TechSpot

Need help with HJT log

By user124
Sep 29, 2015
  1. Hey everyone,

    I believe I have a Trojan horse infection on my computer, and I had begun removing some of the culprit files on registry that was identified by AVG. I ran the HiJackThis program and attached the log. There is probably some residual infection on my system, so if anyone could take a look at my logs and provide feedback, that would be awesome.

    PS. I had 2 Chrome windows open with a bunch of tabs, so that should explain the Chrome processes running..

    Thanks everyone for the help!
     

    Attached Files:

  2. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Welcome aboard [​IMG]

    HJT is a very outdated tool and it's not longer used.
    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
     
  3. user124

    user124 TS Rookie Topic Starter Posts: 23

    Ok, sorry for not noticing how old that guidance was! :oops:

    Below is Part 1 of 2 of the FRST log:
    (The Addition log will come in a following post)


    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
    Ran by Calvin (administrator) on CALVIN-VAIO (29-09-2015 21:52:25)
    Running from C:\Users\Calvin\Desktop
    Loaded Profiles: Calvin (Available Profiles: Calvin)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 10 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Windows\System32\wisptis.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
    (National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
    () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
    (Expansion Programs International, Inc.) C:\SIMULIA\Documentation\monitor.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    (Expansion Programs International, Inc.) C:\SIMULIA\Documentation\monitor.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    (National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
    (National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\loggingserver.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    (Microsoft Corporation) C:\Windows\System32\wisptis.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
    (National Instruments) C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe
    (Google Inc.) C:\Program Files\Google\Google Pinyin 2\GooglePinyinDaemon.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
    () C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe
    (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Spotify Ltd) C:\Users\Calvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    () C:\Program Files (x86)\AVG Secure Search\vprot.exe
    (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    () C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
    (Dropbox, Inc.) C:\Users\Calvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    () C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    () C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\PresentationHost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\msiexec.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\msiexec.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    () C:\Program Files\Google\Google Pinyin 2\GooglePinyinService.exe
    (Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Farbar) C:\Users\Calvin\Desktop\Alpacasso.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-23] (Realtek Semiconductor)
    HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-23] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [16335392 2009-07-27] (NVIDIA Corporation)
    HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
    HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [79872 2009-08-26] (Sony Electronics Corporation)
    HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99624 2009-07-27] (Sony Corporation)
    HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598912 2015-05-19] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2567568 2015-09-14] ()
    HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
    HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-16] (RealNetworks, Inc.)
    Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [78184 2009-07-21] (Sony Corporation)
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Run: [EPSON Stylus CX7400 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDA.EXE [209408 2007-02-15] (SEIKO EPSON CORPORATION)
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Run: [Google Update] => C:\Users\Calvin\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Run: [Spotify Web Helper] => C:\Users\Calvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-17] (Spotify Ltd)
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Run: [NIRegistrationWizard] => C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [847000 2013-04-19] ()
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Run: [Dropbox Update] => C:\Users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Policies\Explorer: [HideSCAHealth] 1
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\MountPoints2: {9a021152-1ea5-11df-a313-0026436f2439} - H:\Windows\CHECK\DriveNavigator.exe
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\MountPoints2: {f1246696-2dcf-11e1-b977-0026436f2439} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\drivers\setup.exe
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2009-08-19]
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2015-01-15]
    ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Fast Start.lnk [2015-01-25]
    ShortcutTarget: SolidWorks 2014 Fast Start.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
    Startup: C:\Users\Calvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-12]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    ProxyServer: [S-1-5-21-3178901641-3325030848-3832911895-1000] => 185.28.193.95:8080
    Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512 2014-06-06] (National Instruments Corporation)
    Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560 2014-06-06] (National Instruments Corporation)
    Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2
    Tcpip\..\Interfaces\{B0E160BF-9299-42C3-A389-0FC1DC72135E}: [DhcpNameServer] 71.10.216.1 71.10.216.2
    Tcpip\..\Interfaces\{E1DE6791-1BA0-4DD5-8AC2-8C10486FF114}: [DhcpNameServer] 71.9.127.107 68.190.192.35 24.205.224.36

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    SearchScopes: HKLM-x32 -> {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us&tb_uuid=20110604071231013&tb_oid=13-12-2009&tb_mrud=04-06-2011
    SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
    SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
    BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
    BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-09-03] (Google Inc.)
    BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.7725.1624\swg64.dll [2012-08-07] (Google Inc.)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-12-23] (Sun Microsystems, Inc.)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
    BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
    BHO-x32: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
    BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
    BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04] (Oracle Corporation)
    BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
    BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.8.0.209\AVG Secure Search_toolbar.dll [2015-09-14] (AVG Secure Search)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-03] (Google Inc.)
    BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7725.1624\swg.dll [2012-08-07] (Google Inc.)
    BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-03] (Google Inc.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04] (Oracle Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-09-03] (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-03] (Google Inc.)
    Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.8.0.209\AVG Secure Search_toolbar.dll [2015-09-14] (AVG Secure Search)
    Toolbar: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-09-03] (Google Inc.)
    DPF: HKLM-x32 {02CF1781-EA91-4FA5-A200-646E8241987C} hxxp://esupport.sony.com/VaioInfo.CAB
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
    Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
    Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
    Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
    Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.8.0\ViProtocol.dll [2015-08-17] (AVG Secure Search)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Calvin\AppData\Roaming\Mozilla\Firefox\Profiles\bduz2gzv.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
    FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-12-23] (Sun Microsystems, Inc.)
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [No File]
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.8.0\\npsitesafety.dll [No File]
    FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-04-04] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
    FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-09-16] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-09-16] (RealPlayer)
    FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
    FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4092550\npmathplugin.dll [2013-02-07] (Wolfram Research, Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3178901641-3325030848-3832911895-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Calvin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-3178901641-3325030848-3832911895-1000: @talk.google.com/O1DPlugin -> C:\Users\Calvin\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-3178901641-3325030848-3832911895-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3178901641-3325030848-3832911895-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3178901641-3325030848-3832911895-1000: iloen.com/MelOnWebLinker -> C:\Windows\system32\npMelOnWebLinker.dll No File
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll [2014-05-13] (National Instruments)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2013win32.dll [2014-04-02] (National Instruments)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2014win32.dll [2014-06-25] (National Instruments)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2013-09-16] (RealNetworks, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2013-09-16] (RealPlayer)
    FF Plugin ProgramFiles/Appdata: C:\Users\Calvin\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Calvin\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-09-14]
    FF Extension: LeechBlock - C:\Users\Calvin\AppData\Roaming\Mozilla\Firefox\Profiles\bduz2gzv.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2015-02-03]
    FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4
    FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4 [2011-10-21]
    FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.8.0.209
    FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.8.0.209 [2015-09-14]
    FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-16]
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack
    FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack [2012-05-13]

    Chrome:
    =======
    CHR Plugin: (Shockwave Flash) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll => No File
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => No File
    CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll => No File
    CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll => No File
    CHR Plugin: (Google Talk Plugin) - C:\Users\Calvin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Calvin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => No File
    CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Calvin\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll (AVG Technologies)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
    CHR Plugin: (INICIS INIpay Plugin) - C:\Program Files (x86)\INICIS61\plugins\npINIwallet61.dll => No File
    CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Calvin\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll => No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll => No File
    CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
    CHR Plugin: (MelOnWebLinker) - C:\Windows\system32\npMelOnWebLinker.dll => No File
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
    CHR Profile: C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-24]
    CHR Extension: (Google Drive) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-24]
    CHR Extension: (YouTube) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-24]
    CHR Extension: (Google Search) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-24]
    CHR Extension: (Google Docs Offline) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-12]
    CHR Extension: (AdBlock) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-03]
    CHR Extension: (StayFocusd) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2014-08-05]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
    CHR Extension: (Creately - Diagrams & Collaboration) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehmcgkakgfcibfkeofncglipefjcfnn [2015-08-18]
    CHR Extension: (AVG Security Toolbar) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-05-24]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
    CHR Extension: (Gmail) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-24]
    CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
    CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx [2012-07-26]
    CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Program Files (x86)\AVG\AVG2012\Chrome\donottrack.crx [2015-05-19]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5176832 2015-05-19] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [198616 2015-05-19] (AVG Technologies CZ, s.r.o.)
    R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2014-01-14] (National Instruments, Inc.)
    R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [53032 2014-06-09] (National Instruments Corporation)
    R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [63280 2014-06-09] (National Instruments Corporation)
    R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [84280 2014-06-07] (National Instruments Corporation)
    R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57184 2014-06-10] (National Instruments Corporation)
    S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [80736 2014-06-10] (National Instruments Corporation)
    R2 niauth; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [569152 2014-06-20] (National Instruments Corporation)
    R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [394544 2014-06-09] (National Instruments Corporation)
    S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
    R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [320368 2014-06-06] (National Instruments Corporation)
    R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [177536 2014-06-20] (National Instruments Corporation)
    R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [89928 2014-06-06] (National Instruments Corporation)
    R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57168 2014-06-10] (National Instruments Corporation)
    R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [692040 2014-06-10] (National Instruments Corporation)
    R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
    S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
    S3 SampleCollector; C:\Program Files\Sony\VAIO Care\collsvc.exe [167424 2009-09-16] (Intel Corporation) [File not signed]
    R2 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-07-27] (Sony Corporation)
    R2 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-07-27] (Sony Corporation)
    S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-01-25] (SolidWorks) [File not signed]
    R2 Texis Monitor; C:\SIMULIA\Documentation\monitor.exe [4493312 2013-01-17] (Expansion Programs International, Inc.) [File not signed]
    S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-07-23] (Sony Corporation) [File not signed]
    R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642920 2009-07-22] (Sony Corporation)
    R3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-07-23] (Sony Corporation)
    S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
    R2 vToolbarUpdater18.8.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe [1861520 2015-08-17] (AVG Secure Search)
    R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-07-23] (Sony Corporation) [File not signed]
    S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
    S2 MSCamSvc; "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" [X]
    S3 Remote Solver for Flow Simulation 2011; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [X]
     
  4. user124

    user124 TS Rookie Topic Starter Posts: 23

    Part 2 of 2 of the FRST log:


    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-18] ()
    U5 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-18] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-18] ()
    U5 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-18] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-18] ()
    R3 AVerAVF2; C:\Windows\System32\DRIVERS\AVerAVF2.sys [1019776 2009-08-07] (AVerMedia TECHNOLOGIES, Inc.)
    S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127752 2015-05-19] (AVG Technologies CZ, s.r.o. )
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28936 2015-05-19] (AVG Technologies CZ, s.r.o. )
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307464 2015-05-19] (AVG Technologies CZ, s.r.o.)
    R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [49928 2015-05-19] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [39176 2015-05-19] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384776 2015-05-19] (AVG Technologies CZ, s.r.o.)
    S3 copperhd; C:\Windows\System32\drivers\copperhd.sys [13824 2006-05-24] (Razer (Asia-Pacific) Pte Ltd)
    S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
    S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
    R3 NW1950; C:\Windows\System32\DRIVERS\NW1950.sys [25064 2009-08-16] ()
    S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74240 2011-02-16] (Research In Motion Limited)
    R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
    S3 savt; C:\Windows\System32\DRIVERS\savt.sys [4218368 2009-06-30] (Sony Corporation)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-08-16] () [File not signed]
    S4 AVGIDSFilter; system32\DRIVERS\avgidsfiltera.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2099-12-00 39840:810 - 2010-02-15 21:23 - 00001744 ____H C:\ProgramData\sasihipa
    2015-09-29 21:52 - 2015-09-29 22:04 - 00045255 _____ C:\Users\Calvin\Desktop\FRST.txt
    2015-09-29 21:46 - 2015-09-29 21:46 - 00003216 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3178901641-3325030848-3832911895-1000
    2015-09-29 21:45 - 2015-09-29 21:45 - 00003348 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3178901641-3325030848-3832911895-1000
    2015-09-29 20:57 - 2015-09-29 20:57 - 02192384 _____ (Farbar) C:\Users\Calvin\Downloads\FRST64 (1).exe
    2015-09-29 20:57 - 2015-09-29 20:57 - 02192384 _____ (Farbar) C:\Users\Calvin\Desktop\Alpacasso.exe
    2015-09-29 20:42 - 2015-09-29 21:53 - 00000000 ____D C:\FRST
    2015-09-29 20:41 - 2015-09-29 20:41 - 02192384 _____ (Farbar) C:\Users\Calvin\Downloads\FRST64.exe
    2015-09-29 17:52 - 2015-09-29 17:53 - 00388608 _____ (Trend Micro Inc.) C:\Users\Calvin\Downloads\Crusty.exe
    2015-09-17 20:24 - 2015-09-17 20:25 - 00000000 ___HD C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
    2015-09-15 18:34 - 2015-09-15 18:34 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-09-09 15:45 - 2015-09-09 15:45 - 00012364 _____ C:\Users\Calvin\Downloads\Calvin Chau Time Sheet 09-04-15.xlsx
    2015-09-09 10:59 - 2015-09-09 16:48 - 04880000 _____ C:\Users\Calvin\Desktop\Calvin's Files.zip
    2015-09-09 10:59 - 2015-09-09 10:59 - 20055885 _____ C:\Users\Calvin\Downloads\Calvin's Files 2.zip
    2015-09-09 10:59 - 2015-09-09 10:59 - 04875837 _____ C:\Users\Calvin\Downloads\Calvin's Files.zip
    2015-09-09 10:14 - 2015-08-05 10:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2015-09-09 10:14 - 2015-08-05 10:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-09-09 10:14 - 2015-08-05 10:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-09-09 10:14 - 2015-08-05 10:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
    2015-09-09 10:14 - 2015-07-22 17:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-09-09 10:14 - 2015-07-22 17:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-09-09 10:14 - 2015-07-22 17:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-09-09 10:14 - 2015-07-22 17:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-09-09 10:14 - 2015-07-22 17:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2015-09-09 10:14 - 2015-07-22 17:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-09-09 10:14 - 2015-07-22 17:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2015-09-09 10:14 - 2015-07-22 17:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-09-09 10:14 - 2015-07-22 17:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-09-09 10:14 - 2015-07-22 17:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-09-09 10:14 - 2015-07-22 17:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2015-09-09 10:14 - 2015-07-22 17:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2015-09-09 10:14 - 2015-07-22 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-09-09 10:14 - 2015-07-22 17:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-09-09 10:14 - 2015-07-22 16:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 10:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-09-09 10:14 - 2015-07-22 10:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-09-09 10:14 - 2015-07-22 10:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-09-09 10:14 - 2015-07-22 10:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2015-09-09 10:14 - 2015-07-22 10:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2015-09-09 10:14 - 2015-07-22 10:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2015-09-09 10:14 - 2015-07-22 10:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2015-09-09 10:14 - 2015-07-22 10:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-09-09 10:14 - 2015-07-22 10:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-09-09 10:14 - 2015-07-22 10:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2015-09-09 10:14 - 2015-07-22 10:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2015-09-09 10:14 - 2015-07-22 10:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 10:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 09:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-09-09 10:14 - 2015-07-22 09:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2015-09-09 10:14 - 2015-07-22 09:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2015-09-09 10:14 - 2015-07-22 09:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2015-09-09 10:14 - 2015-07-22 09:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-22 09:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2015-09-09 10:14 - 2015-07-14 20:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2015-09-09 10:14 - 2015-07-14 19:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2015-09-09 10:14 - 2015-07-09 10:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2015-09-09 10:14 - 2015-07-09 10:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
    2015-09-09 10:14 - 2015-07-09 10:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2015-09-09 10:14 - 2015-07-09 10:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
    2015-09-09 10:13 - 2015-07-22 16:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-09-09 10:13 - 2015-07-22 16:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 16:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 16:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-09-09 10:13 - 2015-07-22 10:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-09-09 10:13 - 2015-07-22 10:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 10:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 09:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2015-09-09 10:13 - 2015-07-22 09:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2015-09-09 10:13 - 2015-07-22 09:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2015-09-09 10:13 - 2015-07-22 09:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-09-09 10:12 - 2015-08-27 11:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2015-09-09 10:12 - 2015-08-27 11:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2015-09-09 10:12 - 2015-08-27 11:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
    2015-09-09 10:12 - 2015-08-27 11:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2015-09-09 10:12 - 2015-08-27 10:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2015-09-09 10:12 - 2015-08-27 10:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2015-09-09 10:12 - 2015-08-27 10:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
    2015-09-09 10:12 - 2015-08-27 10:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2015-09-09 10:12 - 2015-08-04 11:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2015-09-09 10:12 - 2015-08-04 11:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2015-09-09 10:12 - 2015-08-04 10:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2015-09-09 10:12 - 2015-08-04 10:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2015-09-09 10:12 - 2015-08-04 10:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2015-09-09 10:12 - 2015-08-04 10:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2015-09-09 10:12 - 2015-08-04 10:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2015-09-09 10:12 - 2015-08-04 10:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2015-09-09 10:12 - 2015-08-04 09:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2015-09-09 10:12 - 2015-06-25 03:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2015-09-09 10:12 - 2015-06-25 03:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2015-09-09 10:12 - 2015-06-25 03:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2015-09-09 10:12 - 2015-06-25 02:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2015-09-09 10:11 - 2015-09-01 20:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2015-09-09 10:11 - 2015-09-01 20:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2015-09-09 10:11 - 2015-09-01 20:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2015-09-09 10:11 - 2015-09-01 20:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2015-09-09 10:11 - 2015-09-01 19:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2015-09-09 10:11 - 2015-09-01 19:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2015-09-09 10:11 - 2015-09-01 19:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2015-09-09 10:11 - 2015-09-01 19:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2015-09-09 10:11 - 2015-09-01 18:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-09-09 10:11 - 2015-09-01 18:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2015-09-09 10:11 - 2015-09-01 18:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2015-09-09 10:11 - 2015-08-22 07:40 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-09-09 10:11 - 2015-08-22 07:40 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-09-09 10:11 - 2015-08-22 07:40 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-09-09 10:11 - 2015-08-22 07:40 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-09-09 10:11 - 2015-08-22 07:40 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-09-09 10:11 - 2015-08-22 07:40 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-09-09 10:11 - 2015-08-22 07:40 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-09-09 10:11 - 2015-08-22 07:40 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-09-09 10:11 - 2015-08-22 07:40 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-09-09 10:11 - 2015-08-22 07:40 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-09-09 10:11 - 2015-08-22 07:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-09-09 10:11 - 2015-08-22 07:40 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2015-09-09 10:11 - 2015-08-22 06:51 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-09-09 10:11 - 2015-08-22 06:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-09-09 10:11 - 2015-08-22 06:51 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-09-09 10:11 - 2015-08-22 06:50 - 19291648 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-09-09 10:11 - 2015-08-22 06:50 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-09-09 10:11 - 2015-08-22 06:50 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-09-09 10:11 - 2015-08-22 06:50 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-09-09 10:11 - 2015-08-22 06:50 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-09-09 10:11 - 2015-08-22 06:50 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-09-09 10:11 - 2015-08-22 06:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2015-09-09 10:10 - 2015-08-26 11:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-09-09 10:10 - 2015-08-26 11:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-09-09 10:10 - 2015-08-26 11:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-09-09 10:10 - 2015-08-26 11:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-09-09 10:10 - 2015-08-26 11:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-09-09 10:10 - 2015-08-26 11:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-09-09 10:10 - 2015-08-26 11:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-09-09 10:10 - 2015-08-26 11:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-09-09 10:10 - 2015-08-26 11:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-09-09 10:10 - 2015-08-26 11:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-09-09 10:10 - 2015-08-26 11:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-09-09 10:10 - 2015-08-26 10:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2015-09-09 10:10 - 2015-08-26 10:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2015-09-09 10:10 - 2015-08-26 10:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2015-09-09 10:10 - 2015-08-26 10:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2015-09-09 10:10 - 2015-08-26 10:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2015-09-09 10:10 - 2015-08-22 07:40 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-09-09 10:10 - 2015-08-22 07:40 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-09-09 10:10 - 2015-08-22 07:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-09-09 10:10 - 2015-08-22 07:40 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-09-09 10:10 - 2015-08-22 07:40 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-09-09 10:10 - 2015-08-22 07:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-09-09 10:10 - 2015-08-22 07:40 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-09-09 10:10 - 2015-08-22 07:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-09-09 10:10 - 2015-08-22 06:51 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-09-09 10:10 - 2015-08-22 06:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-09-09 10:10 - 2015-08-22 06:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-09-09 10:10 - 2015-08-22 06:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-09-09 10:10 - 2015-08-22 06:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-09-09 10:10 - 2015-08-22 06:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-09-09 10:10 - 2015-08-22 06:50 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-09-09 10:10 - 2015-08-22 06:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-09-09 10:10 - 2015-08-22 06:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-09-09 10:10 - 2015-08-22 06:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-09-09 10:10 - 2015-08-22 06:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-09-09 10:10 - 2015-08-20 11:53 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-09-09 10:10 - 2015-08-20 11:46 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-09-09 10:10 - 2015-08-20 11:21 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-09-09 10:10 - 2015-08-20 11:19 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-09-09 10:10 - 2015-08-20 10:56 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2015-09-09 10:10 - 2015-08-20 10:55 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2015-09-01 16:24 - 2015-09-01 16:24 - 00000000 ____D C:\Users\Calvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-29 22:00 - 2009-07-13 21:45 - 00018928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-09-29 22:00 - 2009-07-13 21:45 - 00018928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-09-29 21:55 - 2009-11-03 22:21 - 01118254 _____ C:\Windows\WindowsUpdate.log
    2015-09-29 21:47 - 2011-10-10 21:46 - 00000000 ___RD C:\Users\Calvin\Dropbox
    2015-09-29 21:43 - 2011-10-10 21:45 - 00000000 ____D C:\Users\Calvin\AppData\Roaming\Dropbox
    2015-09-29 21:40 - 2009-09-03 01:42 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-09-29 21:36 - 2009-09-03 01:42 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-09-29 21:35 - 2013-06-03 01:02 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
    2015-09-29 21:34 - 2013-06-22 22:04 - 00032538 _____ C:\Windows\setupact.log
    2015-09-29 21:34 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-09-29 20:26 - 2011-03-31 16:33 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA.job
    2015-09-29 20:23 - 2015-06-30 20:24 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA.job
    2015-09-29 18:50 - 2014-11-09 23:36 - 00000000 ____D C:\Users\Calvin\Desktop\Old personal docs
    2015-09-29 17:27 - 2011-10-21 17:05 - 00000000 ____D C:\Windows\system32\Drivers\AVG
    2015-09-28 22:23 - 2015-06-30 20:24 - 00000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core.job
    2015-09-28 18:03 - 2009-08-19 12:19 - 00962828 _____ C:\Windows\PFRO.log
    2015-09-28 01:31 - 2011-03-31 16:33 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core.job
    2015-09-24 20:37 - 2009-07-13 22:08 - 00032542 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2015-09-22 22:17 - 2014-07-22 21:49 - 00000000 ____D C:\Users\Calvin\AppData\Local\Spotify
    2015-09-22 22:17 - 2014-07-22 21:48 - 00000000 ____D C:\Users\Calvin\AppData\Roaming\Spotify
    2015-09-21 22:10 - 2015-07-31 00:43 - 00000970 _____ C:\Users\Calvin\Desktop\FileZilla.lnk
    2015-09-16 19:50 - 2009-12-07 21:38 - 00000000 ____D C:\Users\Calvin\AppData\Local\Google
    2015-09-16 00:20 - 2011-03-31 16:33 - 00003888 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA
    2015-09-16 00:20 - 2011-03-31 16:33 - 00003492 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core
    2015-09-15 21:11 - 2010-01-29 14:56 - 00000000 ____D C:\Users\Calvin\AppData\Roaming\vlc
    2015-09-15 18:35 - 2009-09-03 01:42 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-09-14 22:27 - 2012-05-13 21:14 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
    2015-09-12 14:53 - 2009-07-13 22:13 - 00788704 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-09-12 14:48 - 2009-07-13 21:45 - 00404640 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-09-12 14:44 - 2009-07-14 00:45 - 00000000 ____D C:\Program Files\Windows Journal
    2015-09-12 14:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
    2015-09-10 20:37 - 2013-08-15 01:12 - 00000000 ____D C:\Windows\system32\MRT
    2015-09-10 18:24 - 2009-09-03 01:50 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-09-02 19:55 - 2009-12-09 17:20 - 00000000 ____D C:\Windows\System32\Tasks\Games
    2015-09-02 00:41 - 2010-01-24 15:06 - 00000000 ____D C:\Users\Calvin\AppData\Roaming\uTorrent

