Solved Win7Pro64 system suffered BSOD in IE Malware?

[Rwolf01]

OTL's Extras.txt: (part 1 of 2)

OTL Extras logfile created on: 6/16/2014 11:29:30 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rwolf02\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.90 Gb Total Physical Memory | 5.60 Gb Available Physical Memory | 70.82% Memory free
15.80 Gb Paging File | 13.01 Gb Available in Paging File | 82.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 678.89 Gb Total Space | 139.82 Gb Free Space | 20.60% Space Free | Partition Type: NTFS
Drive H: | 14.83 Gb Total Space | 14.83 Gb Free Space | 99.98% Space Free | Partition Type: FAT32

Computer Name: RWOLF02 | User Name: Rwolf01 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-747785638-1536544367-690633523-1001\SOFTWARE\Classes\<extension>]
.scr [@ = AutoCADScriptFile] -- C:\Windows\notepad.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" = C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player -- (DDD Group Plc.)
"C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" = C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player -- (DDD Group Plc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{141FCB80-82B9-40D4-AAF3-235811644C70}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{264C607D-CF4C-4069-893C-AB841F2C0FA1}" = rport=139 | protocol=6 | dir=out | app=system |
"{31C4D58F-77E8-4B76-AD43-2391871256D9}" = lport=3888 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
"{40CF408F-61B2-471F-9AE5-0B081F33A0B7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A206C7C-28B6-4AE0-A79A-0C88C2A5B61E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5BCE498C-AD9C-47C5-8947-DF969EC27761}" = rport=137 | protocol=17 | dir=out | app=system |
"{5D024015-13B7-4707-9BB4-61A0C5E3FF1C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63037D37-F7A8-49C5-9CFF-6D732B407AC1}" = lport=3880 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
"{636D8EB7-8A2E-4826-A0F7-7FCE32DA3816}" = lport=138 | protocol=17 | dir=in | app=system |
"{674BB221-C194-41CE-8589-21A7D7103EA3}" = rport=138 | protocol=17 | dir=out | app=system |
"{761D2DCC-C8C3-4567-A126-E25A272DC806}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76789109-681D-4D42-B811-C78A9B2365A8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{774CE0DD-C6FD-4CD1-AC2C-DC7A3B545BAD}" = lport=3389 | protocol=6 | dir=in | app=system |
"{815207BE-08B6-4242-B967-41B7B031772A}" = lport=3888 | protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
"{8D601EAA-AD6E-4818-8C65-F00228281887}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{98D3609F-B109-45B2-9C15-183A6F4CC47B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B01BFFFB-E508-4265-9C8F-480C9F2048E6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B072C76D-F4DC-4BCF-91D9-081BDD789A49}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B1EA0FD6-6CBB-4E28-BB62-0EE758E2956E}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{B4599F11-C75D-4996-93C7-B385DE77971B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B54049EE-5EEA-4D6F-B26E-64DDB83EFB2C}" = rport=445 | protocol=6 | dir=out | app=system |
"{B6EFB8C0-A04D-43E6-957E-7F442B1182C6}" = lport=445 | protocol=6 | dir=in | app=system |
"{BCD4A14E-3BD7-47D4-8BE6-C6C0130E0136}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BFAF01AA-A86B-467F-A0AE-3296D02657B8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C248247D-B3FF-4338-A92D-D45CD6D710AD}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C8A8A072-B0D2-4F83-8E0D-7B3A0DE543BC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{CD4A55A3-AC69-4910-B11D-11764353D2A1}" = lport=3580-3581 | protocol=17 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\systemwebserver.exe |
"{E33D26CA-D59C-4619-9EB8-1A28B3FF5F06}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E4F54625-781B-46FC-A4BA-4AC77476999E}" = lport=137 | protocol=17 | dir=in | app=system |
"{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}" = lport=3580-3581 | protocol=6 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\systemwebserver.exe |
