Jump to content

oldtrig

Members
  • Content count

    1,178
  • Joined

  • Last visited

About oldtrig

  • Rank
    Member
  • Birthday 08/22/1947
  • Age 70

Profile Information

  • Gender
    Male
  • Interests
    Computers, welding, old cars , and playing golf when the weather is nice :)
  • OS
    Windows 10
  • Computer specs
    Intel Core i5 6500 - Gigabyte Technology Co. Ltd.
    Model H170-D3HP-CF (U3E1)
    S27D390 on AMD Radeon R7 200 Series Video Card
    Windows 10 Pro 64-bit
    Crucial Solid State Drive Capacity 232 GB
  • Age 70

Profile Fields

  • Country
  • Age 70

Recent Profile Visitors

4,109 profile views
  1. upgrade

    Its been a while since I installed the free upgrade of windows 10 from 7 or 8. I know it was available even after the time expired . I had to help a lady who has a very fast HP but it came with windows 7. It had windows 10 upgrade installed by her. It got in to loop and I got tired of trying to resolve the problem so I just hit the F 11 key on startup and brought it back to factory windows 7 pro. It is running good with 7 pro but from whats I read the updates on 7 will stop in Jan of 2020. Just wondering if anyone has tried to get the windows 10 upgrade in 2018 ? Windows 7 pro is fine but I know she is going to ask me what happened to windows 10. Thanks
  2. VLC media player

    Thanks, worked like a charm. Old laptop complete. Tom
  3. VLC media player

    Is the VLC media player safe to download ? I installed a new solid state hard drive in a friends older laptop ( Dell inspiron 1525 ) and he wants to play movies on it. He bought windows 10 home in Dec of 16 and I put it on there for him. Now the hard drive went south and I talked him into getting the SS 250 crucial HD. I noticed that it will not play a movie. I think others here told me about this software before but wanted to make sure all is good with it. This old Dell with the SS drive runs as good as a new one you buy today. Thanks for any help. :) :) Tom
  4. browser for XP that would stream music

    Broni, I have tried google chrome and Firefox. They both do the same thing. No sound from Pandora, Sirius or Amazon music. Youtube works fine. What am I missing ? Maybe download Safari and try it. Oh well its do big deal. I don't use that old computer that much . I just don't like to be beat :)
  5. browser for XP that would stream music

    I meant I also use Pandora. That was a late night mistake :)
  6. browser for XP that would stream music

    Here is what Sirius tells me Listen Online: The Web Player (available at http://player.siriusxm.com) is compatible with most major browsers and operating systems. For PC — Windows XP SP1 and up, Vista, Windows 7, Windows 8, Windows 10 For Mac — OS X v10.6 Connection Speed — ISDN or higher Browser — Microsoft Edge, Internet Explorer: IE10 and up; Firefox 4.0 and up; Safari 5.0 and up; Chrome 10 and up Flash version — 11.1 and up. I am running XP Pro SP3, Firefox 52.5.3, have the latest Flash and have high speed internet 65 Mbps down 6Mbps up. I also tried google chrome and same thing. Thanks again for any help. Tom
  7. browser for XP that would stream music

    Not sure why Firefox will not play any streaming music like amazon music. I pay for both amazon prime and Sirius music. I can play them on all computers I have except this old XP system ? Yet I can play music from youtube fine. I just would like to know why ? Is it because I am using an outdated operating system ? I also don't use pandora :)
  8. browser for XP that would stream music

    I will and let you know. Thanks Broni :)
  9. I have my old computer I built back in 2007. I have one program that I still use that only runs on windows xp. I used a spare hard drive and loaded my XP Pro on it. When I am working in my basement with the program I like to stream music from Sirius or Pandora . These sites will not work. Pandora gives me a message but Sirius does nothing. It shows it is working but no sound. My sound works fine. I was able to download Firefox version 52.5.3 that works fine but still no sound on streaming. Youtube works great but I like Sirius and I pay for the online streaming. No big deal but I cannot stand it when things don't work like I want. I can use my wireless headsets and stream with my windows 10 system upstaris but I want this one to work. Any tips appreciated. Tom
  10. Not sure I how I posted this from an older post but it sure looks like I did. Age thing :) anyway all is good Broni. :)
  11. [RESOLVED] Dell Laptop