    ==================== Files in the root of some directories =======

    2010-01-14 18:19 - 2010-01-14 18:19 - 0000122 _____ () C:\Users\Calvin\AppData\Roaming\wklnhst.dat
    2011-12-21 21:09 - 2011-12-21 21:10 - 0001586 ___SH () C:\Users\Calvin\AppData\Local\7a24sn6j37j311
    2014-02-18 21:30 - 2014-02-18 21:30 - 0008192 _____ () C:\Users\Calvin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-12-03 00:18 - 2014-12-03 00:18 - 0026900 _____ () C:\Users\Calvin\AppData\Local\dt.dat
    2010-06-09 22:16 - 2011-10-16 20:47 - 0000000 _____ () C:\Users\Calvin\AppData\Local\prvlcl.dat
    2014-08-14 19:37 - 2014-08-14 19:37 - 0000752 _____ () C:\Users\Calvin\AppData\Local\recently-used.xbel
    2010-03-03 20:46 - 2010-03-03 20:46 - 0000017 _____ () C:\Users\Calvin\AppData\Local\resmon.resmoncfg
    2011-12-21 21:09 - 2011-12-21 21:10 - 0001586 ___SH () C:\ProgramData\7a24sn6j37j311
    0-00-00 00:00 - 2010-02-15 21:23 - 0001744 ____H () C:\ProgramData\sasihipa

    Some files in TEMP:
    ====================
    C:\Users\Calvin\AppData\Local\Temp\binkw32.dll
    C:\Users\Calvin\AppData\Local\Temp\bpuninstall.exe
    C:\Users\Calvin\AppData\Local\Temp\d2l_Install.exe
    C:\Users\Calvin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiuvwi5.dll
    C:\Users\Calvin\AppData\Local\Temp\GURB427.exe
    C:\Users\Calvin\AppData\Local\Temp\GURF3C5.exe
    C:\Users\Calvin\AppData\Local\Temp\Gw2.exe
    C:\Users\Calvin\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
    C:\Users\Calvin\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
    C:\Users\Calvin\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
    C:\Users\Calvin\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
    C:\Users\Calvin\AppData\Local\Temp\jre-8u31-windows-au.exe
    C:\Users\Calvin\AppData\Local\Temp\jre-8u40-windows-au.exe
    C:\Users\Calvin\AppData\Local\Temp\jre-8u45-windows-au.exe
    C:\Users\Calvin\AppData\Local\Temp\jre-8u51-windows-au.exe
    C:\Users\Calvin\AppData\Local\Temp\lowproc.exe
    C:\Users\Calvin\AppData\Local\Temp\rnsetup0.exe
    C:\Users\Calvin\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Calvin\AppData\Local\Temp\SRLDetectionLibrary6651861108808941012.dll
    C:\Users\Calvin\AppData\Local\Temp\stubhelper.dll
    C:\Users\Calvin\AppData\Local\Temp\swt-win32-3349.dll


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-08-02 19:02

    ==================== End of FRST.txt ============================
     
  5. user124

    user124 TS Rookie Topic Starter Posts: 23

    Here is Part 1 of 2 of the Addition log:


    Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
    Ran by Calvin (2015-09-29 22:06:38)
    Running from C:\Users\Calvin\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) (2009-12-08 04:32:43)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3178901641-3325030848-3832911895-500 - Administrator - Disabled)
    Calvin (S-1-5-21-3178901641-3325030848-3832911895-1000 - Administrator - Enabled) => C:\Users\Calvin
    Guest (S-1-5-21-3178901641-3325030848-3832911895-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3178901641-3325030848-3832911895-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKLM-x32\...\uTorrent) (Version: 1.8.5 - )
    Abaqus 6.14 Student Edition (HKLM\...\Abaqus 6.14 Student Edition) (Version: 6.14.0.0 - Dassault Systemes Simulia Corp.)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
    Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.6.606 - Adobe Systems, Inc.)
    AIM 7 (HKLM-x32\...\AIM_7) (Version: - )
    Any Video Converter 5.0.8 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
    AOL Messaging Toolbar (HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\AOL Messaging Toolbar) (Version: - )
    Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
    Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version: - )
    AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2258 - AVG Technologies)
    AVG 2012 (Version: 12.0.4311 - AVG Technologies) Hidden
    AVG 2012 (Version: 12.1.2258 - AVG Technologies) Hidden
    AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.8.0.209 - AVG Technologies)
    Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
    BlackBerry Device Manager 6.1 (HKLM-x32\...\BlackBerry_{1C933E76-5795-48D2-BB38-1FFD64AACA4F}) (Version: 6.1.0.33 - Research In Motion Ltd.)
    BlackBerry Device Manager 6.1 (x32 Version: 6.1.0.33 - Research In Motion Ltd.) Hidden
    Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Bullzip PDF Printer 9.3.0.1516 (HKLM\...\Bullzip PDF Printer_is1) (Version: 9.3.0.1516 - Bullzip)
    Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version: - )
    Canon MP160 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160) (Version: - )
    Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
    Click to Disc (x32 Version: 1.2.70.06160 - Sony Corporation) Hidden
    Click to Disc Editor (x32 Version: 2.0.02 - Sony Corporation) Hidden
    Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
    Diablo II (HKLM-x32\...\Diablo II) (Version: - )
    Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
    Dropbox (HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
    DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
    Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
    EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
    Evince 2.32.0.145 (HKLM-x32\...\{AA38CC00-F12C-495E-AF00-7EE413D3BFB2}) (Version: 2.32.0.145 - (Custom build))
    FileZilla Client 3.12.0.2 (HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\FileZilla Client) (Version: 3.12.0.2 - Tim Kosse)
    GitHub (HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\5f7eb300e2ea4ebf) (Version: 2.14.7.1 - GitHub, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
    Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
    Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
    IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
    Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
    Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 3.2.1.0 - Microsoft Corporation)
    Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
    Java(TM) 6 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416025FF}) (Version: 6.0.250 - Oracle)
    Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
    Java(TM) SE Development Kit 6 Update 15 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160150}) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
    JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
    Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    LINE (HKLM-x32\...\LINE) (Version: 4.1.2.525 - LINE Corporation)
    Math Kernel Libraries (64-bit) (Version: 1.0.33.0 - National Instruments) Hidden
    Math Kernel Libraries (64-bit) (Version: 13.0.13 - National Instruments) Hidden
    Math Kernel Libraries (64-bit) (Version: 14.0.6 - National Instruments) Hidden
    Math Kernel Libraries (x32 Version: 1.0.33.0 - National Instruments) Hidden
    Math Kernel Libraries (x32 Version: 13.0.13 - National Instruments) Hidden
    Math Kernel Libraries (x32 Version: 14.0.6 - National Instruments) Hidden
    Mathematica Extras 9.0 (4092550) (HKLM\...\A-WIN-Extras 9.0.1 4092550_is1) (Version: 9.0.1 - Wolfram Research, Inc.)
    MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.)
    Media Gallery (x32 Version: 1.0.0.07210 - Sony Corporation) Hidden
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
    Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
    Microsoft HPC Pack 2008 R2 MS-MPI Redistributable Pack (HKLM\...\{D3299935-57F7-403A-9D7B-0B8F9F56F44B}) (Version: 3.0.2369.0 - Microsoft Corporation)
    Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
    Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
    Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation)
    Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
    Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
    Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
    Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
    Mp3tag v2.54 (HKLM-x32\...\Mp3tag) (Version: v2.54 - Florian Heidenreich)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    Music Transfer (x32 Version: 1.3.01.13160 - Sony Corporation) Hidden
    National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
    NI .NET Framework 4.0 (x32 Version: 4.01.49152 - National Instruments) Hidden
    NI ActiveX Container (64-bit) (Version: 14.0.5 - National Instruments) Hidden
    NI ActiveX Container (x32 Version: 14.0.5 - National Instruments) Hidden
    NI Assistant Framework (x32 Version: 14.0.40 - National Instruments) Hidden
    NI Assistant Framework 64-bit (Version: 14.0.49 - National Instruments) Hidden
    NI Assistant Framework LabVIEW 2014 Support (x32 Version: 14.0.34 - National Instruments) Hidden
    NI Assistant Framework LabVIEW Code Generator 2013 (x32 Version: 9.0.107 - National Instruments) Hidden
    NI Assistant Framework LabVIEW Code Generator 2014 (x32 Version: 14.0.40 - National Instruments) Hidden
    NI Authentication 2014 (64-bit) (Version: 14.0.344 - National Instruments) Hidden
    NI Authentication 2014 (x32 Version: 14.0.344 - National Instruments) Hidden
    NI CodeSignAPI (x32 Version: 2.70.346 - National Instruments) Hidden
    NI Curl 14.0.0 (64-bit) (Version: 14.0.294 - National Instruments) Hidden
    NI Curl 2014 (x32 Version: 14.0.295 - National Instruments) Hidden
    NI Customer Experience Improvement Program (x32 Version: 2.1.27 - National Instruments) Hidden
    NI DataSocket 5.2 (64-bit) (Version: 5.2.218 - National Instruments) Hidden
    NI DataSocket 5.2 (x32 Version: 5.2.218 - National Instruments) Hidden
    NI Distributed System Manager 2013 (x32 Version: 13.0.338 - National Instruments) Hidden
    NI Distributed System Manager 2014 (x32 Version: 14.0.382 - National Instruments) Hidden
    NI Error Reporting 2014 (x32 Version: 14.0.379 - National Instruments) Hidden
    NI Error Reporting Interface 14.0 (x32 Version: 14.0.241 - National Instruments) Hidden
    NI Error Reporting Interface 14.0 for Windows (64-bit) (Version: 14.0.241 - National Instruments) Hidden
    NI EulaDepot (x32 Version: 3.30.268 - National Instruments) Hidden
    NI Example Finder 14.0 (x32 Version: 14.0.133 - National Instruments) Hidden
    NI Help Assistant 2.0 (64bit) (Version: 2.0.3 - National Instruments) Hidden
    NI Help Assistant 2.0 (x32 Version: 2.0.3 - National Instruments) Hidden
    NI Instrument IO Assistant for LabVIEW 2013 32-bit (x32 Version: 1.0.14.0 - National Instruments) Hidden
    NI Instrument IO Assistant for LabVIEW 2014 32-bit (x32 Version: 14.0.12 - National Instruments) Hidden
    NI JSON Map Files (x32 Version: 14.0.14 - National Instruments) Hidden
    NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 12.0.219.0 - National Instruments) Hidden
    NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 13.0.336 - National Instruments) Hidden
    NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 14.0.386 - National Instruments) Hidden
    NI LabVIEW 2012 Run-Time Engine Web Server (x32 Version: 12.5.198.0 - National Instruments) Hidden
    NI LabVIEW 2012 SP1 Run-Time Engine Non-English Support. (x32 Version: 12.1.52.0 - National Instruments) Hidden
    NI LabVIEW 2013 Help (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 Help File (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 License (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 Manuals (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 MeasAppChm File (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 Real-Time Error Dialog (x32 Version: 13.0.123 - National Instruments) Hidden
    NI LabVIEW 2013 Run-Time Engine Web Server (x32 Version: 13.5.27 - National Instruments) Hidden
    NI LabVIEW 2013 Scripting Code Generator (x32 Version: 9.0.172 - National Instruments) Hidden
    NI LabVIEW 2013 Search (x32 Version: 13.0.16 - National Instruments) Hidden
    NI LabVIEW 2013 Simulation (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 SP1 (32-bit) (x32 Version: 13.1.101 - National Instruments) Hidden
    NI LabVIEW 2013 SP1 Deployable License (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 SP1 f1 (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 SP1 Run-Time Engine Non-English Support. (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 SP1 Web Server (x32 Version: 13.5.26 - National Instruments) Hidden
    NI LabVIEW 2014 (32-bit) (Version: 14.0.654 - National Instruments) Hidden
    NI LabVIEW 2014 (32-bit) (x32 Version: 14.0.383 - National Instruments) Hidden
    NI LabVIEW 2014 (x32 Version: 14.0.378 - National Instruments) Hidden
    NI LabVIEW 2014 Compare Utility (x32 Version: 14.0.380 - National Instruments) Hidden
    NI LabVIEW 2014 Database Connectivity Toolkit (x32 Version: 14.0.259 - National Instruments) Hidden
    NI LabVIEW 2014 Database Connectivity Toolkit License (x32 Version: 14.0.260 - National Instruments) Hidden
    NI LabVIEW 2014 Deployable License (x32 Version: 14.0.381 - National Instruments) Hidden
    NI LabVIEW 2014 Deployment Framework (x32 Version: 14.0.390 - National Instruments) Hidden
    NI LabVIEW 2014 Help (x32 Version: 14.0.380 - National Instruments) Hidden
    NI LabVIEW 2014 Help File (x32 Version: 14.0.378 - National Instruments) Hidden
    NI LabVIEW 2014 License (x32 Version: 14.0.381 - National Instruments) Hidden
    NI LabVIEW 2014 License 64-bit (Version: 14.0.140 - National Instruments) Hidden
    NI LabVIEW 2014 Manuals (x32 Version: 14.0.380 - National Instruments) Hidden
    NI LabVIEW 2014 MeasAppChm File (x32 Version: 14.0.377 - National Instruments) Hidden
    NI LabVIEW 2014 Merge Utility (x32 Version: 14.0.380 - National Instruments) Hidden
    NI LabVIEW 2014 Report Generation Toolkit for Microsoft Office (x32 Version: 14.0.239 - National Instruments) Hidden
    NI LabVIEW 2014 Report Generation Toolkit License (x32 Version: 14.0.239 - National Instruments) Hidden
    NI LabVIEW 2014 Run-Time Engine Web Server (x32 Version: 14.0.420 - National Instruments) Hidden
    NI LabVIEW 2014 Scripting Code Generator (x32 Version: 14.0.313 - National Instruments) Hidden
    NI LabVIEW 2014 Search (x32 Version: 14.0.5 - National Instruments) Hidden
    NI LabVIEW 2014 Simulation (x32 Version: 14.0.380 - National Instruments) Hidden
    NI LabVIEW 2014 Touch Panel (x32 Version: 14.0.123 - National Instruments) Hidden
    NI LabVIEW 2014 Touch Panel for English (x32 Version: 14.0.123 - National Instruments) Hidden
    NI LabVIEW 2014 Variable Web Service (x32 Version: 14.0.379 - National Instruments) Hidden
    NI LabVIEW 2014 Web Server (x32 Version: 14.0.439 - National Instruments) Hidden
    NI LabVIEW Broker (64 bit) (Version: 6.8.10.0 - National Instruments) Hidden
    NI LabVIEW Broker (x32 Version: 6.8.10.0 - National Instruments) Hidden
    NI LabVIEW C Interface (x32 Version: 1.0.1 - National Instruments) Hidden
    NI LabVIEW MAX XML (x32 Version: 9.0.6.0 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine 2012 SP1 f9 (x32 Version: 12.1.72.0 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine 2013 SP1 f2 (x32 Version: 13.1.109 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine 2014 (x32 Version: 14.0.397 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine 2014 Non-English Support. (x32 Version: 14.0.381 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine Interop 2012 SP1 (x32 Version: 12.1.72.0 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine Interop 2013 (x32 Version: 13.1.109 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine Interop 2014 (x32 Version: 14.0.400 - National Instruments) Hidden
    NI LabVIEW Web Services Runtime (x32 Version: 13.5.26 - National Instruments) Hidden
    NI LabVIEW Web Services Runtime (x32 Version: 14.0.363 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 Analysis Library (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 Analysis Library (x32 Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 Network Variable Library (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 Network Variable Library (x32 Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 Run-Time Engine (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 TDM Streaming Library (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 TDM Streaming Library (x32 Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2012 SP1 LabVIEW DLL Builder (x32 Version: 12.0.1133 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Code Generator (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Low-Level Driver (Original) (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Low-Level Driver (Updated) (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI Run-Time Engine 2010 SP1 (Updated) (x32 Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI Run-Time Engine 2010 SP1 (x32 Version: 10.0.1434 - National Instruments) Hidden
    NI Launcher (x32 Version: 3.30.268 - National Instruments) Hidden
    NI License Manager (x32 Version: 3.7.73 - National Instruments) Hidden
    NI Logos 5.6 (64-bit) (Version: 5.6.254 - National Instruments) Hidden
    NI Logos 5.6 (x32 Version: 5.6.254 - National Instruments) Hidden
    NI Logos LabVIEW 2013 Support (x32 Version: 13.1.99 - National Instruments) Hidden
    NI Logos LabVIEW 2014 Support (x32 Version: 14.0.380 - National Instruments) Hidden
    NI Logos XT Support (x32 Version: 5.6.253 - National Instruments) Hidden
    NI Logos64 XT Support (Version: 5.6.253 - National Instruments) Hidden
    NI Math Kernel Libraries (64-bit) (Version: 1.0.10.0 - National Instruments) Hidden
    NI Math Kernel Libraries (x32 Version: 1.0.10.0 - National Instruments) Hidden
    NI MAX Remote Configuration 64-bit Installer 14.0 (Version: 14.00.49152 - National Instruments) Hidden
    NI MAX Remote Configuration Installer 14.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI MAX Support for 64 Bit Windows (Version: 14.00.49152 - National Instruments) Hidden
    NI MDF Support (x32 Version: 3.30.268 - National Instruments) Hidden
    NI mDNS Responder 14.0 for Windows 64-bit (Version: 14.00.49152 - National Instruments) Hidden
    NI mDNS Responder 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI Measurement & Automation Explorer 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI Measurement Studio ComponentWorks 3D Graph (x32 Version: 8.6.10603 - National Instruments) Hidden
    NI Measurement Studio ComponentWorks UI (x32 Version: 8.6.10603 - National Instruments) Hidden
    NI Measurement Studio Recipe Processor (x32 Version: 8.0.0101 - National Instruments) Hidden
    NI MetaSuite Installer (x32 Version: 3.30.268 - National Instruments) Hidden
    NI MXS 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI MXS 14.0.0 for 64 Bit Windows (Version: 14.00.49152 - National Instruments) Hidden
    NI Network Discovery 14.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI Network Discovery 14.0 for Windows 64-bit (Version: 14.00.49152 - National Instruments) Hidden
    NI OPC Support (x32 Version: 14.0.281 - National Instruments) Hidden
    NI OPCEnum Shared (x32 Version: 5.5.2018 - National Instruments) Hidden
    NI Portable Configuration 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI Portable Configuration for 64 Bit Windows 14.0.0 (Version: 14.00.49152 - National Instruments) Hidden
    NI Registration Wizard (x32 Version: 1.3.97.0 - National Instruments) Hidden
    NI Remote Provider for MAX 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI Remote PXI Provider for MAX 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI Search Shared (x32 Version: 14.0.5 - National Instruments) Hidden
    NI Security Update (KB 67L8LCQW) (64-bit) (Version: 1.0.29.0 - National Instruments) Hidden
    NI Security Update (KB 67L8LCQW) (x32 Version: 1.0.29.0 - National Instruments) Hidden
    NI Service Locator 2014 (x32 Version: 14.0.217 - National Instruments) Hidden
    NI SLCP 2.1 (x32 Version: 2.1.16 - National Instruments) Hidden
    NI Software Provider for MAX 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI SSL LabVIEW 2013 SP1 Support (x32 Version: 13.5.26 - National Instruments) Hidden
    NI SSL LabVIEW 2014 Support (x32 Version: 14.0.389 - National Instruments) Hidden
    NI SSL LabVIEW RTE 2012 SP1 Support (x32 Version: 12.5.8.0 - National Instruments) Hidden
    NI SSL LabVIEW RTE 2013 SP1 Support (x32 Version: 13.5.27 - National Instruments) Hidden
    NI SSL LabVIEW RTE 2014 Support (x32 Version: 14.0.376 - National Instruments) Hidden
    NI SSL Support (64-bit) (Version: 14.0.303 - National Instruments) Hidden
    NI SSL Support (x32 Version: 14.0.303 - National Instruments) Hidden
    NI System API .NET 14.0.0 (x32 Version: 14.0.310 - National Instruments) Hidden
    NI System API Client for WIF 14.0.0 (x32 Version: 14.0.289 - National Instruments) Hidden
    NI System API Web-Service 32-bit 14.0.0 (x32 Version: 14.0.291 - National Instruments) Hidden
    NI System API Windows 32-bit 14.0.0 (x32 Version: 14.0.302 - National Instruments) Hidden
    NI System API Windows 64-bit 14.0.0 (Version: 14.0.302 - National Instruments) Hidden
    NI System Configuration 14.0.0 LabVIEW Support (x32 Version: 14.0.140 - National Instruments) Hidden
    NI System Configuration LV2013 Support 5.6.0 (x32 Version: 5.60.29 - National Instruments) Hidden
    NI System Configuration LV2014 Support 14.0.0 (x32 Version: 14.0.124 - National Instruments) Hidden
    NI System Configuration Runtime 14.0.0 (x32 Version: 14.0.142 - National Instruments) Hidden
    NI System Configuration Runtime 14.0.0 for Windows 64-bit (Version: 14.0.142 - National Instruments) Hidden
    NI System State Publisher (64-bit) (Version: 14.0.380 - National Instruments) Hidden
    NI System State Publisher (x32 Version: 14.0.383 - National Instruments) Hidden
    NI System Web Server 2014 (x32 Version: 14.0.303 - National Instruments) Hidden
    NI System Web Server Base 2014 (64-bit) (Version: 14.0.249 - National Instruments) Hidden
    NI System Web Server Base 2014 (x32 Version: 14.0.249 - National Instruments) Hidden
    NI TDM Excel Add-In 14.0 (x32 Version: 14.0.23 - National Instruments) Hidden
    NI TDM Excel Add-In 14.0 64-bit (Version: 14.0.23 - National Instruments) Hidden
    NI TDM Streaming 14.0 (64-bit) (Version: 14.0.43 - National Instruments) Hidden
    NI TDM Streaming 14.0 (x32 Version: 14.0.43 - National Instruments) Hidden
    NI Trace Engine (64-bit) (Version: 14.0.177 - National Instruments) Hidden
    NI Trace Engine (x32 Version: 14.0.177 - National Instruments) Hidden
    NI Uninstaller (x32 Version: 3.30.268 - National Instruments) Hidden
    NI Update Service 2014 (64-bit) (Version: 14.0.34 - National Instruments) Hidden
    NI Update Service 2014 (x32 Version: 14.0.34 - National Instruments) Hidden
    NI USI 14.0.0 (x32 Version: 14.0.05640 - National Instruments) Hidden
    NI USI 14.0.0 64-bit (Version: 14.0.05640 - National Instruments) Hidden
    NI Variable Engine (64-bit) (Version: 2.8.282 - National Instruments) Hidden
    NI Variable Engine 2.8.0 (x32 Version: 2.8.282 - National Instruments) Hidden
    NI Variable Engine LabVIEW 2013 Support (x32 Version: 13.1.99 - National Instruments) Hidden
    NI Variable Engine LabVIEW 2014 Support (x32 Version: 14.0.380 - National Instruments) Hidden
    NI VC2005MSMs x64 (Version: 8.05.0 - National Instruments) Hidden
    NI VC2005MSMs x86 (x32 Version: 8.05.0 - National Instruments) Hidden
    NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden
    NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden
    NI VC2010SP1MSMs x64 (Version: 10.0.100 - National Instruments) Hidden
    NI VC2010SP1MSMs x86 (x32 Version: 10.0.100 - National Instruments) Hidden
    NI VIPM Helper 2014 (x32 Version: 14.0.194 - National Instruments) Hidden
    NI Web Application Server 2014 (64-bit) (Version: 14.0.308 - National Instruments) Hidden
    NI Web Application Server 2014 (x32 Version: 14.0.308 - National Instruments) Hidden
    NI Web Pipeline 2014 (64-bit) (Version: 14.0.16 - National Instruments) Hidden
    NI Web Pipeline 2014 (x32 Version: 14.0.16 - National Instruments) Hidden
    NI Web Pipeline 3.3 (64-bit) (Version: 3.30.24 - National Instruments) Hidden
    NI Web Pipeline 3.3 (x32 Version: 3.30.24 - National Instruments) Hidden
    NI Web-Based Configuration and Monitoring 14.0 (x32 Version: 14.0.410 - National Instruments) Hidden
    NI Xalan Delay Load 1.10.3 (x32 Version: 1.10.85 - National Instruments) Hidden
    NI Xalan Delay Load 1.10.3 64-bit (Version: 1.10.86 - National Instruments) Hidden
    NI Xerces Delay Load 2.7.6 (x32 Version: 2.7.218 - National Instruments) Hidden
    NI Xerces Delay Load 2.7.6 64-bit (Version: 2.7.228 - National Instruments) Hidden
    NI-DAQmx/LabVIEW shared documentation 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 14.0.0 (Version: 14.00.49152 - National Instruments) Hidden
    NI-Mesa (Version: 12.0.7.0 - National Instruments) Hidden
    NI-Mesa (x32 Version: 12.0.7.0 - National Instruments) Hidden
    NI-RPC 14.0.0f0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI-RPC 14.0.0f0 for 64 Bit Windows (Version: 14.00.49152 - National Instruments) Hidden
    NI-RPC 14.0.0f0 for Phar Lap ETS (x32 Version: 14.00.49152 - National Instruments) Hidden
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
    ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.3023 - ooVoo LLC.)
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
    PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
    PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
    Quantum GIS Lisboa 1.8.0 Lisboa (HKLM-x32\...\Quantum GIS Lisboa) (Version: 1.8.0-r${SVN_REVISION}-2 - QGIS Development Team)
    QuickBooks Financial Center (HKLM-x32\...\{0F962B79-D0DC-40D9-96BA-ED1355120CBA}) (Version: 1.30.0000 - Intuit Inc.)
    RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
    RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5886 - Realtek Semiconductor Corp.)
    RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Recuva (HKLM\...\Recuva) (Version: 1.47 - Piriform)
    Regi (Version: 1.00.0000 - InterVideo Inc.) Hidden
    Reset NI Config 14.0.0 (x32 Version: 14.0.177 - National Instruments) Hidden
    Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
    Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
    Setting Utility Series (x32 Version: 5.0.0.07300 - Sony Corporation) Hidden
    Silkroad (HKLM-x32\...\Silkroad) (Version: - )
    Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.8.4.20090826.2116 - Sony)
    SolidWorks 2014 x64 Edition SP02 (HKLM-x32\...\SolidWorks Installation Manager 20140-40200-1100-100) (Version: 22.2.0.40 - SolidWorks Corporation)
    SolidWorks 2014 x64 Edition SP02 (Version: 22.120.40 - SolidWorks) Hidden
    SolidWorks Composer Player 2014 SP02 x64 Edition (Version: 22.20.40 - Dassault Systemes SolidWorks) Hidden
    SolidWorks eDrawings 2014 x64 Edition SP02 (Version: 14.2.116 - Dassault Systèmes SolidWorks Corp) Hidden
    Sony Home Network Library (x32 Version: 2.0.0.07280 - Sony Corporation) Hidden
    Sony Picture Utility (x32 Version: 4.2.12.16210 - Sony Corporation) Hidden
    Spotify (HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
    Starcraft (HKLM-x32\...\Starcraft) (Version: - )
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
    Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
    Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    TypeScript Power Tool (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 (HKLM-x32\...\{4cde0c8c-47b3-448f-babf-fe5d392432a6}) (Version: 1.5.23128.0 - Microsoft Corporation)
    Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 5.1.0.13200 - Sony Corporation)
    VAIO Care (x32 Version: 5.1.0.13200 - Sony Corporation) Hidden
    VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.5.0.06261 - Sony Corporation) Hidden
    VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.5.0.06260 - Sony Corporation) Hidden
    VAIO Content Metadata Manager Settings (x32 Version: 3.5.0.06261 - Sony Corporation) Hidden
    VAIO Content Metadata XML Interface Library (x32 Version: 3.5.0.06180 - Sony Corporation) Hidden
    VAIO Content Monitoring Settings (x32 Version: 2.4.0.06120 - Sony Corporation) Hidden
    VAIO Control Center (x32 Version: 4.0.0.06120 - Sony Corporation) Hidden
    VAIO Data Restore Tool (x32 Version: 1.1.01.06290 - Sony Corporation) Hidden
    VAIO DVD Menu Data Basic (x32 Version: 1.0.00.08130 - Sony Corporation) Hidden
    VAIO Entertainment Platform (x32 Version: 3.5.0.07230 - Sony Corporation) Hidden
    VAIO Event Service (x32 Version: 5.0.0.08180 - Sony Corporation) Hidden
    VAIO Help and Support (x32 Version: 9.00.0804.L - Sony Corporation) Hidden
    VAIO Media plus (x32 Version: 2.0.0.07280 - Sony Corporation) Hidden
    VAIO Media plus Opening Movie (x32 Version: 2.0.0.07030 - Sony Corporation) Hidden
    VAIO Movie Story (x32 Version: 1.5.00.06191 - Sony Corporation) Hidden
    VAIO Movie Story Template Data (x32 Version: 1.5.00.06010 - Sony Corporation) Hidden
    VAIO OOBE and Startup Assistant (x32 Version: 1.00.0811.ENUS - Sony Corporation) Hidden
    VAIO Original Function Settings (x32 Version: 2.0.0.07010 - Sony Corporation) Hidden
    VAIO Personalization Manager (x32 Version: 2.0.0.06220 - Sony Corporation) Hidden
    VAIO Power Management (x32 Version: 4.0.0.08240 - Sony Corporation) Hidden
    VAIO Sample Contents (x32 Version: 1.0.0.06290 - Sony Corporation) Hidden
    VAIO Survey (x32 Version: 6.00.0722 - Sony Corporation) Hidden
    VAIO Transfer Support (x32 Version: 1.0.0.07290 - Sony Corporation) Hidden
    VAIO Update 4 (x32 Version: 4.2.0.07300 - Sony Corporation) Hidden
    VAIO Wallpaper Contents (x32 Version: 2.0.0.06010 - Sony Corporation) Hidden
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VI Package Manager 2014 (HKLM-x32\...\{612BE9C7-DEE4-4F13-AC87-C6A7C1B721FB}) (Version: 14.0.1941 - JKI)
    VI Package Manager 2014 (x32 Version: 14.0.0 - National Instruments) Hidden
    Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player 1.0.3 (HKLM-x32\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
    WBS Schedule Pro (HKLM-x32\...\{64D427FA-5B24-44EE-9600-C49D91A6C2A4}) (Version: 5.0.0121 - Critical Tools, Inc.)
    WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
    WIF Core Dependencies Windows 14.0.0 (x32 Version: 14.0.119 - National Instruments) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
    Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 3.1.1.0 - Microsoft Corporation)
    Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
    WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
    WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
    Wolfram CDF Player (M-WIN-D 9.0.1 4092685) (HKLM-x32\...\M-WIN-D 9.0.1 4092685_is1) (Version: 9.0.1 - Wolfram Research, Inc.)
    XAMPP (HKLM-x32\...\xampp) (Version: 5.6.11-0 - Bitnami)
    谷歌拼音输入法 2.6 (HKLM\...\GooglePinyin2) (Version: - Google Inc.)
     
