2015-07-25 13:18 - 00354816 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Atlas.dll
2008-05-10 06:27 - 2015-07-25 13:19 - 00233472 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
2008-05-10 06:46 - 2015-07-25 13:18 - 00232448 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaControls.esx
2008-05-10 06:22 - 2015-07-25 13:18 - 00086016 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
2008-05-10 06:47 - 2015-07-25 13:18 - 00077312 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
2008-05-10 06:16 - 2015-07-25 13:18 - 00062464 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
2006-03-07 09:05 - 2015-07-25 13:18 - 01564672 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\AreaIFDLL.dll
2008-05-10 06:45 - 2015-07-25 13:18 - 00757760 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
2008-05-10 07:02 - 2015-07-25 13:18 - 00675840 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESEmail.esx
2008-05-10 06:35 - 2015-07-25 13:18 - 00084480 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\keml40.dll
2008-05-10 06:20 - 2015-07-25 13:18 - 00128512 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\kpries40.dll
2008-05-10 06:53 - 2015-07-25 13:18 - 01229312 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESSkin.esx
2008-04-14 14:30 - 2015-07-25 13:19 - 00786432 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
2008-04-21 14:19 - 2015-07-25 13:19 - 00462848 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
2008-04-21 14:20 - 2015-07-25 13:19 - 00528384 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
2008-04-11 14:59 - 2015-07-25 13:19 - 00872448 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
2008-04-21 14:19 - 2015-07-25 13:19 - 02236416 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
2008-04-21 14:19 - 2015-07-25 13:19 - 00798720 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
2008-04-21 14:20 - 2015-07-25 13:19 - 01396736 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
2008-04-11 14:59 - 2015-07-25 13:19 - 00159744 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
2008-05-10 06:24 - 2015-07-25 13:18 - 00117760 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
2008-05-10 07:02 - 2015-07-25 13:18 - 00171008 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Pcd.esx
2008-05-10 06:45 - 2015-07-25 13:18 - 00052224 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
2008-05-10 06:43 - 2015-07-25 13:19 - 00143360 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
2008-05-10 06:20 - 2015-07-25 13:18 - 00083968 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
2008-05-10 03:06 - 2015-07-25 13:18 - 00010240 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
2008-05-10 07:11 - 2015-07-25 13:18 - 00339968 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
2008-05-10 07:00 - 2015-07-25 13:18 - 00096256 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
2008-05-10 07:02 - 2015-07-25 13:18 - 00311296 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
2008-05-10 06:57 - 2015-07-25 13:19 - 00688128 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
2008-05-10 07:09 - 2015-07-25 13:18 - 00466944 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Escom.dll
2008-05-10 06:23 - 2015-07-25 13:18 - 00044544 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
2015-09-16 13:58 - 2015-09-16 13:58 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2015-09-14 16:46 - 2015-09-14 16:46 - 00201568 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-09-14 16:46 - 2015-09-14 16:46 - 00653112 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-09-14 16:46 - 2015-09-14 16:46 - 00640352 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-09-14 16:46 - 2015-09-14 16:46 - 00118112 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-10-26 03:28 - 2015-10-26 03:28 - 00014176 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-09-10 13:51 - 2015-09-10 13:51 - 00012128 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-09-10 13:43 - 2015-09-10 13:43 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "SpaceSoundPro"
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1384006192-1193351791-2402037821-1001\...\StartupApproved\Run: => "Web Companion"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FDC08722-1CE3-43A7-8B3E-17674C90EDB0}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{A8C9CC76-CA41-4BA4-B03F-B044DD0B5FD0}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{9CC9B05E-26EA-4C47-92EA-1A61051A83F3}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{9473A690-5732-45D4-A9FC-CBD01F303A8D}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{E0630D42-2423-4BD5-8275-30BB724CD000}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{7125DF2C-F349-46A6-BC20-267652787EDB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E81A1461-7AFA-485E-9AE2-9066743AD152}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C1A040C1-4256-4D0C-926B-4F73E66DDBE1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{8E528487-F3E2-49A8-A97F-BC33E24FCEE4}] => (Allow) C:\Program Files\Soluto\SolutoCleanup.exe
FirewallRules: [{9FC500CF-3B73-4B16-ABE2-CFBA7BA412F7}] => (Allow) C:\Program Files\Soluto\SolutoConsole.exe
FirewallRules: [{C301FC4B-0658-4DC1-8AA7-556450B9EC56}] => (Allow) C:\Program Files\Soluto\SolutoUpdateService.exe