"{F354B07F-FBAD-417A-8468-CF03DC8DAFE3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F68D5EF9-5E07-4AFF-A1BC-9F62401B01D4}" = lport=139 | protocol=6 | dir=in | app=system |
"{FCE21A81-3A6A-4AEF-A3BD-F6D015ACD4A6}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{023EB39F-403D-4DD4-B2D8-988CB6EA9CB9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{078B7BF5-9C25-45AC-9FA6-A92CF31E5600}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\rpds\bin\rpdsvc.exe |
"{09FE8D3A-9734-451D-95AA-B5087BD94FF8}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0A236729-C437-42B3-8DE9-966263703208}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0CFD63C6-404D-4461-98DC-BD749D898CA5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0FEB60BA-7275-46C5-AEB3-8A4EAD3878CB}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1843CD6D-A5A1-4D29-BF88-C202D23BC7BF}" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"{188958D4-52F2-4086-B878-685A283A4444}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1D5DCAC2-4C48-4122-A796-1EF464AC77F3}" = dir=in | app=c:\program files\hp\hp officejet 4620 series\bin\devicesetup.exe |
"{1DD63621-DDAF-485F-9D17-C622952094C3}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{22EC3136-CADE-4416-9D77-F40268D55AD2}" = protocol=6 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\applicationwebserver.exe |
"{2C6F3DF2-4CDA-4116-BDC2-AB830FB79823}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{375679DA-C1C4-45C4-900C-96B64DCD79EA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}" = protocol=17 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\applicationwebserver.exe |
"{3DD07643-47BE-4BBE-9EFF-AC95B6A0A4C5}" = dir=in | app=c:\program files\hp\hp officejet 4620 series\bin\digitalwizards.exe |
"{4447037E-31F0-42AB-8378-FB6EA2F5C1CA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4B2C6968-BF13-4281-BBAC-BFF31AD49E3B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4CDA731F-2B84-4C77-8CC4-4A5BAC1F924E}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{4F08CF52-B016-4A68-944C-1304C9C0BE35}" = protocol=6 | dir=in | app=c:\program files\national instruments\shared\ni webserver\applicationwebserver.exe |
"{551D8DC9-016A-4CF2-9EFF-51C12EE97139}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5602B53D-B6BB-4F5C-9A98-564D48C79FC8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5B43DA37-8AE3-4F73-8C1D-F6CAF905BCE4}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{610AE511-86AF-41F2-8E11-F6D872B019DD}" = dir=in | app=c:\program files\hp\hp officejet 4620 series\bin\hpnetworkcommunicatorcom.exe |
"{65A42DAA-02FA-434C-87E6-D084D415A5D2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{66B8BCE8-A088-4DEC-9FA5-9FA73EDB9CA5}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"{67D7B07D-9878-4E07-88EF-AB1A5107BEF3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{685BA48B-402F-479A-B011-A6E2B3621F19}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{767F0861-1D7F-4F59-B45F-899DF514AA31}" = dir=in | app=c:\program files\hp\hp officejet 4620 series\bin\faxapplications.exe |
"{771B0F24-90EE-40F2-A5CC-3781F2D08A82}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8CC05463-0F3F-47DB-9D24-498443640F14}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A157E9FD-20D9-40D2-A887-147AD29FD64C}" = protocol=6 | dir=out | app=system |
"{A3FCB378-B811-4088-BEE9-ABAC37406D60}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{A8DE5BC2-40F4-40F1-8A22-09B91B8A7E39}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C142208F-72EE-4659-B59F-1D102AD24FAA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C229CA86-D1D2-4089-A45B-2E31E803BAF1}" = protocol=17 | dir=in | app=c:\program files\national instruments\shared\ni webserver\applicationwebserver.exe |
"{C3C73AE0-08C3-40D7-96D8-0982A013F963}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C5BEA5CD-0F12-4127-A9E1-9302839DF041}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C8AE8987-C476-42F1-A462-E377F2E63412}" = dir=in | app=c:\program files\hp\hp officejet 4620 series\bin\sendafax.exe |