  6. user124

    user124 TS Rookie Topic Starter Posts: 23

    Finally, here is Part 2 of 2 of the Addition log: (Please let me know what you find! Thank you! :D)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File

    ==================== Restore Points =========================

    10-09-2015 18:04:24 Windows Update
    11-09-2015 03:01:18 Windows Update
    21-09-2015 01:19:18 Restore Operation

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {02B532B7-D36F-4872-9611-4BD5ECAB6CB3} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2009-12-04] (Sony Corporation)
    Task: {04BC25F5-4AD6-41C0-847D-9ED7601F17AF} - System32\Tasks\Sony\VAIO Mini Program => C:\Program Files\Sony\First Experience\Miniprogram.exe [2009-08-26] ()
    Task: {089BC31E-D79A-4494-8E8C-98408DFF208E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core => C:\Users\Calvin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {0EE412A6-8EF7-4FC9-BA19-3F710C551E53} - System32\Tasks\{BA8CDFB1-950F-4AB9-AB93-B931F7648434} => C:\Program Files (x86)\Steam\Steam.exe [2013-06-06] (Valve Corporation)
    Task: {0FB444CA-2DE4-447A-B324-27AE7489AD4A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core => C:\Users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
    Task: {109BFF26-9480-4489-A336-DA076870CE8C} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
    Task: {152FC425-0A40-4448-8F03-3F9F7190D71C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
    Task: {16A7B67C-2188-413F-9F7C-5A1F1250A602} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
    Task: {1F1F568B-D9DF-4A74-A39A-5510FA05AEE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {204E917C-8D3B-4B4B-958B-D373CF18BE5E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3178901641-3325030848-3832911895-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
    Task: {25B977CE-0573-4438-B38A-5E7316ABB481} - System32\Tasks\{530AEC9F-DA70-4B50-846A-0C6B4C758696} => pcalua.exe -a G:\Setup.exe -d G:\
    Task: {34C8F753-D4CB-4653-BCDF-02F37E0AD662} - System32\Tasks\{BEBD4E1B-5E80-49C0-A5E9-FA15EA5B8D41} => pcalua.exe -a "C:\Users\Calvin\Downloads\Firefox Setup 3.5.5.exe" -d C:\Users\Calvin\Desktop
    Task: {4689EBB7-0D05-4EC7-A62D-BF163E131F80} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3178901641-3325030848-3832911895-1000
    Task: {50D44905-F092-4568-8EB3-DBB9AE4F4020} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
    Task: {5D74D0CE-9908-452F-8D0B-3322601E15D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {6B9F75D3-999B-46BB-8D25-7644A86A1510} - System32\Tasks\NIUpdateServiceStartupTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2014-06-10] (National Instruments)
    Task: {6C5B2A82-29A9-473F-AC72-013C4219B959} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Calvin => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2009-06-09] (Sony Corporation)
    Task: {81CD4F16-33F1-4022-8765-C5D8826463AD} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2009-07-30] (Sony Corporation)
    Task: {88F2DF7D-DA5D-4C0F-A4F0-E0D114D3CCD2} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2008-07-25] ()
    Task: {93E7F302-26A2-442C-8410-9E23E4885C22} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3178901641-3325030848-3832911895-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
    Task: {99B1C7C3-E18D-4B63-BF2D-6BA0B43E63A2} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3178901641-3325030848-3832911895-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
    Task: {A9FBCA4A-201F-4970-89F2-BC7CC8E6AA30} - System32\Tasks\Google Pinyin Daemon => C:\Program Files\Google\Google Pinyin 2\GooglePinyinDaemon.exe [2011-12-21] (Google Inc.)
    Task: {B0831CA3-3D1C-4C5C-AAAB-989010A6BFA1} - System32\Tasks\shut off => C:\Windows\System32\shutdown.exe [2009-07-13] (Microsoft Corporation)
    Task: {B0B3F4BB-EE3F-498A-8897-AE86BDBB943A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA => C:\Users\Calvin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {B20EB90E-3234-4470-B2FA-D6976DA83CE4} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline
    Task: {B3427B9F-AFE7-4BE1-9632-DED1D180D351} - System32\Tasks\RealCreateProcessScheduledTask256358751S-1-5-21-3178901641-3325030848-3832911895-1000 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2013-09-16] (RealNetworks, Inc.)
    Task: {C608B775-B19D-464A-955E-A477A2DCDCE6} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{A28F905F-CFF5-4A5E-873E-CF01884133C9}.exe
    Task: {C91C0BE7-C74F-4CED-8099-B629A61E94FE} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3178901641-3325030848-3832911895-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
    Task: {CC24C3FF-45A3-4DB3-AFA2-831E25350882} - System32\Tasks\VAIO Care Service => C:\Program Files\Sony\VAIO Care\VAIOCareService.exe [2009-12-04] (Sony Corporation)
    Task: {CF81526B-B972-49A1-B130-E6D21D933345} - System32\Tasks\{E18D3363-4045-4B75-B4DC-BC77C1AAB0F1} => pcalua.exe -a C:\Users\Calvin\Desktop\GooglePinyinInstaller.exe -d C:\Users\Calvin\Desktop
    Task: {D1B815B5-385F-40B1-91E9-2126E7A39983} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask
    Task: {DB2F9EA6-8B1D-4633-AD38-26587DB6D992} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {E4CF8962-579D-425D-8A1C-FAA0B4A31DAA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA => C:\Users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
    Task: {E9A9946A-F7EE-4B4C-9DCC-DE64EE584B03} - System32\Tasks\JKIUpdateTask => C:\Program Files (x86)\JKI\VI Package Manager\support\JKIUpdate.exe [2014-04-22] (JKI)
    Task: {F665B45C-2D32-4BE6-984A-5BDCA0DDE72C} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2014-06-10] (National Instruments)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{A28F905F-CFF5-4A5E-873E-CF01884133C9}.exe <==== ATTENTION
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core.job => C:\Users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA.job => C:\Users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core.job => C:\Users\Calvin\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA.job => C:\Users\Calvin\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2012-03-04 18:45 - 2011-02-28 15:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
    2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    2015-08-17 12:17 - 2015-08-17 12:15 - 00152064 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\loggingserver.exe
    2009-09-03 02:06 - 2008-07-25 11:21 - 00385024 _____ () C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe
    2012-05-13 21:14 - 2015-09-14 22:26 - 02567568 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
    2009-09-03 01:58 - 2009-08-26 17:11 - 00017408 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
    2014-01-11 21:06 - 2014-01-11 21:06 - 00276008 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sldBodyDiffu.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00017920 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    2009-09-03 01:58 - 2009-08-26 17:11 - 00033792 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
    2011-12-21 18:11 - 2011-12-21 18:11 - 01318456 _____ () C:\Program Files\Google\Google Pinyin 2\GooglePinyinService.exe
    2009-09-03 02:30 - 2009-07-27 16:58 - 00376832 _____ () C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\sqlite3.dll
    2009-09-03 02:30 - 2009-08-18 09:02 - 00010752 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
    2009-09-03 02:30 - 2009-08-18 09:02 - 00009728 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
    2015-08-17 12:17 - 2015-08-17 12:15 - 00512000 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\log4cplusU.dll
    2012-01-26 11:36 - 2012-01-26 11:36 - 00278528 ____R () C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\xerces-depdom_2_6.dll
    2009-09-03 02:34 - 2009-06-09 19:52 - 00495616 _____ () C:\Program Files\Sony\VAIO Personalization Manager\sqlite3.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00120320 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00007680 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00009728 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00018944 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00081408 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll
    2015-09-29 21:40 - 2015-09-29 21:40 - 00071168 _____ () c:\users\calvin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiuvwi5.dll
    2015-03-04 14:45 - 2015-08-04 22:26 - 00012800 _____ () C:\Users\Calvin\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
    2015-03-04 14:45 - 2015-08-04 22:26 - 00779776 _____ () C:\Users\Calvin\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
    2015-07-30 20:02 - 2015-08-04 22:26 - 00056320 _____ () C:\Users\Calvin\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
    2015-03-04 14:45 - 2015-08-04 22:26 - 00012288 _____ () C:\Users\Calvin\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00023040 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00027648 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00007168 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00004608 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
    2015-09-27 12:15 - 2015-09-23 19:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
    2015-09-27 12:15 - 2015-09-23 19:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
    2015-09-27 12:15 - 2015-09-23 19:34 - 16487752 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData:gs5sys
    AlternateDataStreams: C:\Users\All Users:gs5sys
    AlternateDataStreams: C:\Users\Calvin:gs5sys
    AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
    AlternateDataStreams: C:\ProgramData\Temp:C76EDAC3
    AlternateDataStreams: C:\ProgramData\Templates:gs5sys
    AlternateDataStreams: C:\Users\Calvin\Application Data:gs5sys
    AlternateDataStreams: C:\Users\Calvin\Cookies:gs5sys
    AlternateDataStreams: C:\Users\Calvin\Local Settings:gs5sys
    AlternateDataStreams: C:\Users\Calvin\Templates:gs5sys
    AlternateDataStreams: C:\Users\Calvin\Desktop\2014-03-26 19.06.09.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\Desktop\2014-05-11 16.11.46.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\Desktop\2014-06-27 20.45.29.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\Desktop\20140626_211015_LLS.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\Desktop\20140831_101702.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\Desktop\2015-02-14 22.27.42.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\Desktop\DSC_2935.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\AppData\Local:gs5sys
    AlternateDataStreams: C:\Users\Calvin\AppData\Roaming:gs5sys
    AlternateDataStreams: C:\Users\Calvin\AppData\Local\Application Data:gs5sys
    AlternateDataStreams: C:\Users\Calvin\AppData\Local\History:gs5sys
    AlternateDataStreams: C:\Users\Calvin\Documents\desktop.ini:gs5sys
    AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Calvin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 71.10.216.1 - 71.10.216.2
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
    mpsdrv Firewall Service is not running.
    MpsSvc Firewall Service is not running.
    bfe Firewall Service is not running.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{282C496E-86FE-41B2-AB9C-955A31B03E76}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    FirewallRules: [{D47AC28F-2B38-452D-8F44-D6F0E2F48136}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    FirewallRules: [{F1E96ACC-4514-4B8E-86E7-BA2B375C692C}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    FirewallRules: [{BD9B5563-A191-4D1C-BFB7-1169679B88F7}] => (Allow) C:\Program Files (x86)\AIM\aim.exe
    FirewallRules: [{6850836A-5405-4C67-9B7D-521175B99BE5}] => (Allow) C:\Program Files (x86)\AIM\aim.exe
    FirewallRules: [{5EB4EF96-002F-4027-90A0-40A8D81C1120}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
    FirewallRules: [{16E4DA30-0D2D-4FE7-A1F7-E8AFD11A3D35}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
    FirewallRules: [{17CAF1F1-19E6-46E4-819B-6AA71519FE23}] => (Allow) LPort=26675
    FirewallRules: [{9B7D160C-67A8-4EB8-B2B2-B2A8E9304566}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{FD467A1C-4602-4FE4-8689-AB8ED3825991}] => (Allow) svchost.exe
    FirewallRules: [{5E3F27ED-0C1E-4F93-8FE5-F337331CED81}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
    FirewallRules: [TCP Query User{C2D9C34B-465F-47C8-A3B6-80C69D68E42B}C:\program files (x86)\tencent\qqintl\bin\qq.exe] => (Allow) C:\program files (x86)\tencent\qqintl\bin\qq.exe
    FirewallRules: [UDP Query User{DD6591E6-F04B-4C67-9D60-81AF5A259727}C:\program files (x86)\tencent\qqintl\bin\qq.exe] => (Allow) C:\program files (x86)\tencent\qqintl\bin\qq.exe
    FirewallRules: [{10C63BBE-1EBF-4856-BA88-7EDBDB3ACC81}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{63CDBB63-93D1-4278-AEBF-27FFA34D0061}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [TCP Query User{6E343AD3-B1FC-44BC-978D-2BC405A1888A}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
    FirewallRules: [UDP Query User{DAB1EF2A-5078-42FC-B0DC-CBBF6C83D1BA}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
    FirewallRules: [TCP Query User{B57677ED-7169-48A8-8D98-800E14898FCA}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
    FirewallRules: [UDP Query User{C3EDABF2-1388-48B3-A8B3-320D3CA46967}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
    FirewallRules: [TCP Query User{D54C2BB4-5C64-4E71-8D81-F4BBB0F9D469}C:\program files (x86)\aim\aim.exe] => (Allow) C:\program files (x86)\aim\aim.exe
    FirewallRules: [UDP Query User{A7157999-3B04-493F-8BD6-8A23184B69D5}C:\program files (x86)\aim\aim.exe] => (Allow) C:\program files (x86)\aim\aim.exe
    FirewallRules: [{002C8D8D-5BEC-4EAF-9CB5-46B3CF042D80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{D4807B0F-2D8F-410E-9F05-95599A87C821}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{27CBA9C1-0CD8-4BED-BB98-8883067F878C}C:\program files\sony\vaio care\vcsystray.exe] => (Block) C:\program files\sony\vaio care\vcsystray.exe
    FirewallRules: [UDP Query User{30774FF0-5A55-4583-9155-505C2C11F29A}C:\program files\sony\vaio care\vcsystray.exe] => (Block) C:\program files\sony\vaio care\vcsystray.exe
    FirewallRules: [TCP Query User{B84C31BE-A795-46C4-AD1C-186E0405BD9A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
    FirewallRules: [UDP Query User{4DCF1858-B4D7-4CE2-8D9B-3FDDE732F34B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
    FirewallRules: [TCP Query User{30FB1917-24BE-4B94-9E2A-1CEAD8371AE7}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
    FirewallRules: [UDP Query User{1D5E103C-D2F3-4C0F-ABA4-E326C4E794AE}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
    FirewallRules: [{7D7B1FCE-FC39-4404-8CAF-15A2C32CA40D}] => (Allow) C:\Users\Calvin\AppData\Local\Temp\Blizzard Installer Bootstrap - 0123da5c\Installer.exe
    FirewallRules: [{A5808D6F-64D2-4873-8037-F91FAAF73AE5}] => (Allow) C:\Users\Calvin\AppData\Local\Temp\Blizzard Installer Bootstrap - 0123da5c\Installer.exe
    FirewallRules: [{3332097B-6573-495A-9D06-48F5BCBE8CA7}] => (Allow) LPort=3724
    FirewallRules: [TCP Query User{3DF6F7C1-A735-4084-90B4-8D273F49839B}C:\users\public\games\world of warcraft\launcher.exe] => (Allow) C:\users\public\games\world of warcraft\launcher.exe
    FirewallRules: [UDP Query User{871C06B6-F1BA-4F1C-9550-215C54CBDA75}C:\users\public\games\world of warcraft\launcher.exe] => (Allow) C:\users\public\games\world of warcraft\launcher.exe
    FirewallRules: [TCP Query User{A36EF660-E21D-401A-BF72-CD8EFCF74062}C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe
    FirewallRules: [UDP Query User{FBF48E1C-23E2-4EE2-A9CB-5B2D2A27A318}C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe
    FirewallRules: [{036F65B2-6633-4277-A756-5D7545612AAB}] => (Allow) C:\Program Files (x86)\StarCraft II Beta\StarCraft II.exe
    FirewallRules: [{E8732180-706A-4A4C-8296-4E019A640428}] => (Allow) C:\Program Files (x86)\StarCraft II Beta\StarCraft II.exe
    FirewallRules: [{23842B4A-8218-41BD-A9D8-38E9A9E587FB}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
    FirewallRules: [{3CE348F1-CA4B-4299-B76F-2ABE9D9AEEAA}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
    FirewallRules: [TCP Query User{9D6A33C6-28B2-4C28-9A9D-CB3CD5E6FA21}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Allow) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
    FirewallRules: [UDP Query User{B48152BF-8743-488E-86EE-C1EB68385B8B}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Allow) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
    FirewallRules: [TCP Query User{9293A258-43AE-4D57-AF18-323F1912F969}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
    FirewallRules: [UDP Query User{6572BA59-CC24-4F2A-B3BF-040B5E0CE800}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
    FirewallRules: [{EACEB4E4-E37F-40E5-9EED-D349CD79DB01}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{E0AB0201-490B-4734-B9C7-42C9E67D38AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{B9BE48DC-64D1-4594-A929-D1B546DEBC22}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{8BFA5C2C-60DD-4EC0-91A6-193FDD667912}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{E21B3623-D51B-48D8-86DD-8A708AD2C083}C:\program files (x86)\oovoo\oovoo.exe] => (Allow) C:\program files (x86)\oovoo\oovoo.exe
    FirewallRules: [UDP Query User{9F858974-4C74-490F-A147-D1FFDE61D7B7}C:\program files (x86)\oovoo\oovoo.exe] => (Allow) C:\program files (x86)\oovoo\oovoo.exe
    FirewallRules: [{DFE9F661-AF88-4994-86DB-F582ECC01862}] => (Allow) LPort=443
    FirewallRules: [{85990B22-0A58-4DA2-BECC-E5207A98643D}] => (Allow) LPort=443
    FirewallRules: [{9CEBD91C-1ABD-4453-9586-23563D517098}] => (Allow) LPort=37674
    FirewallRules: [{CBF68B62-3DE3-4E1E-882B-FBB15BBB4FCA}] => (Allow) LPort=37674
    FirewallRules: [{31B21385-ABAF-4D6A-A03C-5187270FAD8E}] => (Allow) LPort=37675
    FirewallRules: [{054D80C0-36B7-42F2-809C-591C60F42618}] => (Allow) C:\Users\Calvin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{CC36C340-3C41-434F-BE4B-19279B0B2BD2}] => (Allow) C:\Users\Calvin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{82469EE8-6128-4F03-BE93-574FD449AE49}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    FirewallRules: [{56377647-7052-4983-B8DA-940F88255F1D}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    FirewallRules: [{AB97C54B-0A17-4D7A-8CE6-041F6D9D4269}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    FirewallRules: [{F5D24ADC-DB08-491D-918A-B7DB49757266}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    FirewallRules: [{2BF6072F-BE90-4BFA-A3DC-D87C78FB93E0}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    FirewallRules: [{22554DB1-F4C1-46EC-B91B-02382E4C6D53}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{EE911469-9C66-4287-B207-42F679E2DD02}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{31D7B914-E1D1-45DA-A22A-C646C187554C}] => (Allow) C:\Users\Calvin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{49FEE09B-F298-4476-96AF-4A90D3831E63}] => (Allow) C:\Users\Calvin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [TCP Query User{C29C6B33-1A3B-4C8C-B3A6-5F79CAB5698D}C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe
    FirewallRules: [UDP Query User{9E2E7896-A831-4C35-ACF8-BCB365A7CE2C}C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe
    FirewallRules: [{6C1EC8A6-F898-42F3-A877-D8B0205FA8C5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{83835CBD-6FA5-4FAD-8695-913C04D73679}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [TCP Query User{30465FEF-FBA4-4B91-B2CB-BF087972753D}C:\program files (x86)\steam\steamapps\nivlac2425\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\nivlac2425\counter-strike source\hl2.exe
    FirewallRules: [UDP Query User{3FE8A49B-A3CE-45C7-9E5E-2F8F28AA3292}C:\program files (x86)\steam\steamapps\nivlac2425\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\nivlac2425\counter-strike source\hl2.exe
    FirewallRules: [{7563C0C3-E4FA-4DAD-A078-69FE2DD9EFA7}] => (Allow) C:\Users\Calvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{2AE2CDE3-9007-438D-AD57-7EA30A67FFAB}] => (Allow) C:\Users\Calvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{723E96A1-5501-4933-8B6A-704DA7F39B90}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
    FirewallRules: [{584C3FAD-35AF-4C9F-8797-606046B4A17F}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
    FirewallRules: [{B7EEAC77-4576-4747-9E2D-DC107A41F1C2}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
    FirewallRules: [{628FD4DE-92AF-4EA1-9AD2-01CC53E35E17}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
    FirewallRules: [{4016B523-CFB6-45A6-9268-77671BC4B455}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
    FirewallRules: [{A47D0D80-8DA1-4F03-8B1D-C35C454895B7}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
    FirewallRules: [{CC3BA127-BC16-44D9-9AE6-9CF55CD34180}] => (Allow) LPort=443
    FirewallRules: [{FE23FF94-E02A-4DB0-A153-DE5F78CD3A16}] => (Allow) LPort=443
    FirewallRules: [{7E4129C8-4B9F-442C-A854-E44CEEED7610}] => (Allow) LPort=37674
    FirewallRules: [{D0293BD7-AC02-43E4-A1B1-0992252BC38D}] => (Allow) LPort=37674
    FirewallRules: [{B5307407-F630-4EEB-BB23-78F4CE17D4BC}] => (Allow) LPort=37675
    FirewallRules: [{51C6D80F-C12C-47C5-A309-7A8711928431}] => (Allow) C:\Program Files (x86)\Steam\steamapps\nivlac2425\counter-strike source\hl2.exe
    FirewallRules: [{C5789131-9DF6-49D1-B291-D8A8706C02BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\nivlac2425\counter-strike source\hl2.exe
    FirewallRules: [{334F0EBE-4810-4EC2-85BF-6B05CD60D967}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
    FirewallRules: [{6DD4659C-B60F-4181-8124-8D96CEAB4C01}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
    FirewallRules: [{A3E1C6A6-74FB-4547-BEB8-C0E4851A3BD7}] => (Allow) LPort=7000
    FirewallRules: [{0E7A712C-D3E6-48F2-A982-06C6CFE195E1}] => (Allow) LPort=7000
    FirewallRules: [{F82C75CB-ED2D-4234-9960-2DCFD039C735}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
    FirewallRules: [{A4C3E3E8-F888-42DD-AF65-1D13773E5AF1}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
    FirewallRules: [TCP Query User{614C2085-0687-4DF3-98E2-085EF6564550}C:\users\calvin\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\calvin\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{D3E2D03E-F9D3-4383-A8C3-3D02671C9502}C:\users\calvin\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\calvin\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [{0754E7F7-3EEA-4FD3-8783-B203F4CA426D}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    FirewallRules: [{B7968823-B5DB-4ED8-B01D-8469995CA615}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    FirewallRules: [{218CBBCC-75BA-4885-BA25-7083C41FE58E}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
    FirewallRules: [{A818EB92-BAE0-473E-9D8B-7D39E5E8FD9A}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
    FirewallRules: [{BD54DD6F-18BA-4B36-A745-DCCDB70EDBD1}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    FirewallRules: [{C0BF4318-BE88-4FEB-92D7-9066938CEDCC}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    FirewallRules: [{A9C2A7E2-75FE-4C61-8B15-6FCD44513AE3}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    FirewallRules: [{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{22EC3136-CADE-4416-9D77-F40268D55AD2}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{C229CA86-D1D2-4089-A45B-2E31E803BAF1}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{4F08CF52-B016-4A68-944C-1304C9C0BE35}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{CD4A55A3-AC69-4910-B11D-11764353D2A1}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    FirewallRules: [{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    FirewallRules: [{8A3BB187-468E-4D84-9792-02A814D0A23C}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
    FirewallRules: [{DF58609B-7294-4D7B-8E9A-A4EABA727F0B}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe

    ==================== Faulty Device Manager Devices =============

    Name: Microsoft Virtual WiFi Miniport Adapter
    Description: Microsoft Virtual WiFi Miniport Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: vwifimp
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Could not list Devices. Check "winmgmt" service or repair WMI.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/29/2015 09:35:35 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
    Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

    Error: (09/29/2015 09:35:24 PM) (Source: appweb) (EventID: 3299) (User: )
    Description: appweb: Error: Could not publish http service on port 3582 .

    Error: (09/29/2015 09:04:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program Alpacasso.exe version 27.9.2015.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 36c0

    Start Time: 01d0fb3458d5d625

    Termination Time: 4

    Application Path: C:\Users\Calvin\Desktop\Alpacasso.exe

    Report Id: 626580d1-6728-11e5-92e3-0026436f2439

    Error: (09/29/2015 08:58:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program FRST64.exe version 27.9.2015.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 3284

    Start Time: 01d0fb343c571b95

    Termination Time: 4

    Application Path: C:\Users\Calvin\Desktop\FRST64.exe

    Report Id: 881991cc-6727-11e5-92e3-0026436f2439

    Error: (09/29/2015 08:56:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program FRST64.exe version 27.9.2015.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 2850

    Start Time: 01d0fb339ca25a7f

    Termination Time: 3

    Application Path: C:\Users\Calvin\Desktop\FRST64.exe

    Report Id: 3395815e-6727-11e5-92e3-0026436f2439

    Error: (09/29/2015 08:47:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program FRST64.exe version 27.9.2015.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1d10

    Start Time: 01d0fb322e2b2c52

    Termination Time: 3

    Application Path: C:\Users\Calvin\Desktop\FRST64.exe

    Report Id: 7add362a-6725-11e5-92e3-0026436f2439

    Error: (09/29/2015 08:46:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program FRST64.exe version 27.9.2015.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 33d0

    Start Time: 01d0fb32047ed69c

    Termination Time: 2

    Application Path: C:\Users\Calvin\Desktop\FRST64.exe

    Report Id:

    Error: (09/29/2015 08:33:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program VAIOUpdt.exe version 4.2.0.7160 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1334

    Start Time: 01d0fb174ab1a263

    Termination Time: 251

    Application Path: C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe

    Report Id: e1d1e6f3-6723-11e5-92e3-0026436f2439

    Error: (09/29/2015 08:08:58 PM) (Source: niZeroconfService) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 400501

    Error: (09/29/2015 08:08:58 PM) (Source: niZeroconfService) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 400501


    System errors:
    =============
    Error: (09/29/2015 10:05:27 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (09/29/2015 10:05:27 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (09/29/2015 10:05:27 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (09/29/2015 10:05:27 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (09/29/2015 10:02:39 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (09/29/2015 10:02:39 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (09/29/2015 10:02:31 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (09/29/2015 10:02:31 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (09/29/2015 09:59:28 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (09/29/2015 09:59:27 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM)2 Quad CPU Q8400 @ 2.66GHz
    Percentage of memory in use: 73%
    Total physical RAM: 6079.18 MB
    Available physical RAM: 1621.38 MB
    Total Virtual: 12156.56 MB
    Available Virtual: 5468.06 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:271.1 GB) (Free:53.52 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 60AAB2BB)
    Partition 1: (Not Active) - (Size=10.5 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=271.1 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=184.1 GB) - (Type=05)

    ==================== End of Addition.txt ============================
     
  7. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2
    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
    [​IMG] Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
    NOTE. If you already have MBAM 2.0 installed scroll down.
    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    If you already have MBAM 2.0 installed:
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    How to get logs:
    (Export log to save as txt)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • Attach that saved log to your next reply.
    (Copy to clipboard for pasting into forum replies or tickets)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.
    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.
    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
  8. user124

    user124 TS Rookie Topic Starter Posts: 23

    Thanks for the reply. Am I supposed to post the logs for every single one of the tools suggested?
     
  9. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Yes.
     
  10. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Reopened.
     
  11. user124

    user124 TS Rookie Topic Starter Posts: 23

    RogueKiller log:


    RogueKiller V10.10.9.0 [Oct 5 2015] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/software/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Calvin [Administrator]
    Started from : C:\Users\Calvin\Desktop\RogueKiller.exe
    Mode : Delete -- Date : 10/05/2015 22:21:48

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 15 ¤¤¤
    [PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll) -> Not selected
    [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll) -> Not selected
    [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} -> Not selected
    [PUP] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {CCC7A320-B3CA-4199-B1A6-9F516DD69829} : AVG Security Toolbar -> Not selected
    [PUP] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {95B7759C-8C7F-4BF1-B163-73684A933233} : -> Not selected
    [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | vProt : "C:\Program Files (x86)\AVG Secure Search\vprot.exe" -> Not selected
    [PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3178901641-3325030848-3832911895-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 185.28.193.95:8080 -> Not selected
    [PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3178901641-3325030848-3832911895-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 185.28.193.95:8080 -> Not selected
    [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3178901641-3325030848-3832911895-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Not selected
    [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3178901641-3325030848-3832911895-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E1DE6791-1BA0-4DD5-8AC2-8C10486FF114} | DhcpNameServer : 71.9.127.107 68.190.192.35 24.205.224.36 ([-][UNITED STATES (US)][UNITED STATES (US)]) -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{E1DE6791-1BA0-4DD5-8AC2-8C10486FF114} | DhcpNameServer : 71.9.127.107 68.190.192.35 24.205.224.36 ([-][UNITED STATES (US)][UNITED STATES (US)]) -> Not selected
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{E1DE6791-1BA0-4DD5-8AC2-8C10486FF114} | DhcpNameServer : 71.9.127.107 68.190.192.35 24.205.224.36 ([-][UNITED STATES (US)][UNITED STATES (US)]) -> Not selected
    [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected
    [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected

    ¤¤¤ Tasks : 1 ¤¤¤
    [Suspicious.Path] %WINDIR%\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job -- C:\Windows\TEMP\{A28F905F-CFF5-4A5E-873E-CF01884133C9}.exe (--uninstall=1) -> Not selected

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 56 (Driver: Not loaded [0xc000036b]) ¤¤¤
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0xd20010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0xd20010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x530010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x530010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0xb00010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0xb00010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x360010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x360010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x400010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x400010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0xa00010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0xa00010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x2b0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x2b0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x500010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x500010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x8e0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x8e0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x5e0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x5e0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0xd80010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0xd80010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x620010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x620010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x4a0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x4a0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x400010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x400010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0xaf0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0xaf0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x1090010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x1090010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x3c0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x3c0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0xf80010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0xf80010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x4b0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x4b0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x6c0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x6c0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x220010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x220010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x6b0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x6b0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x9e0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x9e0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0xcf0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0xcf0010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0xf40010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0xf40010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0xb30010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0xb30010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0x110010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0x110010
    [IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32.dll - CreateNamedPipeW : Unknown @ 0xb60010
    [IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32.dll - CreateNamedPipeW : Unknown @ 0xb60010

    ¤¤¤ Web browsers : 1 ¤¤¤
    [PUP][FIREFX:Addon] bduz2gzv.default : AVG Security Toolbar [avg@toolbar] -> Not selected

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: WDC WD5000AAJS-55A8B2 ATA Device +++++
    --- User ---
    [MBR] b2e9f656b8156a408a97252066438aa2
    [BSP] 6b4135c28636782d8133cf43fed29287 : Linux|VT.Unknown MBR Code
    Partition table:
    0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10744 MB
    1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 22005760 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 22210560 | Size: 277604 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    3 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 590758245 | Size: 188481 MB
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: Ricoh Memory Stick Disk Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive2: Ricoh SD/MMC Disk Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! ([32] The request is not supported. )
    Error reading LL2 MBR! ([32] The request is not supported. )
     
  12. user124

    user124 TS Rookie Topic Starter Posts: 23

    MBAM log:


    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 10/5/2015
    Scan Time: 10:25 PM
    Logfile: MBAM log.txt
    Administrator: Yes

    Version: 2.1.8.1057
    Malware Database: v2015.10.05.07
    Rootkit Database: v2015.10.02.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Calvin

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 499605
    Time Elapsed: 54 min, 19 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 5
    Trojan.Bedep, HKLM\SOFTWARE\CLASSES\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}, Delete-on-Reboot, [c19ae172a6e5c373be1d7277fb06e917],
    PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT1098640, Quarantined, [0b50e66dafdc75c15dbae4a757ad50b0],
    PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT1098640, Quarantined, [2338fc574b4059dd06117f0c08fc02fe],
    PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, Quarantined, [07540053e0abee488ebeb5eab54f7b85],
    PUP.Optional.InstallCore, HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\SOFTWARE\InstallCore, Quarantined, [c7941e3556351c1a38e4ae046c9818e8],

    Registry Values: 1
    PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640, Quarantined, [07540053e0abee488ebeb5eab54f7b85]

    Registry Data: 0
    (No malicious items detected)

    Folders: 6
    PUP.Optional.OpenCandy, C:\Users\Calvin\AppData\Roaming\OpenCandy, Quarantined, [b8a3dd7697f464d25b1357b333d0fe02],
    PUP.Optional.OpenCandy, C:\Users\Calvin\AppData\Roaming\OpenCandy\DF47FC7490394E9F9EF0A55878FE4EFB, Quarantined, [b8a3dd7697f464d25b1357b333d0fe02],
    PUP.Optional.OpenCandy, C:\Users\Calvin\AppData\Roaming\OpenCandy\OpenCandy_DF47FC7490394E9F9EF0A55878FE4EFB, Quarantined, [b8a3dd7697f464d25b1357b333d0fe02],
    Trojan.Clicker.FMS, C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}, Delete-on-Reboot, [96c54a09eba0280e0bbd61aff90ae917],
    PUP.Optional.Linkury, C:\Program Files (x86)\PennyBee, Quarantined, [4219a4af137821154cf2eb3f18ebe719],
    PUP.Optional.Linkury, C:\Program Files (x86)\PennyBee\Resources, Quarantined, [4219a4af137821154cf2eb3f18ebe719],

    Files: 5
    Trojan.Bedep, C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\msxml3.dll, Delete-on-Reboot, [c19ae172a6e5c373be1d7277fb06e917],
    Adware.Linkular, C:\Program Files (x86)\PennyBee\PennyBee.exe, Quarantined, [85d6064d0f7cc76f9cc07cdaba479868],
    Trojan.MSIL.Injector, C:\Users\Calvin\AppData\Local\Temp\SyvKlM5F.exe.part, Quarantined, [3d1ef55edeadd75fc460460df31232ce],
    Trojan.Clicker.FMS, C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\8afc49b02429a, Delete-on-Reboot, [96c54a09eba0280e0bbd61aff90ae917],
    PUP.Optional.Linkury, C:\Program Files (x86)\PennyBee\PennyBee.exe, Quarantined, [4219a4af137821154cf2eb3f18ebe719],

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  13. user124

    user124 TS Rookie Topic Starter Posts: 23

    AdwCleaner log:


    # AdwCleaner v5.010 - Logfile created 06/10/2015 at 18:38:37
    # Updated 04/10/2015 by Xplode
    # Database : 2015-10-05.3 [Server]
    # Operating system : Windows 7 Home Premium Service Pack 1 (x64)
    # Username : Calvin - CALVIN-VAIO
    # Running from : C:\Users\Calvin\Desktop\adwcleaner_5.010.exe
    # Option : Cleaning
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Folders ] *****

    [-] Folder Deleted : C:\Program Files (x86)\AVG Secure Search
    [-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    [-] Folder Deleted : C:\ProgramData\AVG Secure Search
    [-] Folder Deleted : C:\ProgramData\Avg_Update_0814tb
    [-] Folder Deleted : C:\Users\Calvin\AppData\Local\AVG Secure Search
    [-] Folder Deleted : C:\Users\Calvin\AppData\LocalLow\AVG Secure Search

    ***** [ Files ] *****

    [-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
    [-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
    [-] File Deleted : C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage
    [-] File Deleted : C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage-journal

    ***** [ DLLs ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****

    [-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv
    [-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv

    ***** [ Registry ] *****

    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    [-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    [-] Key Deleted : HKLM\SOFTWARE\Classes\S
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    [-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    [-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
    [-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6517DD27-EA6F-4947-9DEA-F9C487BB1020}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8FC1EE75-72B3-4A23-B987-2B1C4C8A611B}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0C1284BA-4F3A-41C6-94B5-77446F5948A9}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6517DD27-EA6F-4947-9DEA-F9C487BB1020}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6CB9D494-2482-4277-9E45-22F36C471461}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
    [-] Key Deleted : HKU\.DEFAULT\Software\PennyBee
    [-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
    [-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AVG Security Toolbar
    [-] Key Deleted : HKCU\Software\AVG Secure Search
    [-] Key Deleted : HKCU\Software\Bitberry Software
    [-] Key Deleted : HKCU\Software\Bitberry
    [-] Key Deleted : HKCU\Software\Softonic
    [-] Key Deleted : HKCU\Software\YahooPartnerToolbar
    [-] Key Deleted : HKCU\Software\Avg Secure Update
    [-] Key Deleted : HKCU\Software\Yahoo\Companion
    [-] Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    [-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
    [-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
    [-] Key Deleted : HKLM\SOFTWARE\Conduit
    [-] Key Deleted : HKLM\SOFTWARE\Avg Secure Update
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{33ACDFDB-F2E4-4B14-B5CF-B629FC2D358D}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DE1D6B0C-D8F3-4FC0-9B9F-E5EB1529BF94}
    [!] Key Not Deleted : [x64] HKCU\Software\AVG Secure Search
    [!] Key Not Deleted : [x64] HKCU\Software\Bitberry Software
    [!] Key Not Deleted : [x64] HKCU\Software\Bitberry
    [!] Key Not Deleted : [x64] HKCU\Software\Softonic
    [!] Key Not Deleted : [x64] HKCU\Software\YahooPartnerToolbar
    [!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
    [!] Key Not Deleted : [x64] HKCU\Software\Yahoo\Companion
    [!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AVG Security Toolbar
    [!] Key Not Deleted : HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\Software\AppDataLow\Software\Conduit
    [!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\AVG Security Toolbar

    ***** [ Web browsers ] *****


    *************************

    :: Winsock settings cleared

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9598 bytes] ##########
     
  14. user124

    user124 TS Rookie Topic Starter Posts: 23

    JRT log:


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 7.6.4 (09.28.2015:1)
    OS: Windows 7 Home Premium x64
    Ran by Calvin on Mon 10/05/2015 at 23:46:26.21
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services

    Successfully deleted: [Service] vToolbarUpdater18.9.0 [Reboot required]



    ~~~ Tasks



    ~~~ Registry Values

    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\APN PIP
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}



    ~~~ Files

    Successfully deleted: [File] C:\Users\Calvin\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage
    Successfully deleted: [File] C:\Users\Calvin\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage-journal
    Successfully deleted: [File] C:\Users\Calvin\Appdata\Local\google\chrome\user data\default\local storage\hxxp_services.hearstmags.com_0.localstorage
    Successfully deleted: [File] C:\Users\Calvin\Appdata\Local\google\chrome\user data\default\local storage\hxxp_services.hearstmags.com_0.localstorage-journal
    Successfully deleted: [File] C:\Users\Calvin\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage
    Successfully deleted: [File] C:\Users\Calvin\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage-journal
    Successfully deleted: [File] C:\Users\Calvin\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.ask.com_0.localstorage
    Successfully deleted: [File] C:\Users\Calvin\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.ask.com_0.localstorage-journal
    Successfully deleted: [File] C:\Users\Calvin\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.azlyrics.com_0.localstorage
    Successfully deleted: [File] C:\Users\Calvin\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.azlyrics.com_0.localstorage-journal
    Successfully deleted: [File] C:\Users\Calvin\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.lyricsfreak.com_0.localstorage
    Successfully deleted: [File] C:\Users\Calvin\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.lyricsfreak.com_0.localstorage-journal



    ~~~ Folders

    Successfully deleted: [Folder] C:\Program Files (x86)\avg security toolbar
    Successfully deleted: [Folder] C:\Program Files (x86)\Common Files\tencent
    Successfully deleted: [Folder] C:\Program Files (x86)\mipony
    Successfully deleted: [Folder] C:\Program Files (x86)\tencent
    Successfully deleted: [Folder] C:\ProgramData\partner
    Successfully deleted: [Folder] C:\Users\Calvin\Appdata\LocalLow\avg security toolbar
    Successfully deleted: [Folder] C:\Users\Calvin\AppData\Roaming\mipony
    Successfully deleted: [Folder] C:\Users\Calvin\AppData\Roaming\tencent
    Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin



    ~~~ FireFox

    Successfully deleted the following from C:\Users\Calvin\AppData\Roaming\mozilla\firefox\profiles\bduz2gzv.default\prefs.js

    user_pref(extensions.xpiState, {\app-profile\:{\{a95d8332-e4b4-6e7f-98ac-20b733364387}\:{\d\:\C:\\\\Users\\\\Calvin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Pr



    ~~~ Chrome

    Successfully deleted: [Folder] C:\Users\Calvin\Appdata\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

    [C:\Users\Calvin\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

    [C:\Users\Calvin\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
    ndibdjnfmopecpmkdieinmbadjfpblof

    [C:\Users\Calvin\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

    [C:\Users\Calvin\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
    [
    ndibdjnfmopecpmkdieinmbadjfpblof
    ]





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Mon 10/05/2015 at 23:53:19.14
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  15. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      If the connection is not there use restore point you created prior to running Combofix.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try the following...

    Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    Restart computer in safe mode

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    When the scan is done Notepad will open with rKill.txt log.
    NOTE. rKill.txt log will also be present on your desktop.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
     
  16. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Still with me?
     
  17. user124

    user124 TS Rookie Topic Starter Posts: 23

    Yes, sorry about the time between responses. I will get around to running this tonight and will post my results then. Thanks for the patience!
     
  18. Broni

    Broni Malware Annihilator Posts: 52,892   +344

  19. user124

    user124 TS Rookie Topic Starter Posts: 23

    Combo Fix log:

    ComboFix 15-10-09.01 - Calvin 10/12/2015 23:55:05.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6079.2088 [GMT -7:00]
    Running from: c:\users\Calvin\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\install.exe
    c:\users\Calvin\AppData\Local\assembly\tmp
    c:\users\Calvin\AppData\Local\Microsoft\Windows\Temporary Internet Files\udRemove.exe
    c:\windows\wininit.ini
    .
    .
    ((((((((((((((((((((((((( Files Created from 2015-09-13 to 2015-10-13 )))))))))))))))))))))))))))))))
    .
    .
    2015-10-13 07:17 . 2015-10-13 07:17 -------- d-----w- c:\users\Default\AppData\Local\temp
    2015-10-07 01:14 . 2015-10-07 01:38 -------- d-----w- C:\AdwCleaner
    2015-10-06 04:36 . 2015-10-06 05:24 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2015-10-06 04:36 . 2015-06-18 15:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
    2015-10-06 04:36 . 2015-06-18 15:41 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2015-10-06 04:36 . 2015-06-18 15:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
    2015-10-06 04:36 . 2015-10-06 04:36 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
    2015-10-06 04:36 . 2015-10-06 04:36 -------- d-----w- c:\programdata\Malwarebytes
    2015-10-06 04:20 . 2015-10-06 04:20 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
    2015-10-06 04:20 . 2015-10-06 05:23 -------- d-----w- c:\programdata\RogueKiller
    2015-10-02 04:35 . 2015-10-02 04:35 -------- d-----w- c:\users\Calvin\AppData\Local\GWX
    2015-09-30 03:42 . 2015-09-30 05:11 -------- d-----w- C:\FRST
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2015-09-02 03:04 . 2015-09-09 17:11 41984 ----a-w- c:\windows\system32\lpk.dll
    2015-09-02 03:04 . 2015-09-09 17:11 100864 ----a-w- c:\windows\system32\fontsub.dll
    2015-09-02 03:04 . 2015-09-09 17:11 14336 ----a-w- c:\windows\system32\dciman32.dll
    2015-09-02 03:04 . 2015-09-09 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
    2015-09-02 02:48 . 2015-09-09 17:11 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
    2015-09-02 02:48 . 2015-09-09 17:11 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
    2015-09-02 02:48 . 2015-09-09 17:11 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
    2015-09-02 02:47 . 2015-09-09 17:11 25600 ----a-w- c:\windows\SysWow64\lpk.dll
    2015-09-02 01:51 . 2015-09-09 17:11 3209216 ----a-w- c:\windows\system32\win32k.sys
    2015-09-02 01:47 . 2015-09-09 17:11 372736 ----a-w- c:\windows\system32\atmfd.dll
    2015-09-02 01:33 . 2015-09-09 17:11 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
    2015-08-27 18:18 . 2015-09-09 17:12 2004480 ----a-w- c:\windows\system32\msxml6.dll
    2015-08-27 18:18 . 2015-09-09 17:12 1887232 ----a-w- c:\windows\system32\msxml3.dll
    2015-08-27 18:13 . 2015-09-09 17:12 2048 ----a-w- c:\windows\system32\msxml6r.dll
    2015-08-27 18:13 . 2015-09-09 17:12 2048 ----a-w- c:\windows\system32\msxml3r.dll
    2015-08-27 17:58 . 2015-09-09 17:12 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
    2015-08-27 17:58 . 2015-09-09 17:12 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
    2015-08-27 17:51 . 2015-09-09 17:12 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
    2015-08-27 17:51 . 2015-09-09 17:12 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
    2015-08-27 01:37 . 2009-12-13 00:47 134753440 ----a-w- c:\windows\system32\MRT.exe
    2015-08-26 18:07 . 2015-09-09 17:10 98304 ----a-w- c:\windows\system32\wudriver.dll
    2015-08-26 18:07 . 2015-09-09 17:10 37888 ----a-w- c:\windows\system32\wups2.dll
    2015-08-26 18:07 . 2015-09-09 17:10 36864 ----a-w- c:\windows\system32\wups.dll
    2015-08-26 18:07 . 2015-09-09 17:10 3165696 ----a-w- c:\windows\system32\wucltux.dll
    2015-08-26 18:07 . 2015-09-09 17:10 2606080 ----a-w- c:\windows\system32\wuaueng.dll
    2015-08-26 18:07 . 2015-09-09 17:10 192000 ----a-w- c:\windows\system32\wuwebv.dll
    2015-08-26 18:07 . 2015-09-09 17:10 696320 ----a-w- c:\windows\system32\wuapi.dll
    2015-08-26 18:06 . 2015-09-09 17:10 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
    2015-08-26 18:06 . 2015-09-09 17:10 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
    2015-08-26 18:06 . 2015-09-09 17:10 37376 ----a-w- c:\windows\system32\wuapp.exe
    2015-08-26 18:06 . 2015-09-09 17:10 139776 ----a-w- c:\windows\system32\wuauclt.exe
    2015-08-26 17:56 . 2015-09-09 17:10 93184 ----a-w- c:\windows\SysWow64\wudriver.dll
    2015-08-26 17:56 . 2015-09-09 17:10 30208 ----a-w- c:\windows\SysWow64\wups.dll
    2015-08-26 17:56 . 2015-09-09 17:10 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
    2015-08-26 17:56 . 2015-09-09 17:10 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
    2015-08-26 17:55 . 2015-09-09 17:10 34816 ----a-w- c:\windows\SysWow64\wuapp.exe
    2015-08-22 14:40 . 2015-09-09 17:11 1763328 ----a-w- c:\windows\SysWow64\wininet.dll
    2015-08-22 14:40 . 2015-09-09 17:11 525312 ----a-w- c:\windows\SysWow64\vbscript.dll
    2015-08-22 14:40 . 2015-09-09 17:11 2865664 ----a-w- c:\windows\SysWow64\jscript9.dll
    2015-08-22 14:40 . 2015-09-09 17:11 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
    2015-08-22 14:40 . 2015-09-09 17:10 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
    2015-08-22 14:40 . 2015-09-09 17:11 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
    2015-08-22 13:51 . 2015-09-09 17:10 51712 ----a-w- c:\windows\system32\ie4uinit.exe
    2015-08-22 13:51 . 2015-09-09 17:11 2239488 ----a-w- c:\windows\system32\wininet.dll
    2015-08-22 13:51 . 2015-09-09 17:11 603136 ----a-w- c:\windows\system32\vbscript.dll
    2015-08-22 13:51 . 2015-09-09 17:11 1409024 ----a-w- c:\windows\system32\urlmon.dll
    2015-08-22 13:50 . 2015-09-09 17:10 197120 ----a-w- c:\windows\system32\msrating.dll
    2015-08-22 13:50 . 2015-09-09 17:11 19291648 ----a-w- c:\windows\system32\mshtml.dll
    2015-08-22 13:50 . 2015-09-09 17:10 603136 ----a-w- c:\windows\system32\msfeeds.dll
    2015-08-22 13:50 . 2015-09-09 17:10 97280 ----a-w- c:\windows\system32\mshtmled.dll
    2015-08-22 13:50 . 2015-09-09 17:11 857600 ----a-w- c:\windows\system32\jscript.dll
    2015-08-22 13:50 . 2015-09-09 17:11 3959808 ----a-w- c:\windows\system32\jscript9.dll
    2015-08-22 13:50 . 2015-09-09 17:10 53248 ----a-w- c:\windows\system32\jsproxy.dll
    2015-08-22 13:50 . 2015-09-09 17:11 15415808 ----a-w- c:\windows\system32\ieframe.dll
    2015-08-22 13:50 . 2015-09-09 17:11 136704 ----a-w- c:\windows\system32\iesysprep.dll
    2015-08-22 13:50 . 2015-09-09 17:11 2657280 ----a-w- c:\windows\system32\iertutil.dll
    2015-08-22 13:50 . 2015-09-09 17:10 526336 ----a-w- c:\windows\system32\ieui.dll
    2015-08-22 13:50 . 2015-09-09 17:10 39936 ----a-w- c:\windows\system32\iernonce.dll
    2015-08-22 13:50 . 2015-09-09 17:10 67072 ----a-w- c:\windows\system32\iesetup.dll
    2015-08-22 13:50 . 2015-09-09 17:10 255488 ----a-w- c:\windows\system32\iedkcs32.dll
    2015-08-22 13:50 . 2015-09-09 17:10 281600 ----a-w- c:\windows\system32\dxtrans.dll
    2015-08-22 13:50 . 2015-09-09 17:10 451584 ----a-w- c:\windows\system32\dxtmsft.dll
    2015-08-22 13:50 . 2015-09-09 17:11 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
    2015-08-20 18:53 . 2015-09-09 17:10 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2015-08-20 18:46 . 2015-09-09 17:10 2706432 ----a-w- c:\windows\system32\mshtml.tlb
    2015-08-20 18:21 . 2015-09-09 17:10 361984 ----a-w- c:\windows\SysWow64\html.iec
    2015-08-20 18:19 . 2015-09-09 17:10 441856 ----a-w- c:\windows\system32\html.iec
    2015-08-20 17:56 . 2015-09-09 17:10 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
    2015-08-20 17:55 . 2015-09-09 17:10 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2015-08-09 02:56 . 2015-08-09 02:56 638688 ----a-w- c:\programdata\Microsoft\Blend\14.0\1033\ResourceCache.dll
    2015-08-09 02:56 . 2015-08-09 02:56 2724000 ----a-w- c:\programdata\Microsoft\VisualStudio\14.0\1033\ResourceCache.dll
    2015-08-05 17:56 . 2015-09-09 17:14 1110016 ----a-w- c:\windows\system32\schedsvc.dll
    2015-08-05 17:56 . 2015-09-09 17:14 24576 ----a-w- c:\windows\system32\jnwmon.dll
    2015-08-05 17:56 . 2015-09-09 17:14 275456 ----a-w- c:\windows\system32\InkEd.dll
    2015-08-05 17:40 . 2015-09-09 17:14 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
    2015-08-04 18:03 . 2015-09-09 17:12 692672 ----a-w- c:\windows\system32\winload.efi
    2015-08-04 18:00 . 2015-09-09 17:12 616360 ----a-w- c:\windows\system32\winresume.efi
    2015-08-04 17:56 . 2015-09-09 17:12 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
    2015-08-04 17:56 . 2015-09-09 17:12 59392 ----a-w- c:\windows\system32\appidapi.dll
    2015-08-04 17:56 . 2015-09-09 17:12 32768 ----a-w- c:\windows\system32\appidsvc.dll
    2015-08-04 17:55 . 2015-09-09 17:12 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
    2015-08-04 17:55 . 2015-09-09 17:12 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
    2015-08-04 17:47 . 2015-09-09 17:12 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
    2015-08-04 16:58 . 2015-09-09 17:12 61440 ----a-w- c:\windows\system32\drivers\appid.sys
    2015-07-30 18:06 . 2015-08-12 05:13 1648128 ----a-w- c:\windows\system32\DWrite.dll
    2015-07-30 18:06 . 2015-08-12 05:13 1180160 ----a-w- c:\windows\system32\FntCache.dll
    2015-07-30 18:06 . 2015-08-12 05:13 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
    2015-07-30 17:57 . 2015-08-12 05:13 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
    2015-07-30 17:57 . 2015-08-12 05:13 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
    2015-07-30 13:13 . 2015-08-12 10:42 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
    2015-07-30 13:13 . 2015-08-12 10:42 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-07-28 20:09 . 2015-08-12 05:14 17344 ----a-w- c:\windows\system32\CompatTelRunner.exe
    2015-07-28 20:05 . 2015-08-12 05:14 774656 ----a-w- c:\windows\system32\invagent.dll
    2015-07-28 20:05 . 2015-08-12 05:14 743424 ----a-w- c:\windows\system32\generaltel.dll
    2015-07-28 20:05 . 2015-08-12 05:14 437760 ----a-w- c:\windows\system32\devinv.dll
    2015-07-28 20:05 . 2015-08-12 05:14 1116672 ----a-w- c:\windows\system32\appraiser.dll
    2015-07-28 20:05 . 2015-08-12 05:14 69120 ----a-w- c:\windows\system32\acmigration.dll
    2015-07-28 20:05 . 2015-08-12 05:14 227328 ----a-w- c:\windows\system32\aepdu.dll
    2015-07-28 19:55 . 2015-08-12 05:14 1148416 ----a-w- c:\windows\system32\aeinv.dll
    2015-07-28 05:11 . 2015-07-28 05:11 12037840 ----a-w- c:\programdata\Microsoft\VisualStudioSecondaryInstaller\14.0\installers\TypeScriptV2\en\0\TypeScript_Full.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 194824 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2009-07-21 78184]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "Spotify Web Helper"="c:\users\Calvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-09-18 2025016]
    "NIRegistrationWizard"="c:\program files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe" [2013-04-19 847000]
    "Dropbox Update"="c:\users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-07-01 134512]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-08-27 79872]
    "SHTtray.exe"="c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2009-07-27 99624]
    "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2015-05-19 2598912]
    "RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
    "TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2013-09-16 295512]
    .
    c:\users\Calvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\Calvin\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-4 36710768]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
    NI Error Reporting.lnk - c:\program files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe [2014-5-20 665944]
    SolidWorks 2014 Fast Start.lnk - c:\windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe [2015-1-25 335872]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
    2009-08-18 16:02 98304 ------w- c:\windows\System32\VESWinlogon.dll
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804]
    Ime File REG_SZ GOOGLEPINYIN2.IME
    .
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    R2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
    R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
    R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [x]
    R3 copperhd;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys;c:\windows\SYSNATIVE\drivers\copperhd.sys [x]
    R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
    R3 hidkmdf;Microsoft HID Class Shim for KMDF;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
    R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
    R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
    R3 Remote Solver for Flow Simulation 2011;Remote Solver for Flow Simulation 2011;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [x]
    R3 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe;c:\program files\Sony\VAIO Care\collsvc.exe [x]
    R3 savt;SAVT Service;c:\windows\system32\DRIVERS\savt.sys;c:\windows\SYSNATIVE\DRIVERS\savt.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
    R3 VSStandardCollectorService140;Visual Studio Standard Collector Service;c:\program files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe;c:\program files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R4 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsfiltera.sys [x]
    R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe;c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [x]
    S0 aswRvrt;avast! Revert; [x]
    S0 aswVmm;avast! VM Monitor; [x]
    S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
    S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
    S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\rsdrvx64.sys;c:\windows\SYSNATIVE\drivers\rsdrvx64.sys [x]
    S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [x]
    S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
    S2 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [x]
    S2 niauth;NI Authentication Service;c:\program files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe;c:\program files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [x]
    S2 nimDNSResponder;NI mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [x]
    S2 NINetworkDiscovery;NI Network Discovery;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [x]
    S2 NISystemWebServer;NI System Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe;c:\program files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [x]
    S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
    S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
    S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimssne64.sys;c:\windows\SYSNATIVE\DRIVERS\rimssne64.sys [x]
    S2 risdsnpe;risdsnpe;c:\windows\system32\DRIVERS\risdsne64.sys;c:\windows\SYSNATIVE\DRIVERS\risdsne64.sys [x]
    S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
    S2 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [x]
    S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
    S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
    S2 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [x]
    S2 Texis Monitor;Texis Monitor;c:\simulia\Documentation\monitor.exe;c:\simulia\Documentation\monitor.exe [x]
    S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
    S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
    S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
    S3 AVerAVF2;AVerAVF2;c:\windows\system32\DRIVERS\AVerAVF2.sys;c:\windows\SYSNATIVE\DRIVERS\AVerAVF2.sys [x]
    S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
    S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y62x64.sys [x]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 NW1950;NextWindow 1950 Touch Screen;c:\windows\system32\DRIVERS\NW1950.sys;c:\windows\SYSNATIVE\DRIVERS\NW1950.sys [x]
    S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - WS2IFSL
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2015-09-26 01:44 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\45.0.2454.101\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2015-10-13 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core.job
    - c:\users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-01 03:24]
    .
    2015-10-13 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA.job
    - c:\users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-01 03:24]
    .
    2015-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-03 08:56]
    .
    2015-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-03 08:56]
    .
    2015-10-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core.job
    - c:\users\Calvin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-31 08:56]
    .
    2015-10-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA.job
    - c:\users\Calvin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-31 08:56]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 232712 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 232712 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 232712 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 232712 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 232712 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 232712 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 232712 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
    2015-10-01 23:08 232712 ----a-w- c:\users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-24 7938080]
    "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-24 1833504]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-28 16335392]
    "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyServer = 185.28.193.95:8080
    TCP: DhcpNameServer = 71.10.216.1 71.10.216.2
    FF - ProfilePath - c:\users\Calvin\AppData\Roaming\Mozilla\Firefox\Profiles\bduz2gzv.default\
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
    Toolbar-Locked - (no file)
    ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
    "ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\FolderExtensions\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}]
    @Denied: (C D 2 3 6) (CreatorAuthority-4)
    @Denied: (C D 2 3 6) (Everyone)
    @SACL=(02 0001)
    @Ace=(0x11) (1 3) (S-1-16-12288)
    "DriveMask"=dword:ffffffff
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.17"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
    @="{6EF568F4-D437-4466-AA63-A3645136D93E}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    c:\windows\SysWOW64\lkads.exe
    c:\program files (x86)\National Instruments\MAX\nimxs.exe
    c:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe
    c:\program files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe
    c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
    c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    c:\windows\SysWOW64\lkcitdl.exe
    c:\windows\SysWOW64\DllHost.exe
    c:\windows\SysWOW64\lktsrv.exe
    c:\program files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
    c:\program files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe
    c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    c:\program files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
    c:\program files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    c:\program files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    c:\program files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    c:\program files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    c:\program files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    c:\users\Calvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    .
    **************************************************************************
    .
    Completion time: 2015-10-13 00:36:22 - machine was rebooted
    ComboFix-quarantined-files.txt 2015-10-13 07:36
    .
    Pre-Run: 55,788,675,072 bytes free
    Post-Run: 69,185,105,920 bytes free
    .
    - - End Of File - - 1AC197F2548EDE29C18EE6966BDB36E0
    D1CFA7E93C0E65466E95383A8457408A
     
  20. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
     
  21. user124

    user124 TS Rookie Topic Starter Posts: 23

    FRST log (Part 1):


    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015
    Ran by Calvin (administrator) on CALVIN-VAIO (13-10-2015 20:55:46)
    Running from C:\Users\Calvin\Desktop
    Loaded Profiles: Calvin (Available Profiles: Calvin)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 10 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Windows\System32\wisptis.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
    (National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
    () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
    (Expansion Programs International, Inc.) C:\SIMULIA\Documentation\monitor.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    (Expansion Programs International, Inc.) C:\SIMULIA\Documentation\monitor.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
    (National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
    (National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    (Microsoft Corporation) C:\Windows\System32\wisptis.exe
    (Google Inc.) C:\Program Files\Google\Google Pinyin 2\GooglePinyinDaemon.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Spotify Ltd) C:\Users\Calvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    () C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
    (Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
    (Dropbox, Inc.) C:\Users\Calvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
    () C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    () C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    () C:\Program Files\Google\Google Pinyin 2\GooglePinyinService.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (Farbar) C:\Users\Calvin\Desktop\FRST64 (2).exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-23] (Realtek Semiconductor)
    HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-23] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [16335392 2009-07-27] (NVIDIA Corporation)
    HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
    HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [79872 2009-08-26] (Sony Electronics Corporation)
    HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99624 2009-07-27] (Sony Corporation)
    HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598912 2015-05-19] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
    HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-16] (RealNetworks, Inc.)
    Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [78184 2009-07-21] (Sony Corporation)
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Run: [Spotify Web Helper] => C:\Users\Calvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-17] (Spotify Ltd)
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Run: [NIRegistrationWizard] => C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [847000 2013-04-19] ()
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Run: [Dropbox Update] => C:\Users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2009-08-19]
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2015-01-15]
    ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Fast Start.lnk [2015-01-25]
    ShortcutTarget: SolidWorks 2014 Fast Start.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
    Startup: C:\Users\Calvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-12]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    ProxyServer: [S-1-5-21-3178901641-3325030848-3832911895-1000] => 185.28.193.95:8080
    Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512 2014-06-06] (National Instruments Corporation)
    Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560 2014-06-06] (National Instruments Corporation)
    Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2
    Tcpip\..\Interfaces\{B0E160BF-9299-42C3-A389-0FC1DC72135E}: [DhcpNameServer] 71.10.216.1 71.10.216.2
    Tcpip\..\Interfaces\{E1DE6791-1BA0-4DD5-8AC2-8C10486FF114}: [DhcpNameServer] 71.9.127.107 68.190.192.35 24.205.224.36

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
    BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-09-03] (Google Inc.)
    BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.7725.1624\swg64.dll [2012-08-07] (Google Inc.)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-12-23] (Sun Microsystems, Inc.)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
    BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
    BHO-x32: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
    BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> => No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04] (Oracle Corporation)
    BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-03] (Google Inc.)
    BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-03] (Google Inc.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04] (Oracle Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-09-03] (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-03] (Google Inc.)
    Toolbar: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-09-03] (Google Inc.)
    DPF: HKLM-x32 {02CF1781-EA91-4FA5-A200-646E8241987C} hxxp://esupport.sony.com/VaioInfo.CAB
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
    Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
    Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
    Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)