    running perfect Broni ;; THANKS
  12. Farbar Service Scanner Version: 27-01-2016 Ran by grant (administrator) on 25-06-2017 at 15:14:46 Running from "C:\Users\grant\Desktop" Microsoft Windows 10 Pro (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Policy: ======================== Security Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== Other Services: ============== File Check: ======== C:\WINDOWS\system32\nsisvc.dll => File is digitally signed C:\WINDOWS\system32\Drivers\nsiproxy.sys => File is digitally signed C:\WINDOWS\system32\Drivers\afd.sys => File is digitally signed C:\WINDOWS\system32\Drivers\tdx.sys => File is digitally signed C:\WINDOWS\system32\Drivers\tcpip.sys => File is digitally signed C:\WINDOWS\system32\dnsrslvr.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\mpssvc.dll => File is digitally signed C:\WINDOWS\system32\bfe.dll => File is digitally signed C:\WINDOWS\system32\Drivers\mpsdrv.sys => File is digitally signed C:\WINDOWS\system32\SDRSVC.dll => File is digitally signed C:\WINDOWS\system32\vssvc.exe => File is digitally signed C:\WINDOWS\system32\wscsvc.dll => File is digitally signed C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed C:\WINDOWS\system32\wuaueng.dll => File is digitally signed C:\WINDOWS\system32\qmgr.dll => File is digitally signed C:\WINDOWS\system32\es.dll => File is digitally signed C:\WINDOWS\system32\cryptsvc.dll => File is digitally signed C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed C:\WINDOWS\system32\ipnathlp.dll => File is digitally signed C:\WINDOWS\system32\iphlpsvc.dll => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed **** End of log ****
  13. Results of screen317's Security Check version 1.014 --- 12/23/15 x86 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java(TM) 6 Update 22 Java 7 Update 51 Java version 32-bit out of Date! Adobe Flash Player 26.0.0.131 Mozilla Firefox (54.0) Google Chrome (59.0.3071.109) Google Chrome (SetupMetrics...) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamtray.exe Windows Defender MSASCuiL.exe Windows Defender MpCmdRun.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: ````````````````````End of Log``````````````````````
  14. [RESOLVED] Dell Laptop