"{CA887546-C987-4531-BA25-943C0EEB2858}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D2C813C3-438F-48FA-9E18-94395D6B32D7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D52D6273-82AD-4135-87DF-89576AF6CFE2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D715C198-234E-4AF8-9814-1C18536E0DA1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E116B705-6BF6-48E5-B515-BAB3531C08D4}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{EFE2A686-0C80-426E-8208-8C64C2561AA0}" = dir=in | app=c:\program files\hp\hp officejet 4620 series\bin\hpnetworkcommunicator.exe |
"{F72B401A-35D3-4066-B6E6-99DB0744039A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"TCP Query User{1C9877F0-A6AA-4867-BC8E-760E739D6555}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{4E3E8F34-5C17-4647-9D79-E276BD04EE33}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{5466EAF2-838C-441B-8220-159B4C11D793}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{65A2A1E8-7C39-466A-8AEC-AB7D3144AF2D}C:\users\rwolf02\appdata\local\temp\7zs2580\enterprisedu.exe" = protocol=6 | dir=in | app=c:\users\rwolf02\appdata\local\temp\7zs2580\enterprisedu.exe |
"TCP Query User{69F8C828-054E-4BE5-B1B1-63451C909C8F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{12C88F49-4B60-449E-A77D-05D338A88DFD}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{5827F79F-C069-4C3C-979D-77E95F5ED27A}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{67FB51EC-321C-4FF0-BFE0-69D543C56CAA}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{97E2702F-CFBE-4E04-B945-476CE1B6FBAB}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{C55A2718-E140-42A4-8F7B-77B8198BC5DD}C:\users\rwolf02\appdata\local\temp\7zs2580\enterprisedu.exe" = protocol=17 | dir=in | app=c:\users\rwolf02\appdata\local\temp\7zs2580\enterprisedu.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000A570E-F926-4808-956C-A57EE91B75F6}" = NI TDM Streaming 2.4 (64-bit)
"{00606A59-716C-484A-AE64-5F7E3F23B3BD}" = NI GMP Windows 64-bit Installer 12.0.0
"{0136EF84-8660-4FE0-A9E5-F052F6230085}" = OLYMPUS Raw Codec
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07E00E94-7A78-40FA-9BEF-71C190E98041}" = NI VC2008MSMs x64
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0C2486A3-EF0D-4C6C-9947-C63D6E8C6E4C}" = NI LabWindows/CVI 2010 SP1 Network Variable Library (64-bit)
"{0EA4894B-C99B-48E4-976A-94B55CB89239}" = NI MXS 5.3.0 for 64 Bit Windows
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{11A955CD-4398-405A-886D-E464C3618FBF}" = Adobe Photoshop Lightroom 4.4 64-bit
"{176468CE-41AB-4A9A-AC38-45A146D39688}" = NI LabWindows/CVI 2010 SP1 Run-Time Engine (64-bit)
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{197B80EB-D791-4DA4-9398-B5F029738E22}" = NI System State Publisher (64-bit)
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E0A5B20-9D36-4861-BEF8-9B9B4C278218}" = NI TDM Excel Add-In 3.4 64-bit
"{1E6ED082-E32D-4B2B-8B6A-70B094815135}" = Microsoft SQL Server System CLR Types (x64)
"{20F3F8E0-7CCF-4A4E-A23C-58B188E87F4F}" = NI System Configuration Runtime 5.3.0 for Windows 64-bit
"{21E47F47-C9A7-4454-BA48-388327B0EA00}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{237E305C-B625-466A-88CE-1E121BF4FDB1}" = Send To Neat
"{25DECAB0-6580-4B9C-8174-5AC6C9E2D823}" = NI LabWindows/CVI 2010 SP1 TDM Streaming Library (64-bit)
"{26F481C6-8DBE-4F8B-9D8D-715081C23ADE}" = Adobe Premiere Elements 10
"{28324488-BF50-488F-BE40-6ED3CFA40C26}" = NI Variable Engine (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{32C65538-80DA-41C9-B990-EED4D260B50F}" = NI System API Windows 64-bit 5.3.0
"{34EB42BE-F4D3-44C1-B28E-9740115DB72C}" = VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325
"{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}" = SmartSound Premiere Elements 10 x64 Plugin
"{3F7CDE88-3B1B-42C1-ACDF-05720E0B04BB}" = NI Web Application Server 12.0 (64-bit)
"{41B541B6-3518-4343-8A67-46FF9A4AA1A3}" = NI USI 2.0.0 64-Bit
"{45A790D5-C7EB-4BE0-B71A-10C550844AF6}" = NI Portable Configuration for 64 Bit Windows 5.3.0
"{4681CBC7-F304-4EF1-BBE9-B5CFCADCD3DA}" = Intel® PROSet/Wireless WiFi Software
"{46EF0477-FBC0-47D4-B9B6-81DB345C18E9}" = NI Network Discovery 5.3 for Windows 64-bit
"{4AE29B5C-87B1-3C4E-8E15-17B83BA745CB}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{4D95D095-8C6F-4357-BDD8-27E295F37FB1}" = VAIO Care