    FireFox:
    ========
    FF ProfilePath: C:\Users\Calvin\AppData\Roaming\Mozilla\Firefox\Profiles\bduz2gzv.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
    FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-12-23] (Sun Microsystems, Inc.)
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [No File]
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
    FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-04-04] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
    FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-09-16] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-09-16] (RealPlayer)
    FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
    FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4092550\npmathplugin.dll [2013-02-07] (Wolfram Research, Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3178901641-3325030848-3832911895-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Calvin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-3178901641-3325030848-3832911895-1000: @talk.google.com/O1DPlugin -> C:\Users\Calvin\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-3178901641-3325030848-3832911895-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3178901641-3325030848-3832911895-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3178901641-3325030848-3832911895-1000: iloen.com/MelOnWebLinker -> C:\Windows\system32\npMelOnWebLinker.dll [No File]
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll [2014-05-13] (National Instruments)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2013win32.dll [2014-04-02] (National Instruments)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2014win32.dll [2014-06-25] (National Instruments)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2013-09-16] (RealNetworks, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2013-09-16] (RealPlayer)
    FF Plugin ProgramFiles/Appdata: C:\Users\Calvin\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Calvin\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Extension: LeechBlock - C:\Users\Calvin\AppData\Roaming\Mozilla\Firefox\Profiles\bduz2gzv.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2015-02-03]
    FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4
    FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4 [2011-10-21]
    FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-16]
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack
    FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack [2012-05-13]
     
  22. user124

    user124 TS Rookie Topic Starter Posts: 23

    FRST Log (Part 2):


    Chrome:
    =======
    CHR Session Restore: Default -> is enabled.
    CHR Plugin: (Shockwave Flash) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll => No File
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => No File
    CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll => No File
    CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll => No File
    CHR Plugin: (Google Talk Plugin) - C:\Users\Calvin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Calvin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => No File
    CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Calvin\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll => No File
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
    CHR Plugin: (INICIS INIpay Plugin) - C:\Program Files (x86)\INICIS61\plugins\npINIwallet61.dll => No File
    CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Calvin\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll => No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll => No File
    CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
    CHR Plugin: (MelOnWebLinker) - C:\Windows\system32\npMelOnWebLinker.dll => No File
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
    CHR Profile: C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-24]
    CHR Extension: (Google Drive) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-24]
    CHR Extension: (YouTube) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-24]
    CHR Extension: (Google Search) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-24]
    CHR Extension: (Google Docs Offline) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-12]
    CHR Extension: (AdBlock) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-03]
    CHR Extension: (StayFocusd) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2014-08-05]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
    CHR Extension: (Creately - Diagrams & Collaboration) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehmcgkakgfcibfkeofncglipefjcfnn [2015-08-18]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
    CHR Extension: (Gmail) - C:\Users\Calvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-24]
    CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5176832 2015-05-19] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [198616 2015-05-19] (AVG Technologies CZ, s.r.o.)
    R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2014-01-14] (National Instruments, Inc.)
    R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [53032 2014-06-09] (National Instruments Corporation)
    R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [63280 2014-06-09] (National Instruments Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
    R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [84280 2014-06-07] (National Instruments Corporation)
    R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57184 2014-06-10] (National Instruments Corporation)
    S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [80736 2014-06-10] (National Instruments Corporation)
    R2 niauth; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [569152 2014-06-20] (National Instruments Corporation)
    R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [394544 2014-06-09] (National Instruments Corporation)
    S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
    R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [320368 2014-06-06] (National Instruments Corporation)
    R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [177536 2014-06-20] (National Instruments Corporation)
    R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [89928 2014-06-06] (National Instruments Corporation)
    R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57168 2014-06-10] (National Instruments Corporation)
    R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [692040 2014-06-10] (National Instruments Corporation)
    R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
    S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
    S3 SampleCollector; C:\Program Files\Sony\VAIO Care\collsvc.exe [167424 2009-09-16] (Intel Corporation) [File not signed]
    R2 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-07-27] (Sony Corporation)
    R2 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-07-27] (Sony Corporation)
    S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-01-25] (SolidWorks) [File not signed]
    R2 Texis Monitor; C:\SIMULIA\Documentation\monitor.exe [4493312 2013-01-17] (Expansion Programs International, Inc.) [File not signed]
    S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-07-23] (Sony Corporation) [File not signed]
    R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642920 2009-07-22] (Sony Corporation)
    R3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-07-23] (Sony Corporation)
    S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
    R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-07-23] (Sony Corporation) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
    S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
    S2 MSCamSvc; "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" [X]
    S3 Remote Solver for Flow Simulation 2011; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [X]

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-18] ()
    U5 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-18] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-18] ()
    U5 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-18] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-18] ()
    R3 AVerAVF2; C:\Windows\System32\DRIVERS\AVerAVF2.sys [1019776 2009-08-07] (AVerMedia TECHNOLOGIES, Inc.)
    S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127752 2015-05-19] (AVG Technologies CZ, s.r.o. )
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28936 2015-05-19] (AVG Technologies CZ, s.r.o. )
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307464 2015-05-19] (AVG Technologies CZ, s.r.o.)
    R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [49928 2015-05-19] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [39176 2015-05-19] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384776 2015-05-19] (AVG Technologies CZ, s.r.o.)
    S3 copperhd; C:\Windows\System32\drivers\copperhd.sys [13824 2006-05-24] (Razer (Asia-Pacific) Pte Ltd)
    S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
    S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
    R3 NW1950; C:\Windows\System32\DRIVERS\NW1950.sys [25064 2009-08-16] ()
    S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74240 2011-02-16] (Research In Motion Limited)
    R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
    S3 savt; C:\Windows\System32\DRIVERS\savt.sys [4218368 2009-06-30] (Sony Corporation)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-08-16] () [File not signed]
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-10-05] ()
    S4 AVGIDSFilter; system32\DRIVERS\avgidsfiltera.sys [X]
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2099-12-00 4848:800 - 2010-02-15 21:23 - 00001744 ____H C:\ProgramData\sasihipa
    2015-10-13 20:55 - 2015-10-13 20:57 - 00042799 _____ C:\Users\Calvin\Desktop\FRST.txt
    2015-10-13 20:54 - 2015-10-13 20:54 - 02196480 _____ (Farbar) C:\Users\Calvin\Downloads\FRST64 (2).exe
    2015-10-13 20:54 - 2015-10-13 20:54 - 02196480 _____ (Farbar) C:\Users\Calvin\Desktop\FRST64 (2).exe
    2015-10-13 19:48 - 2015-10-13 19:48 - 00003348 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3178901641-3325030848-3832911895-1000
    2015-10-13 19:48 - 2015-10-13 19:48 - 00003216 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3178901641-3325030848-3832911895-1000
    2015-10-13 00:36 - 2015-10-13 00:36 - 00044836 _____ C:\ComboFix.txt
    2015-10-12 23:51 - 2015-10-13 00:36 - 00000000 ____D C:\ComboFix
    2015-10-12 23:51 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe
    2015-10-12 23:51 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe
    2015-10-12 23:51 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2015-10-12 23:51 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2015-10-12 23:51 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2015-10-12 23:51 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe
    2015-10-12 23:51 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe
    2015-10-12 23:51 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe
    2015-10-12 23:46 - 2015-10-13 00:36 - 00000000 ____D C:\Qoobox
    2015-10-12 23:46 - 2015-10-13 00:33 - 00000000 ____D C:\Windows\erdnt
    2015-10-08 00:21 - 2015-10-08 00:21 - 00005552 _____ C:\Users\Calvin\Downloads\N-400 (2).xml
    2015-10-07 23:14 - 2015-10-07 23:14 - 00002764 _____ C:\Users\Calvin\Downloads\N-400 (1).xml
    2015-10-07 23:08 - 2015-10-12 23:45 - 05636349 ____R (Swearware) C:\Users\Calvin\Desktop\ComboFix.exe
    2015-10-07 23:08 - 2015-10-07 23:08 - 05635766 _____ (Swearware) C:\Users\Calvin\Downloads\ComboFix.exe
    2015-10-07 22:29 - 2015-10-07 22:29 - 00002004 _____ C:\Users\Calvin\Downloads\N-400.xml
    2015-10-06 20:04 - 2015-10-06 20:04 - 00009745 _____ C:\Users\Calvin\Desktop\AdwCleaner[C1].txt
    2015-10-06 18:14 - 2015-10-06 18:38 - 00000000 ____D C:\AdwCleaner
    2015-10-05 23:53 - 2015-10-05 23:53 - 00005847 _____ C:\Users\Calvin\Desktop\JRT.txt
    2015-10-05 21:38 - 2015-10-05 21:38 - 01801288 _____ (Malwarebytes) C:\Users\Calvin\Downloads\JRT.exe
    2015-10-05 21:38 - 2015-10-05 21:38 - 01801288 _____ (Malwarebytes) C:\Users\Calvin\Desktop\JRT.exe
    2015-10-05 21:38 - 2015-10-05 21:37 - 01681920 _____ C:\Users\Calvin\Desktop\adwcleaner_5.010.exe
    2015-10-05 21:37 - 2015-10-05 21:37 - 01681920 _____ C:\Users\Calvin\Downloads\adwcleaner_5.010.exe
    2015-10-05 21:36 - 2015-10-05 22:24 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-10-05 21:36 - 2015-10-05 21:36 - 00001066 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-10-05 21:36 - 2015-10-05 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-10-05 21:36 - 2015-10-05 21:36 - 00000000 ____D C:\ProgramData\Malwarebytes
    2015-10-05 21:36 - 2015-10-05 21:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-10-05 21:36 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-10-05 21:36 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-10-05 21:36 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2015-10-05 21:33 - 2015-10-05 21:34 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Calvin\Downloads\mbam-setup-2.1.8.1057.exe
    2015-10-05 21:20 - 2015-10-05 22:23 - 00000000 ____D C:\ProgramData\RogueKiller
    2015-10-05 21:20 - 2015-10-05 21:20 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2015-10-05 21:20 - 2015-10-05 21:19 - 18823752 _____ C:\Users\Calvin\Desktop\RogueKiller.exe
    2015-10-05 21:18 - 2015-10-05 21:19 - 18823752 _____ C:\Users\Calvin\Downloads\RogueKiller.exe
    2015-10-02 20:44 - 2015-10-02 20:44 - 00000000 ____D C:\Users\Calvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-10-01 21:35 - 2015-10-01 21:35 - 00000000 ____D C:\Users\Calvin\AppData\Local\GWX
    2015-09-29 20:57 - 2015-09-29 20:57 - 02192384 _____ (Farbar) C:\Users\Calvin\Downloads\FRST64 (1).exe
    2015-09-29 20:42 - 2015-10-13 20:56 - 00000000 ____D C:\FRST
    2015-09-29 20:41 - 2015-09-29 20:41 - 02192384 _____ (Farbar) C:\Users\Calvin\Downloads\FRST64.exe
    2015-09-29 17:52 - 2015-09-29 17:53 - 00388608 _____ (Trend Micro Inc.) C:\Users\Calvin\Downloads\Crusty.exe
    2015-09-15 18:34 - 2015-09-15 18:34 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-10-13 20:40 - 2009-09-03 01:42 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-10-13 20:25 - 2011-03-31 16:33 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA.job
    2015-10-13 20:23 - 2015-06-30 20:24 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA.job
    2015-10-13 20:12 - 2009-11-03 22:21 - 01632926 _____ C:\Windows\WindowsUpdate.log
    2015-10-13 19:55 - 2009-07-13 21:45 - 00018928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-10-13 19:55 - 2009-07-13 21:45 - 00018928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-10-13 19:47 - 2011-10-10 21:46 - 00000000 ___RD C:\Users\Calvin\Dropbox
    2015-10-13 19:45 - 2011-10-21 17:05 - 00000000 ____D C:\Windows\system32\Drivers\AVG
    2015-10-13 19:45 - 2011-10-10 21:45 - 00000000 ____D C:\Users\Calvin\AppData\Roaming\Dropbox
    2015-10-13 19:41 - 2009-09-03 01:42 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-10-13 19:39 - 2013-06-22 22:04 - 00033266 _____ C:\Windows\setupact.log
    2015-10-13 19:39 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-10-13 00:36 - 2015-07-29 22:28 - 00000000 ____D C:\Users\Calvin\AppData\Local\Apps\2.0
    2015-10-13 00:25 - 2011-03-31 16:33 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core.job
    2015-10-13 00:25 - 2009-07-13 19:34 - 00000215 _____ C:\Windows\system.ini
    2015-10-13 00:20 - 2009-08-19 12:19 - 00967554 _____ C:\Windows\PFRO.log
    2015-10-12 22:23 - 2015-06-30 20:24 - 00000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core.job
    2015-10-12 20:55 - 2014-01-03 01:57 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
    2015-10-12 20:55 - 2014-01-03 01:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
    2015-10-08 23:26 - 2014-11-09 23:36 - 00000000 ____D C:\Users\Calvin\Desktop\Old personal docs
    2015-10-08 00:36 - 2015-04-04 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
    2015-10-08 00:36 - 2015-04-04 03:01 - 00000000 ___SD C:\Windows\system32\GWX
    2015-10-07 21:57 - 2014-07-22 21:48 - 00000000 ____D C:\Users\Calvin\AppData\Roaming\Spotify
    2015-10-07 21:50 - 2014-07-22 21:49 - 00000000 ____D C:\Users\Calvin\AppData\Local\Spotify
    2015-10-06 17:53 - 2009-07-13 21:45 - 00000000 ____D C:\Windows\Setup
    2015-10-05 21:16 - 2009-07-13 22:08 - 00032542 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2015-10-02 21:45 - 2013-08-15 14:05 - 00000000 ____D C:\Windows\rescache
    2015-10-02 21:43 - 2009-12-09 17:20 - 00000000 ____D C:\Windows\System32\Tasks\Games
    2015-09-21 22:10 - 2015-07-31 00:43 - 00000970 _____ C:\Users\Calvin\Desktop\FileZilla.lnk
    2015-09-16 19:50 - 2009-12-07 21:38 - 00000000 ____D C:\Users\Calvin\AppData\Local\Google
    2015-09-16 00:20 - 2011-03-31 16:33 - 00003888 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA
    2015-09-16 00:20 - 2011-03-31 16:33 - 00003492 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core
    2015-09-15 21:11 - 2010-01-29 14:56 - 00000000 ____D C:\Users\Calvin\AppData\Roaming\vlc
    2015-09-15 18:35 - 2009-09-03 01:42 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

    ==================== Files in the root of some directories =======

    2010-01-14 18:19 - 2010-01-14 18:19 - 0000122 _____ () C:\Users\Calvin\AppData\Roaming\wklnhst.dat
    2011-12-21 21:09 - 2011-12-21 21:10 - 0001586 ___SH () C:\Users\Calvin\AppData\Local\7a24sn6j37j311
    2014-02-18 21:30 - 2014-02-18 21:30 - 0008192 _____ () C:\Users\Calvin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-12-03 00:18 - 2014-12-03 00:18 - 0026900 _____ () C:\Users\Calvin\AppData\Local\dt.dat
    2010-06-09 22:16 - 2011-10-16 20:47 - 0000000 _____ () C:\Users\Calvin\AppData\Local\prvlcl.dat
    2014-08-14 19:37 - 2014-08-14 19:37 - 0000752 _____ () C:\Users\Calvin\AppData\Local\recently-used.xbel
    2010-03-03 20:46 - 2010-03-03 20:46 - 0000017 _____ () C:\Users\Calvin\AppData\Local\resmon.resmoncfg
    2011-12-21 21:09 - 2011-12-21 21:10 - 0001586 ___SH () C:\ProgramData\7a24sn6j37j311
    0-00-00 00:00 - 2010-02-15 21:23 - 0001744 ____H () C:\ProgramData\sasihipa

    Some files in TEMP:
    ====================
    C:\Users\Calvin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9zrzch.dll


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-10-02 21:44

    ==================== End of FRST.txt ============================
     
  23. user124

    user124 TS Rookie Topic Starter Posts: 23

    Addition Log (Part 1):


    Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-10-2015
    Ran by Calvin (2015-10-13 20:58:55)
    Running from C:\Users\Calvin\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) (2009-12-08 04:32:43)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3178901641-3325030848-3832911895-500 - Administrator - Disabled)
    Calvin (S-1-5-21-3178901641-3325030848-3832911895-1000 - Administrator - Enabled) => C:\Users\Calvin
    Guest (S-1-5-21-3178901641-3325030848-3832911895-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3178901641-3325030848-3832911895-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG AntiVirus Free Edition 2012 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition 2012 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKLM-x32\...\uTorrent) (Version: 1.8.5 - )
    Abaqus 6.14 Student Edition (HKLM\...\Abaqus 6.14 Student Edition) (Version: 6.14.0.0 - Dassault Systemes Simulia Corp.)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
    Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.6.606 - Adobe Systems, Inc.)
    AIM 7 (HKLM-x32\...\AIM_7) (Version: - )
    Any Video Converter 5.0.8 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
    AOL Messaging Toolbar (HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\AOL Messaging Toolbar) (Version: - )
    Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
    Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version: - )
    AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2258 - AVG Technologies)
    AVG 2012 (Version: 12.0.4311 - AVG Technologies) Hidden
    AVG 2012 (Version: 12.1.2258 - AVG Technologies) Hidden
    Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
    BlackBerry Device Manager 6.1 (HKLM-x32\...\BlackBerry_{1C933E76-5795-48D2-BB38-1FFD64AACA4F}) (Version: 6.1.0.33 - Research In Motion Ltd.)
    BlackBerry Device Manager 6.1 (x32 Version: 6.1.0.33 - Research In Motion Ltd.) Hidden
    Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Bullzip PDF Printer 9.3.0.1516 (HKLM\...\Bullzip PDF Printer_is1) (Version: 9.3.0.1516 - Bullzip)
    Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version: - )
    Canon MP160 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160) (Version: - )
    Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
    Click to Disc (x32 Version: 1.2.70.06160 - Sony Corporation) Hidden
    Click to Disc Editor (x32 Version: 2.0.02 - Sony Corporation) Hidden
    Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
    Diablo II (HKLM-x32\...\Diablo II) (Version: - )
    Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
    Dropbox (HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
    DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
    Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
    EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
    Evince 2.32.0.145 (HKLM-x32\...\{AA38CC00-F12C-495E-AF00-7EE413D3BFB2}) (Version: 2.32.0.145 - (Custom build))
    FileZilla Client 3.12.0.2 (HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\FileZilla Client) (Version: 3.12.0.2 - Tim Kosse)
    GitHub (HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\5f7eb300e2ea4ebf) (Version: 2.14.7.1 - GitHub, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
    Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
    Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
    IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
    Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
    Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 3.2.1.0 - Microsoft Corporation)
    Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
    Java(TM) 6 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416025FF}) (Version: 6.0.250 - Oracle)
    Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
    Java(TM) SE Development Kit 6 Update 15 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160150}) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
    JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
    Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    LINE (HKLM-x32\...\LINE) (Version: 4.1.3.586 - LINE Corporation)
    Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
    Math Kernel Libraries (64-bit) (Version: 1.0.33.0 - National Instruments) Hidden
    Math Kernel Libraries (64-bit) (Version: 13.0.13 - National Instruments) Hidden
    Math Kernel Libraries (64-bit) (Version: 14.0.6 - National Instruments) Hidden
    Math Kernel Libraries (x32 Version: 1.0.33.0 - National Instruments) Hidden
    Math Kernel Libraries (x32 Version: 13.0.13 - National Instruments) Hidden
    Math Kernel Libraries (x32 Version: 14.0.6 - National Instruments) Hidden
    Mathematica Extras 9.0 (4092550) (HKLM\...\A-WIN-Extras 9.0.1 4092550_is1) (Version: 9.0.1 - Wolfram Research, Inc.)
    MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.)
    Media Gallery (x32 Version: 1.0.0.07210 - Sony Corporation) Hidden
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
    Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
    Microsoft HPC Pack 2008 R2 MS-MPI Redistributable Pack (HKLM\...\{D3299935-57F7-403A-9D7B-0B8F9F56F44B}) (Version: 3.0.2369.0 - Microsoft Corporation)
    Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
    Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
    Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation)
    Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
    Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
    Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
    Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
    Mp3tag v2.54 (HKLM-x32\...\Mp3tag) (Version: v2.54 - Florian Heidenreich)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    Music Transfer (x32 Version: 1.3.01.13160 - Sony Corporation) Hidden
    National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
    NI .NET Framework 4.0 (x32 Version: 4.01.49152 - National Instruments) Hidden
    NI ActiveX Container (64-bit) (Version: 14.0.5 - National Instruments) Hidden
    NI ActiveX Container (x32 Version: 14.0.5 - National Instruments) Hidden
    NI Assistant Framework (x32 Version: 14.0.40 - National Instruments) Hidden
    NI Assistant Framework 64-bit (Version: 14.0.49 - National Instruments) Hidden
    NI Assistant Framework LabVIEW 2014 Support (x32 Version: 14.0.34 - National Instruments) Hidden
    NI Assistant Framework LabVIEW Code Generator 2013 (x32 Version: 9.0.107 - National Instruments) Hidden
    NI Assistant Framework LabVIEW Code Generator 2014 (x32 Version: 14.0.40 - National Instruments) Hidden
    NI Authentication 2014 (64-bit) (Version: 14.0.344 - National Instruments) Hidden
    NI Authentication 2014 (x32 Version: 14.0.344 - National Instruments) Hidden
    NI CodeSignAPI (x32 Version: 2.70.346 - National Instruments) Hidden
    NI Curl 14.0.0 (64-bit) (Version: 14.0.294 - National Instruments) Hidden
    NI Curl 2014 (x32 Version: 14.0.295 - National Instruments) Hidden
    NI Customer Experience Improvement Program (x32 Version: 2.1.27 - National Instruments) Hidden
    NI DataSocket 5.2 (64-bit) (Version: 5.2.218 - National Instruments) Hidden
    NI DataSocket 5.2 (x32 Version: 5.2.218 - National Instruments) Hidden
    NI Distributed System Manager 2013 (x32 Version: 13.0.338 - National Instruments) Hidden
    NI Distributed System Manager 2014 (x32 Version: 14.0.382 - National Instruments) Hidden
    NI Error Reporting 2014 (x32 Version: 14.0.379 - National Instruments) Hidden
    NI Error Reporting Interface 14.0 (x32 Version: 14.0.241 - National Instruments) Hidden
    NI Error Reporting Interface 14.0 for Windows (64-bit) (Version: 14.0.241 - National Instruments) Hidden
    NI EulaDepot (x32 Version: 3.30.268 - National Instruments) Hidden
    NI Example Finder 14.0 (x32 Version: 14.0.133 - National Instruments) Hidden
    NI Help Assistant 2.0 (64bit) (Version: 2.0.3 - National Instruments) Hidden
    NI Help Assistant 2.0 (x32 Version: 2.0.3 - National Instruments) Hidden
    NI Instrument IO Assistant for LabVIEW 2013 32-bit (x32 Version: 1.0.14.0 - National Instruments) Hidden
    NI Instrument IO Assistant for LabVIEW 2014 32-bit (x32 Version: 14.0.12 - National Instruments) Hidden
    NI JSON Map Files (x32 Version: 14.0.14 - National Instruments) Hidden
    NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 12.0.219.0 - National Instruments) Hidden
    NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 13.0.336 - National Instruments) Hidden
    NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 14.0.386 - National Instruments) Hidden
    NI LabVIEW 2012 Run-Time Engine Web Server (x32 Version: 12.5.198.0 - National Instruments) Hidden
    NI LabVIEW 2012 SP1 Run-Time Engine Non-English Support. (x32 Version: 12.1.52.0 - National Instruments) Hidden
    NI LabVIEW 2013 Help (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 Help File (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 License (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 Manuals (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 MeasAppChm File (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 Real-Time Error Dialog (x32 Version: 13.0.123 - National Instruments) Hidden
    NI LabVIEW 2013 Run-Time Engine Web Server (x32 Version: 13.5.27 - National Instruments) Hidden
    NI LabVIEW 2013 Scripting Code Generator (x32 Version: 9.0.172 - National Instruments) Hidden
    NI LabVIEW 2013 Search (x32 Version: 13.0.16 - National Instruments) Hidden
    NI LabVIEW 2013 Simulation (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 SP1 (32-bit) (x32 Version: 13.1.101 - National Instruments) Hidden
    NI LabVIEW 2013 SP1 Deployable License (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 SP1 f1 (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 SP1 Run-Time Engine Non-English Support. (x32 Version: 13.1.99 - National Instruments) Hidden
    NI LabVIEW 2013 SP1 Web Server (x32 Version: 13.5.26 - National Instruments) Hidden
    NI LabVIEW 2014 (32-bit) (Version: 14.0.654 - National Instruments) Hidden
    NI LabVIEW 2014 (32-bit) (x32 Version: 14.0.383 - National Instruments) Hidden
    NI LabVIEW 2014 (x32 Version: 14.0.378 - National Instruments) Hidden
    NI LabVIEW 2014 Compare Utility (x32 Version: 14.0.380 - National Instruments) Hidden
    NI LabVIEW 2014 Database Connectivity Toolkit (x32 Version: 14.0.259 - National Instruments) Hidden
    NI LabVIEW 2014 Database Connectivity Toolkit License (x32 Version: 14.0.260 - National Instruments) Hidden
    NI LabVIEW 2014 Deployable License (x32 Version: 14.0.381 - National Instruments) Hidden
    NI LabVIEW 2014 Deployment Framework (x32 Version: 14.0.390 - National Instruments) Hidden
    NI LabVIEW 2014 Help (x32 Version: 14.0.380 - National Instruments) Hidden
    NI LabVIEW 2014 Help File (x32 Version: 14.0.378 - National Instruments) Hidden
    NI LabVIEW 2014 License (x32 Version: 14.0.381 - National Instruments) Hidden
    NI LabVIEW 2014 License 64-bit (Version: 14.0.140 - National Instruments) Hidden
    NI LabVIEW 2014 Manuals (x32 Version: 14.0.380 - National Instruments) Hidden
    NI LabVIEW 2014 MeasAppChm File (x32 Version: 14.0.377 - National Instruments) Hidden
    NI LabVIEW 2014 Merge Utility (x32 Version: 14.0.380 - National Instruments) Hidden
    NI LabVIEW 2014 Report Generation Toolkit for Microsoft Office (x32 Version: 14.0.239 - National Instruments) Hidden
    NI LabVIEW 2014 Report Generation Toolkit License (x32 Version: 14.0.239 - National Instruments) Hidden
    NI LabVIEW 2014 Run-Time Engine Web Server (x32 Version: 14.0.420 - National Instruments) Hidden
    NI LabVIEW 2014 Scripting Code Generator (x32 Version: 14.0.313 - National Instruments) Hidden
    NI LabVIEW 2014 Search (x32 Version: 14.0.5 - National Instruments) Hidden
    NI LabVIEW 2014 Simulation (x32 Version: 14.0.380 - National Instruments) Hidden
    NI LabVIEW 2014 Touch Panel (x32 Version: 14.0.123 - National Instruments) Hidden
    NI LabVIEW 2014 Touch Panel for English (x32 Version: 14.0.123 - National Instruments) Hidden
    NI LabVIEW 2014 Variable Web Service (x32 Version: 14.0.379 - National Instruments) Hidden
    NI LabVIEW 2014 Web Server (x32 Version: 14.0.439 - National Instruments) Hidden
    NI LabVIEW Broker (64 bit) (Version: 6.8.10.0 - National Instruments) Hidden
    NI LabVIEW Broker (x32 Version: 6.8.10.0 - National Instruments) Hidden
    NI LabVIEW C Interface (x32 Version: 1.0.1 - National Instruments) Hidden
    NI LabVIEW MAX XML (x32 Version: 9.0.6.0 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine 2012 SP1 f9 (x32 Version: 12.1.72.0 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine 2013 SP1 f2 (x32 Version: 13.1.109 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine 2014 (x32 Version: 14.0.397 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine 2014 Non-English Support. (x32 Version: 14.0.381 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine Interop 2012 SP1 (x32 Version: 12.1.72.0 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine Interop 2013 (x32 Version: 13.1.109 - National Instruments) Hidden
    NI LabVIEW Run-Time Engine Interop 2014 (x32 Version: 14.0.400 - National Instruments) Hidden
    NI LabVIEW Web Services Runtime (x32 Version: 13.5.26 - National Instruments) Hidden
    NI LabVIEW Web Services Runtime (x32 Version: 14.0.363 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 Analysis Library (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 Analysis Library (x32 Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 Network Variable Library (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 Network Variable Library (x32 Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 Run-Time Engine (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 TDM Streaming Library (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2010 SP1 TDM Streaming Library (x32 Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI 2012 SP1 LabVIEW DLL Builder (x32 Version: 12.0.1133 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Code Generator (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Low-Level Driver (Original) (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI 2013 SP1 Low-Level Driver (Updated) (x32 Version: 13.0.1201 - National Instruments) Hidden
    NI LabWindows/CVI Run-Time Engine 2010 SP1 (Updated) (x32 Version: 10.0.1434 - National Instruments) Hidden
    NI LabWindows/CVI Run-Time Engine 2010 SP1 (x32 Version: 10.0.1434 - National Instruments) Hidden
    NI Launcher (x32 Version: 3.30.268 - National Instruments) Hidden
    NI License Manager (x32 Version: 3.7.73 - National Instruments) Hidden
    NI Logos 5.6 (64-bit) (Version: 5.6.254 - National Instruments) Hidden
    NI Logos 5.6 (x32 Version: 5.6.254 - National Instruments) Hidden
    NI Logos XT Support (x32 Version: 5.6.253 - National Instruments) Hidden
    NI Logos64 XT Support (Version: 5.6.253 - National Instruments) Hidden
    NI Math Kernel Libraries (64-bit) (Version: 1.0.10.0 - National Instruments) Hidden
    NI Math Kernel Libraries (x32 Version: 1.0.10.0 - National Instruments) Hidden
    NI MAX Remote Configuration 64-bit Installer 14.0 (Version: 14.00.49152 - National Instruments) Hidden
    NI MAX Remote Configuration Installer 14.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI MAX Support for 64 Bit Windows (Version: 14.00.49152 - National Instruments) Hidden
    NI MDF Support (x32 Version: 3.30.268 - National Instruments) Hidden
    NI mDNS Responder 14.0 for Windows 64-bit (Version: 14.00.49152 - National Instruments) Hidden
    NI mDNS Responder 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI Measurement & Automation Explorer 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI Measurement Studio ComponentWorks 3D Graph (x32 Version: 8.6.10603 - National Instruments) Hidden
    NI Measurement Studio ComponentWorks UI (x32 Version: 8.6.10603 - National Instruments) Hidden
    NI Measurement Studio Recipe Processor (x32 Version: 8.0.0101 - National Instruments) Hidden
    NI MetaSuite Installer (x32 Version: 3.30.268 - National Instruments) Hidden
    NI MXS 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI MXS 14.0.0 for 64 Bit Windows (Version: 14.00.49152 - National Instruments) Hidden
    NI Network Discovery 14.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI Network Discovery 14.0 for Windows 64-bit (Version: 14.00.49152 - National Instruments) Hidden
    NI OPC Support (x32 Version: 14.0.281 - National Instruments) Hidden
    NI OPCEnum Shared (x32 Version: 5.5.2018 - National Instruments) Hidden
    NI Portable Configuration 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI Portable Configuration for 64 Bit Windows 14.0.0 (Version: 14.00.49152 - National Instruments) Hidden
    NI Registration Wizard (x32 Version: 1.3.97.0 - National Instruments) Hidden
    NI Remote Provider for MAX 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI Remote PXI Provider for MAX 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI Search Shared (x32 Version: 14.0.5 - National Instruments) Hidden
    NI Security Update (KB 67L8LCQW) (64-bit) (Version: 1.0.29.0 - National Instruments) Hidden
    NI Security Update (KB 67L8LCQW) (x32 Version: 1.0.29.0 - National Instruments) Hidden
    NI Service Locator 2014 (x32 Version: 14.0.217 - National Instruments) Hidden
    NI SLCP 2.1 (x32 Version: 2.1.16 - National Instruments) Hidden
    NI Software Provider for MAX 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI SSL LabVIEW 2013 SP1 Support (x32 Version: 13.5.26 - National Instruments) Hidden
    NI SSL LabVIEW 2014 Support (x32 Version: 14.0.389 - National Instruments) Hidden
    NI SSL LabVIEW RTE 2012 SP1 Support (x32 Version: 12.5.8.0 - National Instruments) Hidden
    NI SSL LabVIEW RTE 2013 SP1 Support (x32 Version: 13.5.27 - National Instruments) Hidden
    NI SSL LabVIEW RTE 2014 Support (x32 Version: 14.0.376 - National Instruments) Hidden
    NI SSL Support (64-bit) (Version: 14.0.303 - National Instruments) Hidden
    NI SSL Support (x32 Version: 14.0.303 - National Instruments) Hidden
    NI System API .NET 14.0.0 (x32 Version: 14.0.310 - National Instruments) Hidden
    NI System API Client for WIF 14.0.0 (x32 Version: 14.0.289 - National Instruments) Hidden
    NI System API Web-Service 32-bit 14.0.0 (x32 Version: 14.0.291 - National Instruments) Hidden
    NI System API Windows 32-bit 14.0.0 (x32 Version: 14.0.302 - National Instruments) Hidden
    NI System API Windows 64-bit 14.0.0 (Version: 14.0.302 - National Instruments) Hidden
    NI System Configuration 14.0.0 LabVIEW Support (x32 Version: 14.0.140 - National Instruments) Hidden
    NI System Configuration LV2013 Support 5.6.0 (x32 Version: 5.60.29 - National Instruments) Hidden
    NI System Configuration LV2014 Support 14.0.0 (x32 Version: 14.0.124 - National Instruments) Hidden
    NI System Configuration Runtime 14.0.0 (x32 Version: 14.0.142 - National Instruments) Hidden
    NI System Configuration Runtime 14.0.0 for Windows 64-bit (Version: 14.0.142 - National Instruments) Hidden
    NI System State Publisher (64-bit) (Version: 14.0.380 - National Instruments) Hidden
    NI System State Publisher (x32 Version: 14.0.383 - National Instruments) Hidden
    NI System Web Server 2014 (x32 Version: 14.0.303 - National Instruments) Hidden
    NI System Web Server Base 2014 (64-bit) (Version: 14.0.249 - National Instruments) Hidden
    NI System Web Server Base 2014 (x32 Version: 14.0.249 - National Instruments) Hidden
    NI TDM Excel Add-In 14.0 (x32 Version: 14.0.23 - National Instruments) Hidden
    NI TDM Excel Add-In 14.0 64-bit (Version: 14.0.23 - National Instruments) Hidden
    NI TDM Streaming 14.0 (64-bit) (Version: 14.0.43 - National Instruments) Hidden
    NI TDM Streaming 14.0 (x32 Version: 14.0.43 - National Instruments) Hidden
    NI Trace Engine (64-bit) (Version: 14.0.177 - National Instruments) Hidden
    NI Trace Engine (x32 Version: 14.0.177 - National Instruments) Hidden
    NI Uninstaller (x32 Version: 3.30.268 - National Instruments) Hidden
    NI Update Service 2014 (64-bit) (Version: 14.0.34 - National Instruments) Hidden
    NI Update Service 2014 (x32 Version: 14.0.34 - National Instruments) Hidden
    NI USI 14.0.0 (x32 Version: 14.0.05640 - National Instruments) Hidden
    NI USI 14.0.0 64-bit (Version: 14.0.05640 - National Instruments) Hidden
    NI Variable Engine (64-bit) (Version: 2.8.282 - National Instruments) Hidden
    NI Variable Engine 2.8.0 (x32 Version: 2.8.282 - National Instruments) Hidden
    NI Variable Engine LabVIEW 2013 Support (x32 Version: 13.1.99 - National Instruments) Hidden
    NI Variable Engine LabVIEW 2014 Support (x32 Version: 14.0.380 - National Instruments) Hidden
    NI VC2005MSMs x64 (Version: 8.05.0 - National Instruments) Hidden
    NI VC2005MSMs x86 (x32 Version: 8.05.0 - National Instruments) Hidden
    NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden
    NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden
    NI VC2010SP1MSMs x64 (Version: 10.0.100 - National Instruments) Hidden
    NI VC2010SP1MSMs x86 (x32 Version: 10.0.100 - National Instruments) Hidden
    NI VIPM Helper 2014 (x32 Version: 14.0.194 - National Instruments) Hidden
    NI Web Application Server 2014 (64-bit) (Version: 14.0.308 - National Instruments) Hidden
    NI Web Application Server 2014 (x32 Version: 14.0.308 - National Instruments) Hidden
    NI Web Pipeline 2014 (64-bit) (Version: 14.0.16 - National Instruments) Hidden
    NI Web Pipeline 2014 (x32 Version: 14.0.16 - National Instruments) Hidden
    NI Web Pipeline 3.3 (64-bit) (Version: 3.30.24 - National Instruments) Hidden
    NI Web Pipeline 3.3 (x32 Version: 3.30.24 - National Instruments) Hidden
    NI Web-Based Configuration and Monitoring 14.0 (x32 Version: 14.0.410 - National Instruments) Hidden
    NI Xalan Delay Load 1.10.3 (x32 Version: 1.10.85 - National Instruments) Hidden
    NI Xalan Delay Load 1.10.3 64-bit (Version: 1.10.86 - National Instruments) Hidden
    NI Xerces Delay Load 2.7.6 (x32 Version: 2.7.218 - National Instruments) Hidden
    NI Xerces Delay Load 2.7.6 64-bit (Version: 2.7.228 - National Instruments) Hidden
    NI-DAQmx/LabVIEW shared documentation 14.0.0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 14.0.0 (Version: 14.00.49152 - National Instruments) Hidden
    NI-Mesa (Version: 12.0.7.0 - National Instruments) Hidden
    NI-Mesa (x32 Version: 12.0.7.0 - National Instruments) Hidden
    NI-RPC 14.0.0f0 (x32 Version: 14.00.49152 - National Instruments) Hidden
    NI-RPC 14.0.0f0 for 64 Bit Windows (Version: 14.00.49152 - National Instruments) Hidden
    NI-RPC 14.0.0f0 for Phar Lap ETS (x32 Version: 14.00.49152 - National Instruments) Hidden
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
    ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.3023 - ooVoo LLC.)
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
    PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
    PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
    Quantum GIS Lisboa 1.8.0 Lisboa (HKLM-x32\...\Quantum GIS Lisboa) (Version: 1.8.0-r${SVN_REVISION}-2 - QGIS Development Team)
    QuickBooks Financial Center (HKLM-x32\...\{0F962B79-D0DC-40D9-96BA-ED1355120CBA}) (Version: 1.30.0000 - Intuit Inc.)
    RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
    RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5886 - Realtek Semiconductor Corp.)
    RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Recuva (HKLM\...\Recuva) (Version: 1.47 - Piriform)
    Regi (Version: 1.00.0000 - InterVideo Inc.) Hidden
    Reset NI Config 14.0.0 (x32 Version: 14.0.177 - National Instruments) Hidden
    Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
    Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
    Setting Utility Series (x32 Version: 5.0.0.07300 - Sony Corporation) Hidden
    Silkroad (HKLM-x32\...\Silkroad) (Version: - )
    Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.8.4.20090826.2116 - Sony)
    SolidWorks 2014 x64 Edition SP02 (HKLM-x32\...\SolidWorks Installation Manager 20140-40200-1100-100) (Version: 22.2.0.40 - SolidWorks Corporation)
    SolidWorks 2014 x64 Edition SP02 (Version: 22.120.40 - SolidWorks) Hidden
    SolidWorks Composer Player 2014 SP02 x64 Edition (Version: 22.20.40 - Dassault Systemes SolidWorks) Hidden
    SolidWorks eDrawings 2014 x64 Edition SP02 (Version: 14.2.116 - Dassault Systèmes SolidWorks Corp) Hidden
    Sony Home Network Library (x32 Version: 2.0.0.07280 - Sony Corporation) Hidden
    Sony Picture Utility (x32 Version: 4.2.12.16210 - Sony Corporation) Hidden
    Spotify (HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
    Starcraft (HKLM-x32\...\Starcraft) (Version: - )
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
    Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
    Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
    TypeScript Power Tool (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 (HKLM-x32\...\{4cde0c8c-47b3-448f-babf-fe5d392432a6}) (Version: 1.5.23128.0 - Microsoft Corporation)
    Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 5.1.0.13200 - Sony Corporation)
    VAIO Care (x32 Version: 5.1.0.13200 - Sony Corporation) Hidden
    VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.5.0.06261 - Sony Corporation) Hidden
    VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.5.0.06260 - Sony Corporation) Hidden
    VAIO Content Metadata Manager Settings (x32 Version: 3.5.0.06261 - Sony Corporation) Hidden
    VAIO Content Metadata XML Interface Library (x32 Version: 3.5.0.06180 - Sony Corporation) Hidden
    VAIO Content Monitoring Settings (x32 Version: 2.4.0.06120 - Sony Corporation) Hidden
    VAIO Control Center (x32 Version: 4.0.0.06120 - Sony Corporation) Hidden
    VAIO Data Restore Tool (x32 Version: 1.1.01.06290 - Sony Corporation) Hidden
    VAIO DVD Menu Data Basic (x32 Version: 1.0.00.08130 - Sony Corporation) Hidden
    VAIO Entertainment Platform (x32 Version: 3.5.0.07230 - Sony Corporation) Hidden
    VAIO Event Service (x32 Version: 5.0.0.08180 - Sony Corporation) Hidden
    VAIO Help and Support (x32 Version: 9.00.0804.L - Sony Corporation) Hidden
    VAIO Media plus (x32 Version: 2.0.0.07280 - Sony Corporation) Hidden
    VAIO Media plus Opening Movie (x32 Version: 2.0.0.07030 - Sony Corporation) Hidden
    VAIO Movie Story (x32 Version: 1.5.00.06191 - Sony Corporation) Hidden
    VAIO Movie Story Template Data (x32 Version: 1.5.00.06010 - Sony Corporation) Hidden
    VAIO OOBE and Startup Assistant (x32 Version: 1.00.0811.ENUS - Sony Corporation) Hidden
    VAIO Original Function Settings (x32 Version: 2.0.0.07010 - Sony Corporation) Hidden
    VAIO Personalization Manager (x32 Version: 2.0.0.06220 - Sony Corporation) Hidden
    VAIO Power Management (x32 Version: 4.0.0.08240 - Sony Corporation) Hidden
    VAIO Sample Contents (x32 Version: 1.0.0.06290 - Sony Corporation) Hidden
    VAIO Survey (x32 Version: 6.00.0722 - Sony Corporation) Hidden
    VAIO Transfer Support (x32 Version: 1.0.0.07290 - Sony Corporation) Hidden
    VAIO Update 4 (x32 Version: 4.2.0.07300 - Sony Corporation) Hidden
    VAIO Wallpaper Contents (x32 Version: 2.0.0.06010 - Sony Corporation) Hidden
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VI Package Manager 2014 (HKLM-x32\...\{612BE9C7-DEE4-4F13-AC87-C6A7C1B721FB}) (Version: 14.0.1941 - JKI)
    VI Package Manager 2014 (x32 Version: 14.0.0 - National Instruments) Hidden
    Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player 1.0.3 (HKLM-x32\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
    WBS Schedule Pro (HKLM-x32\...\{64D427FA-5B24-44EE-9600-C49D91A6C2A4}) (Version: 5.0.0121 - Critical Tools, Inc.)
    WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
    WIF Core Dependencies Windows 14.0.0 (x32 Version: 14.0.119 - National Instruments) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
    Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 3.1.1.0 - Microsoft Corporation)
    Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
    WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
    WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
    Wolfram CDF Player (M-WIN-D 9.0.1 4092685) (HKLM-x32\...\M-WIN-D 9.0.1 4092685_is1) (Version: 9.0.1 - Wolfram Research, Inc.)
    XAMPP (HKLM-x32\...\xampp) (Version: 5.6.11-0 - Bitnami)
    谷歌拼音输入法 2.6 (HKLM\...\GooglePinyin2) (Version: - Google Inc.)
     