    Fix result of Farbar Recovery Scan Tool (x86) Version: 25-06-2017 01 Ran by grant (25-06-2017 14:14:58) Run:1 Running from C:\Users\grant\Desktop Loaded Profiles: grant (Available Profiles: grant) Boot Mode: Normal ============================================== fixlist content: ***************** GroupPolicy: Restriction ? <==== ATTENTION BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> c:\Program Files\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll => No File Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll No File U3 aspnet_state; no ImagePath 2013-11-16 13:50 - 2015-06-27 18:18 - 0137592 _____ () C:\Users\grant\AppData\Local\av.log 2015-03-02 21:34 - 2015-03-02 21:46 - 0004608 _____ () C:\Users\grant\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-02-14 13:27 - 2017-06-25 13:12 - 0000000 _____ () C:\Users\grant\AppData\Local\WavXMapDrive.bat 2017-06-24 22:59 - 2016-11-11 02:59 - 1586736 _____ (Microsoft Corporation) C:\Users\grant\AppData\Local\Temp\dllnt_dump.dll Task: {07263212-1D72-4926-8E92-B5BB8CB1BCB6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {12CD152C-F789-42F8-86A8-1856A6BA475A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {80C0F89D-542A-421F-B55B-1857202DA43E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {8B9E1515-CE01-4408-BBC2-8F3EAA1B7B99} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {8D0962F9-A450-403F-A5D5-391BB2575BC3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {91C357D3-E92F-43FB-ADB3-9D61FC90642D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {9B6494E8-2688-4B4D-9EB7-46125EE7429A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {A5139527-9CDB-4A56-8412-A7440864BCE3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {BD600205-0076-4980-B631-9F437D62A590} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {D94E2EAC-0DD5-4941-A11C-F9019BE77F70} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {E17762D4-39BA-42AD-B069-0CA0CDC97BEF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {FB408C90-335D-4AC2-A720-DB4738AD152E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION ***************** C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53} => key removed successfully. HKLM\Software\Classes\CLSID\{1CA1377B-DC1D-4A52-9585-6E06050FAC53} => key removed successfully. HKLM\Software\Classes\PROTOCOLS\Handler\tmpx => key removed successfully. HKLM\Software\Classes\CLSID\{0E526CB5-7446-41D1-A403-19BFE95E8C23} => key removed successfully. HKLM\System\CurrentControlSet\Services\aspnet_state => key removed successfully. aspnet_state => service removed successfully. C:\Users\grant\AppData\Local\WavXMapDrive.bat => moved successfully C:\Users\grant\AppData\Local\Temp\dllnt_dump.dll => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{07263212-1D72-4926-8E92-B5BB8CB1BCB6} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07263212-1D72-4926-8E92-B5BB8CB1BCB6} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12CD152C-F789-42F8-86A8-1856A6BA475A} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12CD152C-F789-42F8-86A8-1856A6BA475A} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80C0F89D-542A-421F-B55B-1857202DA43E} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80C0F89D-542A-421F-B55B-1857202DA43E} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B9E1515-CE01-4408-BBC2-8F3EAA1B7B99} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B9E1515-CE01-4408-BBC2-8F3EAA1B7B99} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D0962F9-A450-403F-A5D5-391BB2575BC3} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D0962F9-A450-403F-A5D5-391BB2575BC3} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B6494E8-2688-4B4D-9EB7-46125EE7429A} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B6494E8-2688-4B4D-9EB7-46125EE7429A} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A5139527-9CDB-4A56-8412-A7440864BCE3} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5139527-9CDB-4A56-8412-A7440864BCE3} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD600205-0076-4980-B631-9F437D62A590} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD600205-0076-4980-B631-9F437D62A590} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D94E2EAC-0DD5-4941-A11C-F9019BE77F70} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D94E2EAC-0DD5-4941-A11C-F9019BE77F70} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB408C90-335D-4AC2-A720-DB4738AD152E} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB408C90-335D-4AC2-A720-DB4738AD152E} => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully. The system needed a reboot. ==== End of Fixlog 14:15:00 ====
  15. [RESOLVED] Dell Laptop