FirewallRules: [{202AA06A-6CAB-4B0A-9A0F-5A1596E91CD0}] => (Allow) C:\Program Files\Soluto\SolutoService.exe
FirewallRules: [{4DF5A859-FDA5-481D-BDA4-F2988BCA12BE}] => (Allow) C:\Program Files\Soluto\Soluto.exe
FirewallRules: [{2C363D1E-609D-4221-A45B-42C9A8B2A4B4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{F9B00CA6-B2DE-43CE-B0A0-2E4BAC248D2E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{05FBA20B-1510-44A4-A0AE-A96ADD124E36}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{21CE6F56-3DF7-452D-8E73-ACB38475FE05}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{E00451D0-E4A4-4851-A723-DE33B0A59EA3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{2BAEC749-E316-4D0A-81C9-1029C89B239D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{7D869259-8FCE-448C-929A-B2FFE7235083}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{6927FE7F-7D0D-465B-A8BA-0E126FB317D6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{EE11B56E-5151-4052-879D-1198ACC5F881}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{C91FC168-FFE3-4B00-ACD8-77397BDFE3C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{84FEE8CC-56AB-450B-A8B9-1A49B998A713}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{5941C0D1-E490-4A12-A407-836C7776BFF0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{81E4E403-C6D3-45F1-B6EA-950FA4AE87F5}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{0FDA4A0E-0806-4F0F-B676-7B9CECA884FD}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{13ABF16F-26B0-4A3E-A47B-6DEF7861595E}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{453C3065-36BA-4C60-8685-1164595A6806}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{B163FF3C-A75A-44DB-A2F5-49788A016FDA}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{61E9EBB5-9F1C-4253-B2C9-B4743AA8922B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{AD8F5E22-A7DC-4909-9677-2267DF0E958E}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{90564819-C985-4928-8902-594999EC63C9}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{DEB90374-0343-48E1-954F-F34EDB20F34A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{5BE3D58C-6C81-4CE7-8DF5-E221213D1EE6}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{5F1E1056-A408-4C1F-9AF5-38AEEA62081F}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{DEB5EE9B-2E1E-4124-9EF2-8E57AD0B49C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{0574559E-471E-470D-8407-A60B89BD7A3F}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{04FE7C51-55C8-405A-8BB4-07859D2B3D42}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{2387A4E4-3B7D-4101-9378-41BB69A10223}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{8EDD6D65-D72A-4125-88FC-2F0C8C7E2343}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{A9328F6A-14BF-4C83-A9CD-49BE14D62A58}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{454A4D09-22FB-4AFB-A81F-FBC9F0EFDA8A}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{C3B367FC-DAF3-40CD-A31C-D1CA38425D9F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{BAD4F667-A4C7-4B33-BB64-4EDA893D4E66}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{D77DCB75-4F7B-49B7-8ECB-E5A1499015C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{6ED13B48-2148-466D-B6AA-1FBD7B86D42E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{DF472A62-FD5F-4B4F-8828-40C647E9D8DC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{67660D8A-D492-49BD-B890-292F416F786B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{9C9AE099-E88A-4694-9322-97140236A6AD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{77269000-9E2F-432E-A13F-DFE672F6CBF5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{56BA2440-0422-45AC-B6F2-C46AFD6BBB40}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{774E5940-B399-46E3-9E5C-ACF52970FA84}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{CFE9977E-04E8-427D-9A43-D923C73E4945}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{7B733AF1-69E1-4753-8FB7-7825147ABA37}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{66F0D8E1-182D-42A9-B956-3989B2EFFD2C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{0AFA1073-D707-4126-8CA1-B8C211DF0911}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{D89F6CD8-8381-43AC-8AA6-7B3BFC2A0307}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{610F53C8-A7C2-4245-9F39-DEA757FDEA8D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{CB9CE838-C244-40E9-9B84-A9871A48E596}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{03C6B5D3-A699-404A-8626-37BC5E360A3B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{117B7D51-3FB6-4819-B213-1F37331F29FE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{E0496A87-E2A7-4F70-905C-45C02BFD9ECE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{CF40DE4E-46B8-471B-B938-2AF33032457D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{8D64CC98-9423-4FF8-AFD6-D1AA817BBD33}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{AB2ABED2-51E0-4725-AE8F-7D300D0CEB0B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{62E42CEA-0600-420C-BC43-48323FA4D665}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{7B277605-FD39-4805-8357-36C7634FAF0C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{886E5149-9E3C-4E61-AD4E-09009D2DCB09}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{5C60B1D5-13A4-4689-9692-1150814C14FD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8E26BDB1-A14D-4963-9553