  24. user124

    user124 TS Rookie Topic Starter Posts: 23

    Addition Log (Part 2):


    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Calvin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3178901641-3325030848-3832911895-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Calvin\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File

    ==================== Restore Points =========================

    21-09-2015 01:19:18 Restore Operation
    30-09-2015 23:40:42 Windows Update
    05-10-2015 23:46:35 JRT Pre-Junkware Removal
    08-10-2015 00:34:59 Windows Update
    12-10-2015 23:51:44 ComboFix created restore point

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 19:34 - 2015-10-13 00:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1 localhost

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {02B532B7-D36F-4872-9611-4BD5ECAB6CB3} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2009-12-04] (Sony Corporation)
    Task: {04BC25F5-4AD6-41C0-847D-9ED7601F17AF} - System32\Tasks\Sony\VAIO Mini Program => C:\Program Files\Sony\First Experience\Miniprogram.exe [2009-08-26] ()
    Task: {089BC31E-D79A-4494-8E8C-98408DFF208E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core => C:\Users\Calvin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {0EE412A6-8EF7-4FC9-BA19-3F710C551E53} - System32\Tasks\{BA8CDFB1-950F-4AB9-AB93-B931F7648434} => C:\Program Files (x86)\Steam\Steam.exe [2013-06-06] (Valve Corporation)
    Task: {0FB444CA-2DE4-447A-B324-27AE7489AD4A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core => C:\Users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
    Task: {109BFF26-9480-4489-A336-DA076870CE8C} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
    Task: {152FC425-0A40-4448-8F03-3F9F7190D71C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
    Task: {1F1F568B-D9DF-4A74-A39A-5510FA05AEE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {25B977CE-0573-4438-B38A-5E7316ABB481} - System32\Tasks\{530AEC9F-DA70-4B50-846A-0C6B4C758696} => pcalua.exe -a G:\Setup.exe -d G:\
    Task: {34C8F753-D4CB-4653-BCDF-02F37E0AD662} - System32\Tasks\{BEBD4E1B-5E80-49C0-A5E9-FA15EA5B8D41} => pcalua.exe -a "C:\Users\Calvin\Downloads\Firefox Setup 3.5.5.exe" -d C:\Users\Calvin\Desktop
    Task: {35EB4EFD-3312-4C07-B619-2EE808771C7A} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3178901641-3325030848-3832911895-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
    Task: {50D44905-F092-4568-8EB3-DBB9AE4F4020} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
    Task: {5D74D0CE-9908-452F-8D0B-3322601E15D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {6B9F75D3-999B-46BB-8D25-7644A86A1510} - System32\Tasks\NIUpdateServiceStartupTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2014-06-10] (National Instruments)
    Task: {6C5B2A82-29A9-473F-AC72-013C4219B959} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Calvin => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2009-06-09] (Sony Corporation)
    Task: {78C82C1B-0F48-40E4-B015-E908A2645001} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3178901641-3325030848-3832911895-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
    Task: {81CD4F16-33F1-4022-8765-C5D8826463AD} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2009-07-30] (Sony Corporation)
    Task: {88F2DF7D-DA5D-4C0F-A4F0-E0D114D3CCD2} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2008-07-25] ()
    Task: {99B1C7C3-E18D-4B63-BF2D-6BA0B43E63A2} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3178901641-3325030848-3832911895-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
    Task: {A9FBCA4A-201F-4970-89F2-BC7CC8E6AA30} - System32\Tasks\Google Pinyin Daemon => C:\Program Files\Google\Google Pinyin 2\GooglePinyinDaemon.exe [2011-12-21] (Google Inc.)
    Task: {B0831CA3-3D1C-4C5C-AAAB-989010A6BFA1} - System32\Tasks\shut off => C:\Windows\System32\shutdown.exe [2009-07-13] (Microsoft Corporation)
    Task: {B0B3F4BB-EE3F-498A-8897-AE86BDBB943A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA => C:\Users\Calvin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {B20EB90E-3234-4470-B2FA-D6976DA83CE4} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline
    Task: {B3427B9F-AFE7-4BE1-9632-DED1D180D351} - System32\Tasks\RealCreateProcessScheduledTask256358751S-1-5-21-3178901641-3325030848-3832911895-1000 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2013-09-16] (RealNetworks, Inc.)
    Task: {C91C0BE7-C74F-4CED-8099-B629A61E94FE} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3178901641-3325030848-3832911895-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
    Task: {CC24C3FF-45A3-4DB3-AFA2-831E25350882} - System32\Tasks\VAIO Care Service => C:\Program Files\Sony\VAIO Care\VAIOCareService.exe [2009-12-04] (Sony Corporation)
    Task: {CF81526B-B972-49A1-B130-E6D21D933345} - System32\Tasks\{E18D3363-4045-4B75-B4DC-BC77C1AAB0F1} => pcalua.exe -a C:\Users\Calvin\Desktop\GooglePinyinInstaller.exe -d C:\Users\Calvin\Desktop
    Task: {D1B815B5-385F-40B1-91E9-2126E7A39983} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask
    Task: {DB2F9EA6-8B1D-4633-AD38-26587DB6D992} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {E4CF8962-579D-425D-8A1C-FAA0B4A31DAA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA => C:\Users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
    Task: {E9A9946A-F7EE-4B4C-9DCC-DE64EE584B03} - System32\Tasks\JKIUpdateTask => C:\Program Files (x86)\JKI\VI Package Manager\support\JKIUpdate.exe [2014-04-22] (JKI)
    Task: {F665B45C-2D32-4BE6-984A-5BDCA0DDE72C} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2014-06-10] (National Instruments)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core.job => C:\Users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA.job => C:\Users\Calvin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000Core.job => C:\Users\Calvin\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3178901641-3325030848-3832911895-1000UA.job => C:\Users\Calvin\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2012-03-04 18:45 - 2011-02-28 15:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
    2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    2009-12-16 19:34 - 2009-12-12 16:12 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
    2010-04-03 19:47 - 2009-11-07 07:04 - 00238080 _____ () C:\Program Files\Sony\VAIO Care\ManagedVAIORecovery.dll
    2010-04-03 19:47 - 2009-09-29 23:50 - 00075264 _____ () C:\Program Files\Sony\VAIO Care\VAIORecovery.dll
    2010-04-03 19:47 - 2009-09-29 23:50 - 00069632 _____ () C:\Program Files\Sony\VAIO Care\Logging.dll
    2010-04-03 19:47 - 2009-09-29 23:50 - 00028672 _____ () C:\Program Files\Sony\VAIO Care\VAIOCommon.dll
    2010-04-03 19:47 - 2009-09-29 23:50 - 00206336 _____ () C:\Program Files\Sony\VAIO Care\OsServices.dll
    2010-04-03 19:47 - 2009-09-29 23:50 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\PluginFactory.dll
    2010-04-03 19:47 - 2009-09-29 23:50 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\XMLTools.dll
    2010-04-03 19:47 - 2009-09-29 23:50 - 00059392 _____ () C:\Program Files\Sony\VAIO Care\VAIOInstallAppsDrivers.dll
    2010-04-03 19:47 - 2009-09-29 23:50 - 00156160 _____ () C:\Program Files\Sony\VAIO Care\InstallDB.dll
    2010-04-03 19:47 - 2009-09-29 23:50 - 00137216 _____ () C:\Program Files\Sony\VAIO Care\InstallationTools.dll
    2010-04-03 19:47 - 2009-09-29 23:50 - 00024576 _____ () C:\Program Files\Sony\VAIO Care\VAIOUtility.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00017408 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
    2014-01-11 21:06 - 2014-01-11 21:06 - 00276008 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sldBodyDiffu.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00017920 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    2009-09-03 01:58 - 2009-08-26 17:11 - 00033792 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
    2011-12-21 18:11 - 2011-12-21 18:11 - 01318456 _____ () C:\Program Files\Google\Google Pinyin 2\GooglePinyinService.exe
    2009-09-03 02:30 - 2009-07-27 16:58 - 00376832 _____ () C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\sqlite3.dll
    2009-09-03 02:30 - 2009-08-18 09:02 - 00010752 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
    2009-09-03 02:30 - 2009-08-18 09:02 - 00009728 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
    2012-01-26 11:36 - 2012-01-26 11:36 - 00278528 ____R () C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\xerces-depdom_2_6.dll
    2009-09-03 02:34 - 2009-06-09 19:52 - 00495616 _____ () C:\Program Files\Sony\VAIO Personalization Manager\sqlite3.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00120320 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00007680 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00009728 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00018944 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00081408 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll
    2015-10-13 19:42 - 2015-10-13 19:42 - 00071168 _____ () c:\users\calvin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9zrzch.dll
    2015-09-30 17:36 - 2015-09-23 16:07 - 00012800 _____ () C:\Users\Calvin\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
    2015-09-30 17:36 - 2015-09-23 16:07 - 00779776 _____ () C:\Users\Calvin\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
    2015-09-30 17:36 - 2015-09-23 16:07 - 00056320 _____ () C:\Users\Calvin\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
    2015-09-30 17:36 - 2015-09-23 16:07 - 00012288 _____ () C:\Users\Calvin\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00023040 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00027648 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00007168 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
    2009-09-03 01:58 - 2009-08-26 17:11 - 00004608 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
    2015-09-27 12:15 - 2015-09-23 19:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
    2015-09-27 12:15 - 2015-09-23 19:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
    2015-09-27 12:15 - 2015-09-23 19:34 - 16487752 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData:gs5sys
    AlternateDataStreams: C:\Users\All Users:gs5sys
    AlternateDataStreams: C:\Users\Calvin:gs5sys
    AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
    AlternateDataStreams: C:\ProgramData\Temp:C76EDAC3
    AlternateDataStreams: C:\ProgramData\Templates:gs5sys
    AlternateDataStreams: C:\Users\Calvin\Application Data:gs5sys
    AlternateDataStreams: C:\Users\Calvin\Cookies:gs5sys
    AlternateDataStreams: C:\Users\Calvin\Local Settings:gs5sys
    AlternateDataStreams: C:\Users\Calvin\Templates:gs5sys
    AlternateDataStreams: C:\Users\Calvin\Desktop\2014-03-26 19.06.09.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\Desktop\2014-05-11 16.11.46.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\Desktop\2014-06-27 20.45.29.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\Desktop\20140626_211015_LLS.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\Desktop\20140831_101702.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\Desktop\2015-02-14 22.27.42.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\Desktop\DSC_2935.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Calvin\AppData\Local:gs5sys
    AlternateDataStreams: C:\Users\Calvin\AppData\Roaming:gs5sys
    AlternateDataStreams: C:\Users\Calvin\AppData\Local\Application Data:gs5sys
    AlternateDataStreams: C:\Users\Calvin\AppData\Local\History:gs5sys
    AlternateDataStreams: C:\Users\Calvin\Documents\desktop.ini:gs5sys
    AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3178901641-3325030848-3832911895-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Calvin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 71.10.216.1 - 71.10.216.2
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
    Windows Firewall is disabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{282C496E-86FE-41B2-AB9C-955A31B03E76}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    FirewallRules: [{D47AC28F-2B38-452D-8F44-D6F0E2F48136}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    FirewallRules: [{F1E96ACC-4514-4B8E-86E7-BA2B375C692C}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    FirewallRules: [{BD9B5563-A191-4D1C-BFB7-1169679B88F7}] => (Allow) C:\Program Files (x86)\AIM\aim.exe
    FirewallRules: [{6850836A-5405-4C67-9B7D-521175B99BE5}] => (Allow) C:\Program Files (x86)\AIM\aim.exe
    FirewallRules: [{5EB4EF96-002F-4027-90A0-40A8D81C1120}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
    FirewallRules: [{16E4DA30-0D2D-4FE7-A1F7-E8AFD11A3D35}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
    FirewallRules: [{17CAF1F1-19E6-46E4-819B-6AA71519FE23}] => (Allow) LPort=26675
    FirewallRules: [{9B7D160C-67A8-4EB8-B2B2-B2A8E9304566}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{FD467A1C-4602-4FE4-8689-AB8ED3825991}] => (Allow) svchost.exe
    FirewallRules: [{5E3F27ED-0C1E-4F93-8FE5-F337331CED81}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
    FirewallRules: [TCP Query User{C2D9C34B-465F-47C8-A3B6-80C69D68E42B}C:\program files (x86)\tencent\qqintl\bin\qq.exe] => (Allow) C:\program files (x86)\tencent\qqintl\bin\qq.exe
    FirewallRules: [UDP Query User{DD6591E6-F04B-4C67-9D60-81AF5A259727}C:\program files (x86)\tencent\qqintl\bin\qq.exe] => (Allow) C:\program files (x86)\tencent\qqintl\bin\qq.exe
    FirewallRules: [{10C63BBE-1EBF-4856-BA88-7EDBDB3ACC81}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [{63CDBB63-93D1-4278-AEBF-27FFA34D0061}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
    FirewallRules: [TCP Query User{6E343AD3-B1FC-44BC-978D-2BC405A1888A}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
    FirewallRules: [UDP Query User{DAB1EF2A-5078-42FC-B0DC-CBBF6C83D1BA}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
    FirewallRules: [TCP Query User{B57677ED-7169-48A8-8D98-800E14898FCA}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
    FirewallRules: [UDP Query User{C3EDABF2-1388-48B3-A8B3-320D3CA46967}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
    FirewallRules: [TCP Query User{D54C2BB4-5C64-4E71-8D81-F4BBB0F9D469}C:\program files (x86)\aim\aim.exe] => (Allow) C:\program files (x86)\aim\aim.exe
    FirewallRules: [UDP Query User{A7157999-3B04-493F-8BD6-8A23184B69D5}C:\program files (x86)\aim\aim.exe] => (Allow) C:\program files (x86)\aim\aim.exe
    FirewallRules: [{002C8D8D-5BEC-4EAF-9CB5-46B3CF042D80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{D4807B0F-2D8F-410E-9F05-95599A87C821}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{27CBA9C1-0CD8-4BED-BB98-8883067F878C}C:\program files\sony\vaio care\vcsystray.exe] => (Block) C:\program files\sony\vaio care\vcsystray.exe
    FirewallRules: [UDP Query User{30774FF0-5A55-4583-9155-505C2C11F29A}C:\program files\sony\vaio care\vcsystray.exe] => (Block) C:\program files\sony\vaio care\vcsystray.exe
    FirewallRules: [TCP Query User{B84C31BE-A795-46C4-AD1C-186E0405BD9A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
    FirewallRules: [UDP Query User{4DCF1858-B4D7-4CE2-8D9B-3FDDE732F34B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
    FirewallRules: [TCP Query User{30FB1917-24BE-4B94-9E2A-1CEAD8371AE7}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
    FirewallRules: [UDP Query User{1D5E103C-D2F3-4C0F-ABA4-E326C4E794AE}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
    FirewallRules: [{7D7B1FCE-FC39-4404-8CAF-15A2C32CA40D}] => (Allow) C:\Users\Calvin\AppData\Local\Temp\Blizzard Installer Bootstrap - 0123da5c\Installer.exe
    FirewallRules: [{A5808D6F-64D2-4873-8037-F91FAAF73AE5}] => (Allow) C:\Users\Calvin\AppData\Local\Temp\Blizzard Installer Bootstrap - 0123da5c\Installer.exe
    FirewallRules: [{3332097B-6573-495A-9D06-48F5BCBE8CA7}] => (Allow) LPort=3724
    FirewallRules: [TCP Query User{3DF6F7C1-A735-4084-90B4-8D273F49839B}C:\users\public\games\world of warcraft\launcher.exe] => (Allow) C:\users\public\games\world of warcraft\launcher.exe
    FirewallRules: [UDP Query User{871C06B6-F1BA-4F1C-9550-215C54CBDA75}C:\users\public\games\world of warcraft\launcher.exe] => (Allow) C:\users\public\games\world of warcraft\launcher.exe
    FirewallRules: [TCP Query User{A36EF660-E21D-401A-BF72-CD8EFCF74062}C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe
    FirewallRules: [UDP Query User{FBF48E1C-23E2-4EE2-A9CB-5B2D2A27A318}C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe
    FirewallRules: [{036F65B2-6633-4277-A756-5D7545612AAB}] => (Allow) C:\Program Files (x86)\StarCraft II Beta\StarCraft II.exe
    FirewallRules: [{E8732180-706A-4A4C-8296-4E019A640428}] => (Allow) C:\Program Files (x86)\StarCraft II Beta\StarCraft II.exe
    FirewallRules: [{23842B4A-8218-41BD-A9D8-38E9A9E587FB}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
    FirewallRules: [{3CE348F1-CA4B-4299-B76F-2ABE9D9AEEAA}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
    FirewallRules: [TCP Query User{9D6A33C6-28B2-4C28-9A9D-CB3CD5E6FA21}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Allow) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
    FirewallRules: [UDP Query User{B48152BF-8743-488E-86EE-C1EB68385B8B}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Allow) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
    FirewallRules: [TCP Query User{9293A258-43AE-4D57-AF18-323F1912F969}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
    FirewallRules: [UDP Query User{6572BA59-CC24-4F2A-B3BF-040B5E0CE800}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
    FirewallRules: [{EACEB4E4-E37F-40E5-9EED-D349CD79DB01}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{E0AB0201-490B-4734-B9C7-42C9E67D38AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{B9BE48DC-64D1-4594-A929-D1B546DEBC22}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{8BFA5C2C-60DD-4EC0-91A6-193FDD667912}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{E21B3623-D51B-48D8-86DD-8A708AD2C083}C:\program files (x86)\oovoo\oovoo.exe] => (Allow) C:\program files (x86)\oovoo\oovoo.exe
    FirewallRules: [UDP Query User{9F858974-4C74-490F-A147-D1FFDE61D7B7}C:\program files (x86)\oovoo\oovoo.exe] => (Allow) C:\program files (x86)\oovoo\oovoo.exe
    FirewallRules: [{DFE9F661-AF88-4994-86DB-F582ECC01862}] => (Allow) LPort=443
    FirewallRules: [{85990B22-0A58-4DA2-BECC-E5207A98643D}] => (Allow) LPort=443
    FirewallRules: [{9CEBD91C-1ABD-4453-9586-23563D517098}] => (Allow) LPort=37674
    FirewallRules: [{CBF68B62-3DE3-4E1E-882B-FBB15BBB4FCA}] => (Allow) LPort=37674
    FirewallRules: [{31B21385-ABAF-4D6A-A03C-5187270FAD8E}] => (Allow) LPort=37675
    FirewallRules: [{054D80C0-36B7-42F2-809C-591C60F42618}] => (Allow) C:\Users\Calvin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{CC36C340-3C41-434F-BE4B-19279B0B2BD2}] => (Allow) C:\Users\Calvin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{82469EE8-6128-4F03-BE93-574FD449AE49}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    FirewallRules: [{56377647-7052-4983-B8DA-940F88255F1D}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    FirewallRules: [{AB97C54B-0A17-4D7A-8CE6-041F6D9D4269}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    FirewallRules: [{F5D24ADC-DB08-491D-918A-B7DB49757266}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    FirewallRules: [{2BF6072F-BE90-4BFA-A3DC-D87C78FB93E0}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    FirewallRules: [{22554DB1-F4C1-46EC-B91B-02382E4C6D53}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{EE911469-9C66-4287-B207-42F679E2DD02}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{31D7B914-E1D1-45DA-A22A-C646C187554C}] => (Allow) C:\Users\Calvin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{49FEE09B-F298-4476-96AF-4A90D3831E63}] => (Allow) C:\Users\Calvin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [TCP Query User{C29C6B33-1A3B-4C8C-B3A6-5F79CAB5698D}C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe
    FirewallRules: [UDP Query User{9E2E7896-A831-4C35-ACF8-BCB365A7CE2C}C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii beta\versions\base13891\sc2.exe
    FirewallRules: [{6C1EC8A6-F898-42F3-A877-D8B0205FA8C5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{83835CBD-6FA5-4FAD-8695-913C04D73679}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [TCP Query User{30465FEF-FBA4-4B91-B2CB-BF087972753D}C:\program files (x86)\steam\steamapps\nivlac2425\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\nivlac2425\counter-strike source\hl2.exe
    FirewallRules: [UDP Query User{3FE8A49B-A3CE-45C7-9E5E-2F8F28AA3292}C:\program files (x86)\steam\steamapps\nivlac2425\counter-strike source\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\nivlac2425\counter-strike source\hl2.exe
    FirewallRules: [{7563C0C3-E4FA-4DAD-A078-69FE2DD9EFA7}] => (Allow) C:\Users\Calvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{2AE2CDE3-9007-438D-AD57-7EA30A67FFAB}] => (Allow) C:\Users\Calvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{723E96A1-5501-4933-8B6A-704DA7F39B90}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
    FirewallRules: [{584C3FAD-35AF-4C9F-8797-606046B4A17F}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
    FirewallRules: [{B7EEAC77-4576-4747-9E2D-DC107A41F1C2}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
    FirewallRules: [{628FD4DE-92AF-4EA1-9AD2-01CC53E35E17}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
    FirewallRules: [{4016B523-CFB6-45A6-9268-77671BC4B455}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
    FirewallRules: [{A47D0D80-8DA1-4F03-8B1D-C35C454895B7}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
    FirewallRules: [{CC3BA127-BC16-44D9-9AE6-9CF55CD34180}] => (Allow) LPort=443
    FirewallRules: [{FE23FF94-E02A-4DB0-A153-DE5F78CD3A16}] => (Allow) LPort=443
    FirewallRules: [{7E4129C8-4B9F-442C-A854-E44CEEED7610}] => (Allow) LPort=37674
    FirewallRules: [{D0293BD7-AC02-43E4-A1B1-0992252BC38D}] => (Allow) LPort=37674
    FirewallRules: [{B5307407-F630-4EEB-BB23-78F4CE17D4BC}] => (Allow) LPort=37675
    FirewallRules: [{51C6D80F-C12C-47C5-A309-7A8711928431}] => (Allow) C:\Program Files (x86)\Steam\steamapps\nivlac2425\counter-strike source\hl2.exe
    FirewallRules: [{C5789131-9DF6-49D1-B291-D8A8706C02BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\nivlac2425\counter-strike source\hl2.exe
    FirewallRules: [{334F0EBE-4810-4EC2-85BF-6B05CD60D967}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
    FirewallRules: [{6DD4659C-B60F-4181-8124-8D96CEAB4C01}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
    FirewallRules: [{A3E1C6A6-74FB-4547-BEB8-C0E4851A3BD7}] => (Allow) LPort=7000
    FirewallRules: [{0E7A712C-D3E6-48F2-A982-06C6CFE195E1}] => (Allow) LPort=7000
    FirewallRules: [{F82C75CB-ED2D-4234-9960-2DCFD039C735}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
    FirewallRules: [{A4C3E3E8-F888-42DD-AF65-1D13773E5AF1}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
    FirewallRules: [TCP Query User{614C2085-0687-4DF3-98E2-085EF6564550}C:\users\calvin\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\calvin\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{D3E2D03E-F9D3-4383-A8C3-3D02671C9502}C:\users\calvin\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\calvin\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [{0754E7F7-3EEA-4FD3-8783-B203F4CA426D}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    FirewallRules: [{B7968823-B5DB-4ED8-B01D-8469995CA615}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    FirewallRules: [{218CBBCC-75BA-4885-BA25-7083C41FE58E}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
    FirewallRules: [{A818EB92-BAE0-473E-9D8B-7D39E5E8FD9A}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
    FirewallRules: [{BD54DD6F-18BA-4B36-A745-DCCDB70EDBD1}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    FirewallRules: [{C0BF4318-BE88-4FEB-92D7-9066938CEDCC}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    FirewallRules: [{A9C2A7E2-75FE-4C61-8B15-6FCD44513AE3}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
    FirewallRules: [{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{22EC3136-CADE-4416-9D77-F40268D55AD2}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{C229CA86-D1D2-4089-A45B-2E31E803BAF1}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{4F08CF52-B016-4A68-944C-1304C9C0BE35}] => (Allow) C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
    FirewallRules: [{CD4A55A3-AC69-4910-B11D-11764353D2A1}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    FirewallRules: [{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
    FirewallRules: [{8A3BB187-468E-4D84-9792-02A814D0A23C}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
    FirewallRules: [{DF58609B-7294-4D7B-8E9A-A4EABA727F0B}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe

    ==================== Faulty Device Manager Devices =============

    Name: Microsoft Virtual WiFi Miniport Adapter
    Description: Microsoft Virtual WiFi Miniport Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: vwifimp
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (10/13/2015 07:40:31 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
    Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

    Error: (10/13/2015 12:22:18 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
    Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

    Error: (10/12/2015 08:40:49 PM) (Source: Windows Backup) (EventID: 4103) (User: )
    Description: The backup did not complete because of an error writing to the backup location I:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

    Error: (10/12/2015 08:32:14 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
    Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

    Error: (10/09/2015 08:27:47 PM) (Source: niZeroconfService) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 8096

    Error: (10/09/2015 08:27:47 PM) (Source: niZeroconfService) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 8096

    Error: (10/09/2015 08:27:47 PM) (Source: niZeroconfService) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (10/09/2015 08:27:46 PM) (Source: niZeroconfService) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 7082

    Error: (10/09/2015 08:27:46 PM) (Source: niZeroconfService) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 7082

    Error: (10/09/2015 08:27:46 PM) (Source: niZeroconfService) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    System errors:
    =============
    Error: (10/13/2015 07:47:21 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Windows Update service hung on starting.

    Error: (10/13/2015 07:46:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

    Error: (10/13/2015 07:45:52 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

    Error: (10/13/2015 07:43:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The VAIO Power Management service failed to start due to the following error:
    %%1053

    Error: (10/13/2015 07:43:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the VAIO Power Management service to connect.

    Error: (10/13/2015 07:39:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:
    %%1068

    Error: (10/13/2015 07:39:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The MSCamSvc service failed to start due to the following error:
    %%2

    Error: (10/13/2015 07:39:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The AVGIDSDriver service depends on the AVGIDSFilter service which failed to start because of the following error:
    %%1058

    Error: (10/13/2015 12:30:21 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Windows Update service hung on starting.

    Error: (10/13/2015 12:29:30 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.


    CodeIntegrity:
    ===================================
    Date: 2015-10-13 00:17:00.156
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2015-10-13 00:17:00.079
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM)2 Quad CPU Q8400 @ 2.66GHz
    Percentage of memory in use: 68%
    Total physical RAM: 6079.18 MB
    Available physical RAM: 1890.64 MB
    Total Virtual: 12156.56 MB
    Available Virtual: 6163.17 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:271.1 GB) (Free:63.44 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 60AAB2BB)
    Partition 1: (Not Active) - (Size=10.5 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=271.1 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=184.1 GB) - (Type=05)

    ==================== End of Addition.txt ============================
     
  25. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
     

    Attached Files:

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...