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-06-2017 01 Ran by grant (25-06-2017 13:22:29) Running from C:\Users\grant\Desktop Microsoft Windows 10 Pro Version 1607 (X86) (2016-12-20 15:36:13) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1466395940-1531427780-2725057850-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1466395940-1531427780-2725057850-503 - Limited - Disabled) grant (S-1-5-21-1466395940-1531427780-2725057850-1002 - Administrator - Enabled) => C:\Users\grant Guest (S-1-5-21-1466395940-1531427780-2725057850-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1466395940-1531427780-2725057850-1004 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AccelerometerP11 (HKLM\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.34 - STMicroelectronics) Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{90B7F915-6343-43CE-9DA7-E79E5BAC6673}) (Version: 10.3.1.2 - Apple Inc.) Apple Software Update (HKLM\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) AuthenTec Fingerprint Software (Version: 8.4.4.20 - AuthenTec, Inc.) Hidden BioAPI Framework (Version: 1.0.1 - Dell Inc.) Hidden Bomgar Display Driver (HKLM\...\{E166EA80-47A4-4DFE-B1D5-0EFA517DDDD3}) (Version: 2.0.518 - Bomgar Corporation) Bomgar Representative Console 14.2.3 [remote.sacsinc.com] (HKLM\...\Bomgar Representative Console [remote.sacsinc.com]) (Version: 14.2.3 - Bomgar Corporation) Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.) Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{982E1601-0DFC-4FD3-A427-AC6570697858}) (Version: 12.55.04 - Broadcom Corporation) Charter TV Player (HKLM\...\{fe4e0e1c-6db8-4a70-9272-235cf34aa2c1}) (Version: 5.11 - Charter) Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Comcast Desktop Software (v1.2.0.9) (HKLM\...\{CEF7211D-CE3A-44C4-B321-D84A2099AE94}) (Version: 23 - Comcast) CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Dell Backup and Recovery Manager (HKLM\...\{4688EB75-28E2-4731-9BCB-55E624F7CD45}) (Version: 1.3 - Dell Inc.) Dell Control Point (Version: 1.6.468.86 - Broadcom Corporation) Hidden Dell ControlPoint Security Manager (HKLM\...\{F4487649-7368-4217-AEA3-1E04DB3E2C5C}) (Version: 1.6.468.86 - Dell Inc.) Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc) Dell Embassy Trust Suite by Wave Systems (Version: 03.05.04.002 - Wave Systems Corp) Hidden Dell Security Device Driver Pack (HKLM\...\{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}) (Version: 1.4.055 - Dell Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.402 - Dell) Dell System Detect (HKU\S-1-5-21-1466395940-1531427780-2725057850-1002\...\d24084d039586cae) (Version: 8.5.0.4 - Dell) Dell System Manager (HKLM\...\{C8B8C745-D288-41B4-9512-01E397F77449}) (Version: 1.5.00000 - Dell Inc.) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.) Desktop Doctor (HKLM\...\{D87149B3-7A1D-4548-9CBF-032B791E5908}) (Version: 2.5.5 - Comcast) DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden Document Manager Lite (Version: 06.09.00.159 - Wave Systems Corp.) Hidden DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.) EMBASSY Security Center (Version: 04.00.00.101 - Wave Systems Corp) Hidden EMBASSY Security Setup (Version: 04.00.00.090 - Wave Systems Corp) Hidden ESC Home Page Plugin (Version: 04.00.00.018 - Wave Systems Corp) Hidden Full Tilt Poker (HKLM\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 5.26.2.WIN.FullTilt.COM - ) Gemalto (Version: 01.01.00.0000 - Wave Systems Corp) Hidden Google Chrome (HKLM\...\Google Chrome) (Version: 59.0.3071.109 - Google Inc.) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden Intel Security True Key (HKLM\...\TrueKey) (Version: 4.18.110.1 - Intel Security) Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation) iTunes (HKLM\...\{2F95FFC4-8624-43AB-8256-AA223555C9B7}) (Version: 12.6.0.100 - Apple Inc.) Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java(TM) 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle) Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1466395940-1531427780-2725057850-1002\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation) Microsoft ReportViewer 2010 SP1 Redistributable (KB2549864) (HKLM\...\{1282C0BC-3B22-33D4-B72E-62922415DDCA}) (Version: 10.0.40220 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 ENU (HKLM\...\{2F141715-E144-48C0-8562-D193B7AB85BC}) (Version: 4.0.8482.1 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Monogram Wizard Plus V2.5 R15v (HKLM\...\{BD43BF87-2BED-4D95-8187-3E54A05FCAD3}) (Version: 2.05.0013 - needleheads) Mozilla Firefox 54.0 (x86 en-US) (HKLM\...