-4833094F9249}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6FF37E87-89A4-414B-AF96-32975F185A15}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{03DBE48B-B50F-4714-BA97-3A50A7935A98}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{71E73B3E-E7B2-4D7B-B5C2-DBB70373A181}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6A9421A6-FA6C-443F-B675-5BCFBB031E94}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{299C46BD-7431-4E56-809A-FC714D97ED9B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{ECFF9172-FFBC-4969-B7A4-DEF61B53D3F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F33FAE1C-3366-4E18-96FC-B0234998151E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{566778AD-29E5-41B8-AE0A-78BA61B158ED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{DB0C8778-FD09-4C42-A83A-481F633F5DB4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{1AB2E972-306F-4166-B9E1-E66699F2DC0B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{F9965D8E-79E7-4809-943D-E259EE09C4B8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{85F38537-6708-4B6B-BB00-86B761E0F734}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{F62EDDA9-44FE-4E4F-8606-1EA5EFD02C5B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{1CEBA387-343B-4CE2-8840-B59594A59A6E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{F3C9B635-A375-4BD9-B321-F942B8424830}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{7303311B-FC3D-4DFD-9F0C-D59A41BE90F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{51AE53E0-61F1-4864-AC19-9F72C253F988}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{03F5E795-4944-479A-AD8C-1B2C30A8853F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{BF70BFAD-B786-4042-BB74-4FBEBDCF1D33}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D8A8E519-0761-45EF-AA32-2A2D52F5D6A1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{B1A72CC4-84B8-472C-80F4-2F942DD627AC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{F461EEA5-01E5-4FB4-976E-405E6C31B0E6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{626A605A-3D65-45DA-A034-AD3F3F34BC21}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{F7F2269B-E6D5-4721-A5D1-1765CB851D7C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{FD00FE4E-48E4-4352-B975-89504D1420BA}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{78DB12C1-261E-4B6B-B24E-742FCCD068BC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{A706ED69-CE81-42F6-A0FC-897412615BA4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{C3411C12-EDD5-43DC-843B-35F741B08A66}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{1CF671F7-82E6-4D6B-8A5D-8BA86433A28A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E106F08A-0BD0-4E2C-8313-1217C272028D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C7C0C084-0FB3-4210-9FB5-D6DE6D634EDF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4BE1A93F-0CD4-4925-AB12-039D982118DB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C8E84A9E-C1D2-4BFD-89C5-5DBB4C69F3A6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{20FDBB2D-B9CF-4980-8A8F-6FF8A5506CD5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{04C9CAE2-56DF-43A3-9A32-8CF1B3D0C237}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1EA50A95-4DA7-4952-83B6-6E43252AA22B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{ABA2CE47-2545-4121-AA0B-FE2F143706D9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{25F2F857-D51E-4A8A-A3C8-C461E639B02D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{20BC9CAB-9986-4E48-8A0C-565FC019D9E7}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{6F5AF227-688B-45C4-A811-60FCF5C29999}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{A862BCD2-0FF1-433B-8933-D81D5D3BA206}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{0025F073-D5EC-4774-8612-2545A7B5A334}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{76B5E072-A2D3-4C95-BD51-76F099D51E4E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{2E03FB6E-A4FA-47FB-AC97-975CFB4F38FB}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{9032C42E-5A38-49BF-881D-676A92B725A8}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{F2272D03-573E-412A-822D-F139B1226407}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{1D2EB9BA-7779-4A46-88E2-9DA362DF0F7D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1CB22CFF-53E8-4138-AEB2-0E331E7784A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{33211C01-5A0E-4A20-88F5-E5C1BEB7A9AE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{16DAE5B9-E3D6-45F6-80DD-8A855652E0EF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{69323F96-6C59-4D4F-BF06-D02E9269E839}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A3DFBE88-8A7A-4CA2-9982-91ADF4D96F85}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{90A4E74B-D9E3-465C-BE35-6621A0FD4B5F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5E5AAAC3-4C19-4E19-93A5-1502E067D7EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{68E027E2-61DE-4766-99CD-A8CB49EFD204}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{3C7411D1-606C-4FBB-8234-027EC658EAE4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{1FFE71EB-F8B7-47DF-B105-B92B87619739}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{02E6DF8F-5B79-4384-A54E-4D78B73F3505}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{7341C4A2-2128-4BC1-84DD-77093EB03B27}