"{4DD08E99-6FC1-4188-9A2E-0AF968279E41}" = NI mDNS Responder 2.1 for Windows 64-bit
"{4E4282C3-F66E-4852-837A-7675527178C2}" = Intel(R) WiDi
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{50B2D9D8-87B6-49EE-BC5C-874119FD6B7B}" = NI Xerces Delay Load 2.7.3 64-bit
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{549AD5FB-F52D-4307-864A-C0008FB35D96}" = VCCx64
"{55edfa54-e764-453a-9014-144255fb40d3}" = Intel(R) PRO/Wireless Driver
"{58A9B4F6-2E67-464A-9F71-95F6D7159702}" = NI Math Kernel Libraries (64-bit)
"{5A59ABAE-5F06-4241-B607-6376C29F9F31}" = NI Logos64 XT Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6F280399-F8BD-4F2E-BCA4-207BEBCDE33A}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{774510C7-E6AC-4ECB-ACEF-D5284FED4D0A}" = NI-RPC 4.3.0f0 for 64 Bit Windows
"{79253283-47EB-4A67-9014-0CBEC8AE4D0C}" = NI VC2010MSMs x64
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{7EA2D88A-C8B7-4102-8644-0A437B6FC143}" = Neat Mobile Scanner Driver
"{81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{824088E6-2B7A-4CD3-9835-D2AE8BB55EBF}" = NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 9.5.5
"{83F51BBA-48BE-4BB6-B96A-F4AAE4C462F9}" = HP Officejet 4620 series Product Improvement Study
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{86F88524-6AF8-4D10-9F3C-AFB0DA2A3F39}" = NI ActiveX Container (64-bit)
"{886C0C18-F905-49B2-90BA-EFC0FEDF27C6}" = VAIO - PlayMemories Home Plug-in
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}" = Neat ADF Scanner 2008 Driver
"{8CF8CB9F-1FF7-4029-8B3D-9A40100B4A09}" = NI Logos 5.4 (64-bit)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99E6C2F3-59B2-4308-B1CD-4928B55B7E30}" = VGClientX64
"{9C10623C-BF56-4D66-8F1F-B2D667E44986}" = NI System Web Server Base 12.0.0 (64-bit)
"{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}" = Neat ADF Scanner Driver
"{A7DE0CB6-DE87-4065-9596-5A1E9FED3297}" = NI Assistant Framework 64-bit
"{ACA45A9D-5C68-429F-AE87-0F2917136FCC}" = NI SSL Support (64-bit)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AFE7987B-E282-42CE-AD5A-E333BE31E204}" = NI Curl 12.0.0 (64-bit)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.14.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.1111
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.14.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{B411AD10-1BC9-4939-8848-BC5E66F662B7}" = HP Officejet 4620 series Basic Device Software
"{B618335B-11D2-4780-B5CE-AA2D111DB693}" = NI Authentication 12.0.0 (64-bit)
"{B9254715-D10D-4B4B-B002-54CBA61E6F64}" = NI LabVIEW Broker (64 bit)
"{B9293F41-3CB1-4E86-9523-010F8ACB782D}" = NI Xalan Delay Load 1.10.2 64-bit
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BD432073-6A5D-4F0F-8952-43B3C21A31C3}" = NI Trace Engine (64-bit)
"{BE2DC247-C185-4EC2-840F-484B46AA1B0E}" = NI MAX Remote Configuration 64-bit Installer 5.3
"{C3D647DC-7317-41F3-A8DB-CC6B98239C6E}" = NI MAX Support for 64 Bit Windows
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{CCC79B52-19CF-4A50-BE60-AEE3DE96B3EA}" = NI Web Pipeline 2.0.1 64-bit support
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}" = Neat Mobile Scanner (Silver) Driver
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{D57519D3-2E37-3E34-94AF-4D59BFAB87E6}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{D754C95D-A80F-471C-819B-EEEDD07C9B0A}" = NI-Mesa
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DABB1D70-482A-4B92-8B24-052AD650A2B0}" = NI LabWindows/CVI 2010 SP1 Analysis Library (64-bit)
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{DCEF4AB3-3E07-4517-9A92-9599C903E32B}" = NI DataSocket 5.0 (64-bit)
"{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}" = Neat Mobile Scanner 2008 Driver
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E3867DF9-81D4-40BC-880C-1F134FECF995}" = NI Help Assistant (64bit)
"{E3E3E625-8F74-44CE-A6D2-C31CB43DA23D}" = NI VC2005MSMs x64
"{E3EB4126-0930-4926-B135-1F85452E7975}" = Math Kernel Libraries (64-bit)
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{F0932859-AA60-459E-B843-0BDECA34E2C7}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB" = Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"EPSON WorkForce 1100 Series" = EPSON WorkForce 1100 Series Printer Uninstall