\Mozilla Firefox 54.0 (x86 en-US)) (Version: 54.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NirSoft ProduKey (HKLM\...\NirSoft ProduKey) (Version: - ) NTRU TCG Software Stack (Version: 2.1.29 - NTRU Cryptosystems) Hidden O2Micro OZ776 SCR Driver (HKLM\...\InstallShield_{95EF5536-580A-4E57-8EF3-B6ACBFBFAF96}) (Version: 1.1.4.209GS - O2Micro) O2Micro OZ776 SCR Driver (Version: 1.1.4.209GS - O2Micro) Hidden PhotoShowExpress (Version: 2.0.028 - Sonic Solutions) Hidden Preboot Manager (Version: 03.00.00.154 - Wave Systems Corp.) Hidden Private Information Manager (Version: 06.04.00.065 - Wave Systems Corp.) Hidden RogueKiller version 12.11.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.3.0 - Adlice Software) Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio) ScreenConnect Client (4d974ed2ea81fb52) (HKLM\...\{2C4C512D-8538-461F-883E-5F838D81E212}) (Version: 6.1.12292.6236 - ScreenConnect Software) Security Wizards (Version: 01.07.00.026 - Your Company Name) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden The Weather Channel App (HKLM\...\{167158CE-1637-4167-8A1C-C2549EEA966A}) (Version: 1.00.0000 - The Weather Channel) Trusted Drive Manager (Version: 3.3.3.104 - Wave Systems Corp.) Hidden UPEK TouchChip Fingerprint Reader (Version: 1.2.0 - Dell Inc.) Hidden Wave Infrastructure Installer (Version: 07.01.31.0000 - Wave Systems Corp) Hidden Wave Support Software (Version: 05.10.00.073 - Wave Systems Corp) Hidden Weather Message Net (HKLM\...\Weather Message Net) (Version: 3.9.1 - Weather Message Software LLC) Weather Message Net Update (HKLM\...\Weather Message Net Update) (Version: 4.0 - Weather Message Software LLC) WeatherWarn (HKLM\...\WeatherWarn) (Version: 3.9 - Weather Message Software LLC) Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/13/2009 8.4.2.0) (HKLM\...\D3F88C3864C8C031A7C5D5E63A76571EC1B047DF) (Version: 05/13/2009 8.4.2.0 - AuthenTec Inc.) Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1466395940-1531427780-2725057850-1002_Classes\CLSID\{4EA6BBD4-E775-4b7e-80FD-3651749850B0}\localserver32 -> C:\Users\grant\AppData\Local\Charter\Charter TV Player\CaptureServer.exe (Cisco) CustomCLSID: HKU\S-1-5-21-1466395940-1531427780-2725057850-1002_Classes\CLSID\{A8152EA9-8603-4217-9B22-06E801AE1D9C}\localserver32 -> C:\Users\grant\AppData\Local\Charter\Charter TV Player\PCShowServerPMWrapper.exe (Cisco) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {07263212-1D72-4926-8E92-B5BB8CB1BCB6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {0CDE26F7-8A7A-4A07-B918-5A6056E9A3AA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {12CD152C-F789-42F8-86A8-1856A6BA475A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {13153F04-7900-4340-A0E4-8C980ECFE952} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {17BA7366-C26C-4354-87EA-5FAA92F5AA6E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {275CE079-C7D6-44E9-9AC5-3F6C2DE022CD} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3DD530C0-62A5-4F3B-A28A-39A0E8C68278} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {42203CEE-C88E-44C5-8432-75134446D04B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {43829B0D-118A-49B5-8EA7-ACC38E475B97} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {459FDA0D-E97D-47EA-98BB-7EB169A8E7B8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {51D01B51-D7E4-4FE9-A1B2-297017B02835} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {55F370F3-74BE-4DEC-805D-6A3AFC298BFC} - System32\Tasks\{E427B050-407E-4248-8181-158819BB262E} => pcalua.exe -a "C:\Program Files\ComcastUI\Desktop Software\bin\kui.exe" -d "C:\Program Files\ComcastUI\Desktop Software\bin\" Task: {5CAC7907-7904-498A-B9D9-8745E8A33478} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {64D799E1-35DC-4667-8493-BE6A577E84E3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {684414C8-2A1A-44E7-B35B-BB4D1897AA1A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {6D1D40BB-3879-41E3-ABCC-1EAA85BB5BDB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {785EF1C1-9109-4A93-B6C9-4C42109C0325} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.) Task: {80C0F89D-542A-421F-B55B-1857202DA43E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {83C3D901-D829-445B-A4FB-5C3780AE0BE8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {8B9E1515-CE01-4408-BBC2-8F3EAA1B7B99} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {8C4331E0-057D-4115-A70F-7E5388911920} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8D0962F9-A450-403F-A5D5-391BB2575BC3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {91C357D3-E92F-43FB-ADB3-9D61FC90642D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {99663379-A828-4D00-ADB3-BBC5EC19674D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9B6494E8-2688-4B4D-9EB7-46125EE7429A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {9BC2B665-C594-47C2-9B5D-AFD95DFDCD69} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {9EE9514C-DCCE-494C-8BEE-2EAA82CC5272} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {A43B4CF7-6F20-479F-B129-B818EBACE636} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {A5139527-9CDB-4A56-8412-A7440864BCE3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {A9E3A937-859E-478E-A4FF-6BFB21300D6B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {B8BF3325-2E14-47E2-91F5-69B297F9AFC4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BD600205-0076-4980-B631-9F437D62A590} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {CADDA745-FD80-40B4-8175-2D10055F0D41} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {CF639DFF-748C-4023-A688-70DC321B9965} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {D190F0D7-4A34-4A0F-965E-31CD2A31AD50} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-24] (Adobe Systems Incorporated) Task: {D94E2EAC-0DD5-4941-A11C-F9019BE77F70} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {E17762D4-39BA-42AD-B069-0CA0CDC97BEF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {E8AC7A24-D72B-4DDC-9663-C2DA54C0A157} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {EC1CAE89-A521-4409-AD93-3FFEF045DC38} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {F0372DFD-387B-452C-920E-DE8ADD359F2B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FB408C90-335D-4AC2-A720-DB4738AD152E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 03:25 - 2016-07-16 03:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-05-10 06:04 - 2017-04-27 19:56 - 02048488 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-03-16 16:09 - 2017-03-16 16:09 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-03-16 16:09 - 2017-03-16 16:09 - 01041720 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-06-25 12:49 - 2017-05-25 14:11 - 01728968 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2010-01-19 13:44 - 2010-01-19 13:44 - 00249856 _____ () C:\WINDOWS\SYSTEM32\wxvault.dll 2017-03-15 10:58 - 2017-03-04 01:04 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-15 10:58 - 2017-03-04 00:58 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-12-20 11:47 - 2016-12-20 11:47 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-05-10 06:03 - 2017-04-27 18:52 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-05-10 06:03 - 2017-04-27 18:52 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-05-10 06:03 - 2017-04-27 18:55 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-06-24 22:20 - 2017-06-24 22:22 - 00064512 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x86__kzf8qxf38zg5c\SkypeHost.exe 2017-06-24 22:20 - 2017-06-24 22:22 - 00170496 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-06-24 22:20 - 2017-06-24 22:22 - 31268864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x86__kzf8qxf38zg5c\SkyWrap.dll 2017-06-24 22:20 - 2017-06-24 22:22 - 01722880 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x86__kzf8qxf38zg5c\skypert.dll 2016-07-16 03:25 - 2016-07-16 03:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-15 11:00 - 2017-03-04 01:24 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:04 - 2017-06-24 22:44 - 00000840 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1466395940-1531427780-2725057850-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 71.10.216.2 - 71.10.216.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bomgar Representative Console [remote.sacsinc.com].lnk => C:\Windows\pss\Bomgar Representative Console [remote.sacsinc.com].lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" MSCONFIG\startupreg: WeatherWarn => C:\Program Files\WxMesgNet\WeatherWarn.exe HKLM\...\StartupApproved\Run: => "USCService" HKU\S-1-5-21-1466395940-1531427780-2725057850-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1466395940-1531427780-2725057850-1002\...