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{23DAD63D-15AE-42EB-BECD-136B2FF6E8BC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{A670BF28-5E94-476A-8707-F856CE18406C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{9FE19220-E52A-4F7B-B3A2-2D69654D2A50}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{2BEC4DBB-B753-4B2A-A150-1536F62E0E1A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1FA42D8D-BFA4-4451-A4E1-B881BB676069}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{95800EEE-986B-42DF-B1B5-099AE79956D7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1BFFDCC8-3BFC-475F-8D33-015B29D96E7C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{02194DA1-9AB5-4AEC-8291-F6BB6794DC42}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F9A2F763-E9A2-42C0-8939-356C1B610C72}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1C261352-F8A7-4DE5-B66C-12910B26E47D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7146937E-95DD-484B-93A9-50C65EF07D33}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7FEBBFCE-460F-4C38-9FD0-85AF766B1119}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{024E45A1-5550-493C-8F83-9B53F45FFFEE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{A7B78BCF-43FA-4E80-A838-FEF9DA16E6C6}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{F3A871E7-7569-4762-A9DC-70CD15BA8C96}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{B513B862-BEC0-4ED8-A5FA-D0C5C7981BB7}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{B0C5F174-50AA-43A9-95B5-6BB78280193C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{F2C0A3E8-75AD-410A-ABCB-7798E3FF2E42}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{38F01295-BCB0-4224-8103-8246380EC731}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{CC091AF8-6963-4865-8B4D-CBA517245B3F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A6C0B69C-C24A-414F-AD74-D2C2441359BE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{ED663DD5-5A60-46F2-AB79-B3B003B0A553}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FCD53B2C-FD79-41AA-8B38-E28744714A53}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0651F5BA-A002-4821-932E-4F1CBA7712EC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7D53EE8B-A817-4743-A226-FD71A91D27AA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9B874862-8B7C-4F44-A33C-9AA8667F0A59}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2AAE2669-E12D-44E7-B70D-DA39A4377E34}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{41EF63AF-6B12-4C95-983A-1A0CE5558D68}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7CA6D470-9E4B-4199-B1C0-15ABAF0B2722}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{12BFA713-448E-4FB1-87BA-70059278582F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{615FD2A4-B496-4909-A46D-35E57EFC6435}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6A127BC7-C0AB-476B-BEDC-377BDE624D71}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{88AED184-DFD1-40EC-B6B0-A9BC4EC1CA70}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C6086823-84A8-4F87-BFFE-B0786A56EC93}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{359B54E1-B798-4CD1-A861-442AEB9DE97C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CA0DF8C6-AE74-4B3F-B7F2-543828AEB300}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{41EAB6F4-05D6-4689-9F7E-759A23383848}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1B0E947D-1F85-40CE-8432-93530CE29317}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BD4B928C-664D-4F90-B7AE-2C3186A4D6DC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{98598C46-F9D0-4537-BF94-C28C5511DF04}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C1D04AD4-DF5F-4AAF-9EDE-2A03CA7F8F21}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DEBE1939-B4D6-43FB-A4E5-4C6384A06AA0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D7E405FA-FCD7-469E-8612-8E9714997783}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B666650D-E46C-4591-93A7-B68BE1397A75}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{69ECE65C-CDAC-47B4-8EA8-BE5264BC35A2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B7C4EB87-F37A-46F2-A048-36D4120F6F23}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{806B0F53-7806-4B46-A0D2-9EB26A505D39}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E3945EB2-1C22-43C8-948F-56D528E41894}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9B3816D1-C0AF-47CC-B4E6-D97382E20FBE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{126318BB-9B47-4496-8F8D-12F7F9BD3488}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A50C592F-2C04-4C5A-B839-C64172A8FE23}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{08CB5100-2E61-4908-8270-07A1C6509E24}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{05C8863A-A219-40A7-8E50-CCA79B78177D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0710B92F-910A-4A4C-A396-5688B523DEFF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{30D04AB3-E532-4AAB-BC6C-6739FFA842DC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C24DFBB0-96AB-4D57-A23F-EBDEBE65EA60}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{67D749A0-A59B-4F36-8B85-DD5DCB688222}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B0D72BDD-C2E1-4B03-B404-9A732A8801BA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B2DCE348-9540-4E2B-A662-F927939A5D2B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{18F41886-2915-4A0F-A809-7F4818F3C853}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3FBC5380-F26B-4FF5-9AC9-1B3EF3D23D37}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1C1A961C-B8E3-43B7-8433-8799347FBE7C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{139E4300-A6F8-4039-895D-23C2C3C5586F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{189F6B5F-0028-4AB8-99BA-BD78540450F2}] => (Allow) C:\Users\Shawn&Stacy\AppData\Local\BrowserAir\Application\BrowserAir.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/04/2015 04:29:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DV.exe, version: 1.0.0.0, time stamp: 0x55e96721