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"PremElem100" = Adobe Premiere Elements 10
"Recuva" = Recuva
"SynTPDeinstKey" = Synaptics Pointing Device Driver

 

[Rwolf01]

OTL's Extras.txt (part 2 of 2)


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00205043-EF6B-4676-8700-C4CA79AF38CB}" = NI Remote PXI Provider for MAX 5.3.0
"{036C09F0-1423-4097-9720-D9E034CFF50A}" = NI Web Application Server 12.0
"{0426182B-4CE3-4F93-93ED-22C1B99B794D}" = NI License Manager
"{05855322-BE43-41FE-B583-D3AE0C326D58}" = Microsoft Silverlight 4 SDK
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play with PlayStation®3
"{075CA8A9-25A1-4EA7-885C-8A92AED7DB3A}" = NI LabWindows/CVI Run-Time Engine 2010 SP1 (Updated)
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{09C52940-A4D1-4409-A7CC-1AAE630CF578}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{0A013EA1-A1D3-11E0-8DCF-005056C00008}" = Sound Forge Audio Studio 10.0
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BE273CD-AAB9-361B-8C32-D955EAC929E3}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0FD812C9-3BBE-4CC5-A43C-B7304E3EC581}" = NI Web Pipeline 2.0.1
"{10C2A6F0-6700-4D31-AC24-D0D5100B79CC}" = NI Network Discovery 5.3
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{11AABEE9-3FC1-49A9-BA67-D49BD0FEC39A}" = NI LabVIEW 2012 License
"{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
"{1289A4EC-A5C8-48A0-AF39-0E49F716C20F}" = NI Customer Experience Improvement Program
"{1325DEDB-4EA5-45EF-85A7-A01D58BB9420}" = NI-DAQmx/LabVIEW shared documentation 9.5.5
"{143CCCB0-7075-4957-9318-FD4CCD457572}" = NI System Configuration LV2012 Support 5.3.0
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{166B0BE3-4A53-4E18-B967-DEF63795DB75}" = NI Software Provider for MAX 5.3.0
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{16926780-AA4D-4BC0-ADBD-E8D17D0F63A2}" = NI System API Windows 32-bit 5.3.0
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{18435829-4E75-4CD1-9796-A62DBBAE2ED7}" = DeepSkyStacker
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1AA5BD63-6614-44B2-88A7-605191EDB835}" = Dotfuscator Software Services - Community Edition
"{1B134E1D-FD88-44EE-AD47-E41D023F913C}" = NI LabVIEW 2012 (32-bit)
"{1CD7BB88-C496-4484-A309-6F2F84814416}" = NI Web Interface Framework 2012
"{1D273D91-D7D5-4036-8B84-EB4615FF5F81}" = SmartSound Sonicfire Pro 5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}" = RealDownloader
"{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
"{231D0E11-0313-49FD-95CE-1D0264C7F1F5}" = NI Math Kernel Libraries
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{25A0DCD9-84D7-47A2-A139-C3BCC43CD59A}" = NI System API Web-Servce 32-bit 5.3.0
"{25CDAF24-F25B-402D-A7C7-B0B73C66A6FD}" = NI LabVIEW 2012 MeasAppChm File
"{27B67D4C-407D-43FF-BCDE-B9E3208070E3}" = NI LabVIEW 2012 Deployment Framework
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28D398A0-EA5E-462F-94D0-3176B11F83AD}" = NI LabVIEW 2012 Run-Time Engine Web Server
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}" = OLYMPUS Digital Camera Updater
"{2ADC660A-77C9-4A6C-9D4B-5E48A27BCA10}" = NI Help Assistant
"{2B1D39F8-477A-4B40-B062-F5E0C4D42B9B}" = NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original)
"{2CB15350-C073-4A5B-A706-59E1F69DE11C}" = NI Xalan Delay Load 1.10.2
"{2F41EF61-A066-4EBF-84F8-21C1B317A780}" = VAIO - TrackID™ with BRAVIA
"{2F64AB3D-540C-44FF-ABB6-6A2E6CF8B8A5}" = NI Instrument IO Assistant for LabVIEW 2012 32-bit
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{3246360A-10B4-4604-8C84-609F526A9A74}" = NI LabVIEW 2012 Search
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33F298F6-BE62-4294-A5E4-01DED9E7614B}" = NI LabVIEW 2012 (32-bit)
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3611CA6C-5FCA-4900-A329-6A118123CCFC}" = Bing Bar
"{36D68CEE-1AC5-47E1-A269-791683DE53D0}" = NI NI LabVIEW 2012 Run-Time Engine Non-English Support.
"{38300A40-AB90-444D-A823-17EB95A5C731}" = NI NI LabVIEW 2011 SP1 Run-Time Engine Non-English Support
"{3854EDA2-20A9-4A25-9A29-47A8BBF48DEB}" = NI LabVIEW Run-Time Engine 2012