\StartupApproved\Run: => "msnmsgr" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{ABCCCF4B-B89E-4036-AB1A-EAD32A448751}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{AA913CDD-2F1D-40DE-8F38-1D34AE7F1C62}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{0D516752-5BB4-4939-87E9-ADF10FF38802}C:\users\grant\desktop\wxmesgtest\weatherwarnserver.exe] => (Allow) C:\users\grant\desktop\wxmesgtest\weatherwarnserver.exe FirewallRules: [TCP Query User{E1621F3A-E41F-4C7D-89A8-A0FEE9AD7C4F}C:\users\grant\desktop\wxmesgtest\weatherwarnserver.exe] => (Allow) C:\users\grant\desktop\wxmesgtest\weatherwarnserver.exe FirewallRules: [UDP Query User{C9904884-D1F4-4D51-A7E7-F1EB9F336DE5}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe FirewallRules: [TCP Query User{A7959D19-0715-4BC5-97A3-7A4476F3BDAD}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe FirewallRules: [UDP Query User{104C8E44-E6D2-4CBF-8AEA-B2BBDB28FB42}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [TCP Query User{58BC73B0-E6B0-4BA0-9817-619DE8A5685C}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [UDP Query User{9911AA26-595D-4D76-85BD-E6616E61B578}C:\program files\wxmesgnet\wxemwin.exe] => (Allow) C:\program files\wxmesgnet\wxemwin.exe FirewallRules: [TCP Query User{9E2368B7-9510-410A-BBA1-B375DDE39D57}C:\program files\wxmesgnet\wxemwin.exe] => (Allow) C:\program files\wxmesgnet\wxemwin.exe FirewallRules: [UDP Query User{344C054A-C0FD-4EFE-8094-10EE147F54F2}C:\program files\wxmesgnet\wxmesgserver.exe] => (Allow) C:\program files\wxmesgnet\wxmesgserver.exe FirewallRules: [TCP Query User{7979E846-32E4-4CEA-8B5A-1FA8D3B4E315}C:\program files\wxmesgnet\wxmesgserver.exe] => (Allow) C:\program files\wxmesgnet\wxmesgserver.exe FirewallRules: [UDP Query User{46E67AD5-F4EE-4699-9A56-10133A056C75}C:\program files\wxmesgnet\wxemwin.exe] => (Allow) C:\program files\wxmesgnet\wxemwin.exe FirewallRules: [TCP Query User{4C705742-E44D-4A48-B2F5-E7FCCFD790B9}C:\program files\wxmesgnet\wxemwin.exe] => (Allow) C:\program files\wxmesgnet\wxemwin.exe FirewallRules: [UDP Query User{ADCD5EF4-9DFD-42E0-859C-503BE9CA5208}C:\program files\wxmesgnet\wxmesgserver.exe] => (Allow) C:\program files\wxmesgnet\wxmesgserver.exe FirewallRules: [TCP Query User{321B1D18-1735-4F45-8C1B-A49E7E005CC9}C:\program files\wxmesgnet\wxmesgserver.exe] => (Allow) C:\program files\wxmesgnet\wxmesgserver.exe FirewallRules: [{4857F988-7C3B-48EE-B5A9-EFA0B1966DB5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{506B6B61-55B0-4C92-BFA9-FDF14D951A76}] => (Allow) LPort=61117 FirewallRules: [{8EB80D6C-800C-42C9-B0BF-A01DA97D703C}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe FirewallRules: [{CDED2A29-4F93-48C5-95AF-43CD977FD759}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{08FEB38A-2E2D-44E0-86C1-9BB6FC0A7181}] => (Allow) LPort=1900 FirewallRules: [{CF22DC10-22B0-42F3-9E37-B5CF11835C66}] => (Allow) LPort=2869 FirewallRules: [{3B928051-E670-41D3-AE89-769B7E53A938}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{1A761EEC-3194-4E95-AD5B-7B531C0942F0}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.EXE FirewallRules: [{9C360F62-984D-4426-8739-B4648D1145D2}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe FirewallRules: [{AFFBCCD6-1A04-4060-B6CD-616AC937742E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{ED79ED30-524F-4506-8391-3654FE7F07F6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{5086BC1B-3E83-4C87-94A9-BF2D314407E7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2559BCD0-4F4F-4D0E-9920-60FE37BF98D1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{632F7895-A080-4BFD-B637-2F19FB7927F8}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{6D1277DF-77F0-4C29-84A1-7DEA5A789542}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 11-05-2017 21:10:13 Installed iTunes 24-06-2017 22:52:17 before cleanup 25-06-2017 00:03:22 JRT Pre-Junkware Removal 25-06-2017 07:22:15 before driver updates 25-06-2017 09:52:00 before product key program 25-06-2017 13:14:39 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= Name: Optiarc DVD+-RW AD-7717H Description: CD-ROM Drive Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard CD-ROM drives) Service: cdrom Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Intel(R) 5 Series/3400 Series Chipset Family PCI Express Root Port 3 - 3B46 Description: Intel(R) 5 Series/3400 Series Chipset Family PCI Express Root Port 3 - 3B46 Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: pci Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/25/2017 01:14:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (06/25/2017 01:12:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: sttray.exe, version: 1.0.6286.0, time stamp: 0x4bf63f9a Faulting module name: sttray.exe, version: 1.0.6286.0, time stamp: 0x4bf63f9a Exception code: 0xc0000005 Fault offset: 0x000077eb Faulting process id: 0x1a38 Faulting application start time: 0x01d2edde8cf015c7 Faulting application path: C:\Program Files\IDT\WDM\sttray.exe Faulting module path: C:\Program