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18007, time stamp: 0x55c4bcfc
Exception code: 0xe0434352
Fault offset: 0x00015b68
Faulting process id: 0x910
Faulting application start time: 0xDV.exe0
Faulting application path: DV.exe1
Faulting module path: DV.exe2
Report Id: DV.exe3
Faulting package full name: DV.exe4
Faulting package-relative application ID: DV.exe5
Error: (11/04/2015 04:29:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: DV.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Windows.Markup.XamlParseException
Stack:
at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
at System.Windows.Application.LoadComponent(System.Uri, Boolean)
at System.Windows.Application.DoStartup()
at System.Windows.Application.<.ctor>b__1(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.Run()
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at System.Windows.Application.Run()
at demoforupdaterwindow.App.Main()
Error: (11/04/2015 04:29:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DV.exe, version: 1.0.0.0, time stamp: 0x5628d0db
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18007, time stamp: 0x55c4bcfc
Exception code: 0xe0434352
Fault offset: 0x00015b68
Faulting process id: 0x180c
Faulting application start time: 0xDV.exe0
Faulting application path: DV.exe1
Faulting module path: DV.exe2
Report Id: DV.exe3
Faulting package full name: DV.exe4
Faulting package-relative application ID: DV.exe5
Error: (11/04/2015 04:29:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: DV.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.Remoting.RemotingException
Stack:
Server stack trace:
at System.Runtime.Remoting.Messaging.MethodCall.ResolveMethod(Boolean bThrowIfNotResolved)
at System.Runtime.Remoting.Messaging.MethodCall..ctor(Object handlerObject, BinaryMethodCallMessage smuggledMsg)
at System.Runtime.Serialization.Formatters.Binary.BinaryMethodCall.ReadArray(Object[] callA, Object handlerObject)
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize(HeaderHandler handler, __BinaryParser serParser, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream, HeaderHandler handler, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
at System.Runtime.Remoting.Channels.CoreChannel.DeserializeBinaryRequestMessage(String objectUri, Stream inputStream, Boolean bStrictBinding, TypeFilterLevel securityLevel)
at System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMessage(IServerChannelSinkStack sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders, Stream& responseStream)
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
at Microsoft.Shell.SingleInstance`1+IPCRemoteService[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InvokeFirstInstance(System.Collections.Generic.IList`1<System.String>)
at Microsoft.Shell.SingleInstance`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].SignalFirstInstance(System.String, System.Collections.Generic.IList`1<System.String>)
at Microsoft.Shell.SingleInstance`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InitializeAsFirstInstance(System.String)
at demoforupdaterwindow.App.Main()
Error: (11/04/2015 04:28:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: spbia.exe, version: 1.0.0.4, time stamp: 0x562fc085
Faulting module name: spbia.exe, version: 1.0.0.4, time stamp: 0x562fc085
Exception code: 0xc0000005
Fault offset: 0x000000000000a746
Faulting process id: 0xd04
Faulting application start time: 0xspbia.exe0
Faulting application path: spbia.exe1
Faulting module path: spbia.exe2
Report Id: spbia.exe3
Faulting package full name: spbia.exe4
Faulting package-relative application ID: spbia.exe5
Error: (11/03/2015 02:06:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DV.exe, version: 1.0.0.0, time stamp: 0x55e96721
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18007, time stamp: 0x55c4bcfc
Exception code: 0xe0434352
Fault offset: 0x00015b68
Faulting process id: 0x6d4
Faulting application start time: 0xDV.exe0
Faulting application path: DV.exe1
Faulting module path: DV.exe2
Report Id: DV.exe3
Faulting package full name: DV.exe4
Faulting package-relative application ID: DV.exe5
Error: (11/03/2015 02:06:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: DV.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Windows.Markup.XamlParseException
Stack:
at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
at System.Windows.Application.LoadComponent(System.Uri, Boolean)
at System.Windows.Application.DoStartup()
at System.Windows.Application.<.ctor>b__1(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.Run()
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at System.Windows.Application.Run()
at demoforupdaterwindow.App.Main()