"{38930905-CC7D-457D-963E-FD2B0F3CC24A}" = NI LabVIEW 2012 (32-bit)
"{39E63436-773B-4294-9C19-E4E5941A6C69}" = NI Logos 5.4
"{3A1E27A9-C447-484E-9A9B-B23864DB1316}" = Microsoft Silverlight 5.1
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E8FE46A-2A04-4328-A873-6E0ADC91FE8A}" = NI LabVIEW 2012 Real-Time Error Dialog
"{3F0B4C33-6958-43B9-8493-C6E6D4A3565B}" = NI USI 2.0.0
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{4128842C-D299-4ADE-84A7-AB923079DE94}" = NI LabVIEW Merge Utility 12.0.0
"{4159DD60-49C1-4323-A1A5-FB060CBA35C5}" = NI Measurement Studio Recipe Processor
"{416B50BB-64CE-46C5-81A6-7F842CC35CDC}" = NI LabVIEW MAX XML
"{41F6CA61-82CB-4615-9A97-252C5D58FA4B}" = NI LabWindows/CVI Run-Time Engine 2010 SP1
"{440d014b-4444-4533-b96d-2910e1ca2bcf}" = Intel® PROSet/Wireless Software
"{442971F2-D1CF-4859-B0AD-167F2BDDC9EA}" = NI LabVIEW 2012 Deployable License
"{454BB334-669A-4F08-B3A5-873327176A7A}" = NI Variable Engine LabVIEW 2012 Support
"{45CD454E-EA23-466B-8AB8-2F3002C7D532}" = NI Search Shared
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{49F05354-04F7-4AE4-8434-9E7B5462C727}" = NI DN 2.0 SP1 installer
"{4B0A05A4-BD5B-473A-9AEA-031B2D93158F}" = NI Uninstaller
"{4B877FC6-F44C-4B39-B0B6-CE15ADC63997}" = NI VC2005MSMs x86
"{4C146083-2C71-4C64-A4AD-5E340E177E63}" = NI ActiveX Container
"{4C16E76C-7A4D-48E7-9E5E-B76B357C014E}" = Math Kernel Libraries
"{4C7AB285-CE33-459F-AB26-0E2DBCCDA2D7}" = NI Trace Engine
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{50F728C0-9A37-4868-B9E1-42565C228B12}" = Reset NI Config 5.0.0
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5156C9BF-1C27-430B-96D8-7129F11699A8}" = VAIO Data Restore Tool
"{526FED3E-499E-4989-B9F9-207E2FE425AA}" = NI SSL Support
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{54AC24BA-DF2F-492F-8A28-C60B0CAD48EB}" = NI Measurement & Automation Explorer 5.3.0
"{554C90EB-19B6-45F8-B6E4-6F050B3700A1}" = NI LabVIEW Run-Time Engine Interop 2011
"{570AFAC0-96B1-4491-B24B-6D251C52AFA4}" = NI System Web Server 12.0
"{5783F2D7-0201-0409-0000-0060B0CE6BBA}" = AutoCAD 2004
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{59DA8C21-C667-47D0-A259-AA942C9A9717}" = NI Curl 12.0.0
"{5A6C68D9-FDCB-4675-A95A-CD908D103614}" = NI TDM Streaming 2.4
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5AEBB67E-812E-43BC-B029-CD83DBA7CE30}" = NI LabWindows/CVI 2010 SP1 Code Generator
"{5CC95D76-A798-4722-AE76-E494D9664907}" = NI .NET Framework 4.0
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5DA2E9EF-3CAA-495F-AB2C-55F39FF9EA39}" = NI SSL LabVIEW RTE 2012 Support
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{5ECC8FF1-BCAD-4197-9C95-4E94E2A6AB6D}" = NI LabVIEW Run-Time Engine 2011 SP1
"{606C37AB-EB04-4270-A592-201A03C2DB36}" = HP Officejet 4620 series Help
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-I Visual Effects 2
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{6466EF6E-700E-470F-94CB-D0050302C84E}" = Remote Keyboard
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66779CC0-03E8-42E2-9781-E8B05FB166BF}" = NI LabVIEW 2012 (32-bit)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6DCB11A2-D051-4FF2-BCE0-2248032DE850}" = NI LabVIEW 2012 Scripting Code Generator
"{6E22CE6C-3F93-4B52-9D4D-BE9BEA3C3B23}" = NI Portable Configuration 5.3.0
"{6E648051-E2C7-4C24-BE4D-055B174B345F}" = NI LabVIEW 2012 Help
"{6EA7B5DD-BE0E-4678-8BD1-E0415C0B59A8}" = NI LabVIEW 2012 (32-bit)
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{6F7B933C-55A2-4F8A-BFA5-BF98CBD61C24}" = NI mDNS Responder 2.1.0
"{6FD21053-829D-40E7-B04C-CAFB7D5CD025}" = KUx86
"{6FFB1B16-0930-421B-9F2C-E4CB91E3B22D}" = NI VC2010MSMs x86
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72AEEFF2-F258-4DCA-AFAE-441AC6CEBA2F}" = NI LabVIEW 2012 Help File
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote Keyboard
"{74DBB98D-B4A7-4DD9-9E13-C51FDB1105D0}" = NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated)
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{78783E82-40B4-46EE-9EDF-9C501E057326}" = NI LabVIEW 2012 (32-bit)
"{7888F38C-E534-473D-B029-562173EEA2C8}" = NI-Mesa