Files\IDT\WDM\sttray.exe Report Id: acee98a5-6ec2-4492-83dc-4ee22e5c5724 Faulting package full name: Faulting package-relative application ID: Error: (06/25/2017 01:10:45 PM) (Source: STacSV) (EventID: 32767) (User: NT AUTHORITY) Description: Connection to the Storage interface failed Error: (06/25/2017 01:09:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DARK-PC) Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (06/25/2017 01:09:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DARK-PC) Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (06/25/2017 01:00:06 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "c:\program files\fingerprint sensor\drivers\DPInst64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (06/25/2017 12:13:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: sttray.exe, version: 1.0.6286.0, time stamp: 0x4bf63f9a Faulting module name: sttray.exe, version: 1.0.6286.0, time stamp: 0x4bf63f9a Exception code: 0xc0000005 Fault offset: 0x000077eb Faulting process id: 0x1104 Faulting application start time: 0x01d2edd661d5aa84 Faulting application path: C:\Program Files\IDT\WDM\sttray.exe Faulting module path: C:\Program Files\IDT\WDM\sttray.exe Report Id: c79958fe-d323-451a-a796-7aebba2210c6 Faulting package full name: Faulting package-relative application ID: Error: (06/25/2017 11:40:11 AM) (Source: STacSV) (EventID: 32767) (User: NT AUTHORITY) Description: Connection to the Storage interface failed Error: (06/25/2017 10:24:20 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "c:\program files\fingerprint sensor\drivers\DPInst64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (06/25/2017 10:13:15 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "c:\program files\fingerprint sensor\drivers\DPInst64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (06/25/2017 01:11:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (06/25/2017 01:10:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The risdpcie service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Error: (06/25/2017 01:10:46 PM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: The tcsd_win32.exe service depends on the following service: TBS. This service might not be installed. Error: (06/25/2017 01:10:44 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY) Description: The password notification DLL "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898. Error: (06/25/2017 01:09:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\System32\bcmihvsrv.dll Error: (06/25/2017 01:09:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\System32\bcmihvsrv.dll Error: (06/25/2017 01:09:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\System32\bcmihvsrv.dll Error: (06/25/2017 01:09:46 PM) (Source: DCOM) (EventID: 10010) (User: DARK-PC) Description: The server Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout. Error: (06/25/2017 01:09:46 PM) (Source: DCOM) (EventID: 10010) (User: DARK-PC) Description: The server Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout. Error: (06/25/2017 01:09:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The osppsvc service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2017-06-25 10:30:59.715 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-06-24 15:56:57.291 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-11 10:43:06.574 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-10 10:52:07.001 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-09 10:43:07.783 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-09 04:53:35.759 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-08 04:54:33.406 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-06 10:43:05.651 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-05 10:44:05.522 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-04 10:43:03.599 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz Percentage of memory in use: 51% Total physical RAM: 2933.85 MB Available physical RAM: 1412.55 MB Total Virtual: 5877.85 MB Available Virtual: 4147.57 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:220.7 GB) (Free:125.99 GB) NTFS Drive d: (USB DRIVE) (Removable) (Total:14.44 GB) (Free:13.7 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 77E3ED41) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=12.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=220.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.5 GB) (Disk ID: 235DFDDE) Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0C) ==================== End of Addition.txt ============================
×