Error: (11/03/2015 02:06:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: spbia.exe, version: 1.0.0.4, time stamp: 0x562fc085
Faulting module name: spbia.exe, version: 1.0.0.4, time stamp: 0x562fc085
Exception code: 0xc0000005
Fault offset: 0x000000000000a746
Faulting process id: 0x1024
Faulting application start time: 0xspbia.exe0
Faulting application path: spbia.exe1
Faulting module path: spbia.exe2
Report Id: spbia.exe3
Faulting package full name: spbia.exe4
Faulting package-relative application ID: spbia.exe5
Error: (11/03/2015 02:05:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DV.exe, version: 1.0.0.0, time stamp: 0x5628d0db
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18007, time stamp: 0x55c4bcfc
Exception code: 0xe0434352
Fault offset: 0x00015b68
Faulting process id: 0x1074
Faulting application start time: 0xDV.exe0
Faulting application path: DV.exe1
Faulting module path: DV.exe2
Report Id: DV.exe3
Faulting package full name: DV.exe4
Faulting package-relative application ID: DV.exe5
Error: (11/03/2015 02:05:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: DV.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.Remoting.RemotingException
Stack:
Server stack trace:
at System.Runtime.Remoting.Messaging.MethodCall.ResolveMethod(Boolean bThrowIfNotResolved)
at System.Runtime.Remoting.Messaging.MethodCall..ctor(Object handlerObject, BinaryMethodCallMessage smuggledMsg)
at System.Runtime.Serialization.Formatters.Binary.BinaryMethodCall.ReadArray(Object[] callA, Object handlerObject)
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize(HeaderHandler handler, __BinaryParser serParser, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream, HeaderHandler handler, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
at System.Runtime.Remoting.Channels.CoreChannel.DeserializeBinaryRequestMessage(String objectUri, Stream inputStream, Boolean bStrictBinding, TypeFilterLevel securityLevel)
at System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMessage(IServerChannelSinkStack sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders, Stream& responseStream)
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
at Microsoft.Shell.SingleInstance`1+IPCRemoteService[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InvokeFirstInstance(System.Collections.Generic.IList`1<System.String>)
at Microsoft.Shell.SingleInstance`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].SignalFirstInstance(System.String, System.Collections.Generic.IList`1<System.String>)
at Microsoft.Shell.SingleInstance`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InitializeAsFirstInstance(System.String)
at demoforupdaterwindow.App.Main()
System errors:
=============
Error: (11/03/2015 05:34:18 PM) (Source: DCOM) (EventID: 10005) (User: HOMECOMPUTER)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/03/2015 05:30:18 PM) (Source: DCOM) (EventID: 10005) (User: HOMECOMPUTER)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/03/2015 05:20:18 PM) (Source: DCOM) (EventID: 10005) (User: HOMECOMPUTER)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/03/2015 05:10:18 PM) (Source: DCOM) (EventID: 10005) (User: HOMECOMPUTER)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/03/2015 05:00:18 PM) (Source: DCOM) (EventID: 10005) (User: HOMECOMPUTER)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/03/2015 04:50:18 PM) (Source: DCOM) (EventID: 10005) (User: HOMECOMPUTER)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/03/2015 04:40:18 PM) (Source: DCOM) (EventID: 10005) (User: HOMECOMPUTER)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/03/2015 04:30:18 PM) (Source: DCOM) (EventID: 10005) (User: HOMECOMPUTER)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/03/2015 04:20:18 PM) (Source: DCOM) (EventID: 10005) (User: HOMECOMPUTER)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/03/2015 04:10:18 PM) (Source: DCOM) (EventID: 10005) (User: HOMECOMPUTER)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
CodeIntegrity:
===================================
Date: 2015-11-01 13:18:28.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-01 13:18:28.396
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-01 13:14:06.073
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-01 13:14:05.588
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-01 13:09:43.292
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-01 13:09:42.792
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-01 13:07:16.271
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-01 13:07:15.818
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-01 13:05:33.288
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-01 13:05:32.881
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD A4-5000 APU with Radeon HD Graphics
Percentage of memory in use: 44%
Total physical RAM: 3516.92 MB
Available physical RAM: 1965.54 MB
Total Virtual: 4668.92 MB
Available Virtual: 2565.42 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:448.63 GB) (Free:398.14 GB) NTFS
Drive e: (Voyager) (Removable) (Total:15.12 GB) (Free:15.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A96AE5F6)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 15.1 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Please let me know if there is anything additional I can provide and thanks in advance,
Rob