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79A2388A-6FCC-404D-A860-8D2F74844821}" = NI VIPM Helper 2012
"{79E06DF1-24FE-11E1-913F-F04DA23A5C58}" = DVD Architect Studio 5.0
"{7A56D81D-6406-40E7-9184-8AC1769C4D69}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{7A6374F0-6D04-11E0-92E0-005056C00008}" = ACID Music Studio 8.0
"{7B03B9AF-9BC4-4510-971C-375D6352923E}" = WIF Core Dependencies Windows 5.3.0
"{7C6869BF-6CBE-4CB0-8869-2743B419343C}" = NI LabVIEW 2011 Real-Time NBFifo
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7FB07065-F547-448A-A1C3-1F2EF5EB834F}" = NI LabWindows/CVI 2010 SP1 Network Variable Library
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{80FB7EBE-F006-41D4-A288-FA960645E6C0}" = NI DataSocket 5.0
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85467CBC-7A39-33C9-8940-D72D9269B84F}" = Microsoft Visual F# 2.0 Runtime
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{858B32BD-121C-4AC8-BD87-CE37C51C03E2}" = TrackID(TM) with BRAVIA
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{889318AA-C95A-4ED8-94A9-067093DEC808}" = NI System Configuration Runtime 5.3.0
"{88A77AEA-B52C-4D59-858E-51DD450848DE}" = NI Logos XT Support
"{8A192830-46E7-4185-BF3E-60D60615C756}" = NI Update Service 2.1
"{8B583EF5-FA7B-4AE2-9008-51B7FD505886}" = VGClientX86
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D94EB99-D4FC-44C7-A2E2-CD82E0EFF101}" = NI LabVIEW Run-Time Engine Interop 2012
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{8FF8CB08-4E26-4425-9032-BE381589E25A}" = NI Example Finder 12.0
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9262B08F-E183-4FED-A2BD-23FF1A84EB79}" = HPDiagnosticCoreDll
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92F7027F-BEDE-4E87-B18A-A12E3C4A2A96}" = NI Logos LabVIEW 2012 Support
"{944AE87D-38B2-4D09-B9D3-068C2BA6265B}" = NI System API Client for WIF 5.3.0
"{94AEBDCC-159F-4CBB-ABDE-B16483D2CF6C}" = NI LabWindows/CVI 2010 SP1 Analysis Library
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A47220-6DF7-45A5-A766-59EF36E1F600}" = NI-RPC 4.3.0f0
"{99432E4C-1189-4887-9D75-DAA796015FFD}" = Neat Core Files
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CD98CEE-3271-4F0E-9C06-75A1EE9E103F}" = NI TDM Excel Add-In 3.4
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E5E2BB1-C3D2-4A3A-8F9C-2CF0D667914F}" = NI LabVIEW Compare Utility 12.0.0
"{9F06F464-479A-403E-AF92-70CBB8D674A1}" = PRE10STI64Installer
"{A06A7065-FCA1-4D3C-BE65-2837ACCB135D}" = NI LabWindows/CVI 2010 SP1 TDM Streaming Library
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A0D847A9-A042-48F9-A108-FA3BF96B9D6F}" = NI SLCP 1.0
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A460E030-ABF8-4B7B-A01D-1670EDC01EBC}" = VBMx86
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A5133B4F-1D06-408C-95B8-51A5A8B62413}" = NI LabVIEW 2012 (32-bit)
"{A68CCA86-A2CC-41EF-A9F0-50C5FAA9A04C}" = NI Assistant Framework
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ABC5023C-638C-4E52-A78F-991A5F04F1D7}" = NI MAX Remote Configuration Installer 5.3
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.5
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{ACC9DFD9-9DC5-4507-8469-E8A8F5035B9C}" = NI Assistant Framework LabVIEW Code Generator 2012
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD4203ED-7683-435E-B436-C299773A9936}" = MapSource - US Topo v3.02
"{ADBE33A8-0634-4184-AE02-DC85F1745551}" = NI Distributed System Manager 2012
"{AE5F3379-8B81-457E-8E09-7E61D941AFA4}" = VAIO Gate
"{AED17FC7-86C3-47BE-84F9-9F078F522770}" = NI System State Publisher
"{AFB0647D-9FEB-4B4C-BD6C-5D68D6F583DB}" = NI System Configuration 5.3.0 LabVIEW Support
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B3137CC2-0CC4-4763-B38A-AC0ACEE27740}" = NI-RPC 4.3.0f0 for Phar Lap ETS
"{B4A772D4-ED42-4484-8C0E-663A52D07A2F}" = NI LabVIEW 2012 Real-Time NBFifo
"{B4D7F809-ED68-49FD-A1A0-1C77FC956965}" = NI MXS 5.3.0
"{B54F04FD-1440-414B-9FBA-46AAC5B7115D}" = NI LabVIEW 2012 Manuals
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BC537AE0-88AF-47ED-B762-33B0D62B5188}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{BCC373FE-227D-46D9-827F-05BA296E2602}" = NI LabVIEW Web Server for Run-Time Engine
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO CPU Fan Diagnostic
"{C0357E79-BAED-48F4-8AFE-A5E71AFC2658}" =
"{C03C3B2C-6CA6-4134-8E5E-3381D6B19407}" = NI LabVIEW 2012 Simulation
"{C14EAE86-C526-4E00-B245-CFF86233C3D2}" = VAIO 3D Portal
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C226D942-1BD2-47BB-8323-4190C9C17BD7}" = NI LabVIEW 2012 Web Server
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO Manual
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{C8544A9A-76BE-4F82-811E-979799AE493B}" = VAIO Gesture Control
"{C9690FF6-AD3E-43B0-A7FD-6D8A4C929D2C}" = NI System Web Server Base 12.0.0
"{C974EA9C-D8C0-42C3-80B9-3A164EA709F2}" = NI LabVIEW 2012 (32-bit)
"{C9EFF66F-B0CF-4B1A-9371-2FC647658CDF}" = VAIO Help and Support
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CB8C2D73-42F5-45AF-85E6-9E9BFA139F7A}" = Microsoft Camera Codec Pack
"{CE3DE3AE-F384-11E0-B00E-F04DA23A5C58}" = Vegas Movie Studio HD Platinum 11.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF5B430D-C563-4EE6-803D-A8A133DFCE5E}" = Reader for PC
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D31122C9-86AC-4ACD-859E-4B1D340E1D14}" = NI Error Reporting 2012
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D4440B7D-5069-4A54-83CD-A0093A7E9001}" = NI LabVIEW Web Services Runtime
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4E7BB46-310E-4A21-B261-052A5997EA2F}" = V3DPx86
"{D56DA747-5FDB-4AD5-9A6A-3481C0ED44BD}" = Remote Play with PlayStation(R)3
"{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7 Anniversary Edition
"{D9777637-33B7-47A9-800C-F6A2CD4EB0FE}" = VAIO OOBE
"{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}" = WCF RIA Services V1.0 SP1
"{DB19550B-8AC9-4928-A6EE-CBFBAC88A5AB}" = NI MetaSuite Installer
"{DB1A3EA7-0C25-4BEC-A108-176195190369}" = VHD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC25D81-2317-47F6-8B26-D54A939DA1EE}" = NI LabVIEW C Interface
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF184496-1CA2-4D07-92E7-0BD251D7DEF0}" = VCCx86
"{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}" = PlayMemories Home
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1D39E62-6A6E-411E-A3FE-8D0C335DED1B}" = NI Remote Provider for MAX 5.3.0
"{E1D60C68-016C-4951-8C1F-52E24DFE7836}" = NI CodeSignAPI
"{E2664099-6769-474F-A1C0-750AE5221B94}" = NI LabVIEW 2012 (32-bit)
"{E3AE96D6-E196-45B4-AF62-2B41998B9E37}" = UpdateService
"{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}" = Oasis2Service
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6068691-1FBC-4EF0-87E8-609CDB32038A}" = NI Xerces Delay Load 2.7.3
"{E682702C-609C-4017-99E7-3129C163955F}" = VAIO - Remote Keyboard with PlayStation®3
"{E69A31C9-F24F-4A1A-BEAD-B1AA255760C1}" = NI Registration Wizard
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E84997A1-4D6F-4C0B-B60D-F85B360D2666}" = NI VC2008MSMs x86
"{E9592CCE-3058-4308-B52A-5AEA08E54F13}" = NI Authentication 12.0.0
"{EA9650DD-039A-4D72-8967-0FEEFDFB36B0}" = NI Variable Engine 2.6.0
"{EAAE13CD-372C-41C3-88DD-E54C93AF6CAA}" = NI LabVIEW 2012
"{EAC44648-E378-45C7-BEF3-3DD68980E465}" = NI GMP Windows 32-bit Installer 12.0.0
"{EBBAE791-A994-4EBC-8188-EA75B1F4AFF0}" = NI LabVIEW 2012 Variable Web Service
"{EBBB8461-52A2-11E1-8EBF-005056C00008}" = MSVCRT Redists
"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser
"{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F37CC885-1E37-4F2A-93F3-7F1E1EEBBEBB}" = NI LabVIEW Broker
"{F45CE5E8-4A60-4292-8FD5-1807DFEBE221}" = NI LabWindows/CVI 2010 LabVIEW DLL Builder
"{F5F0BFAE-3F87-40BA-9279-DE7621579CF8}" = NI OPC Support
"{F6ED684F-1852-4772-ACFB-8C563719A6FA}" = NI EulaDepot
"{F85B53F8-5DC5-49BB-90A2-3D6E3B866F5A}" = NI SSL LabVIEW 2012 Support
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FC47C7A5-BE63-11D5-B7C9-005004566E4D}" = ViewSonic Windows 7 Signed Files
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE8974B4-479C-4DBA-8544-9E5342ABB26A}" = Keyboard_Shortcuts
"{FF76FE95-69E8-4C2D-AA81-2A8B22767745}" = NI MDF Support
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
"Application Manager for VAIO" = Application Manager for VAIO
"Autodesk Express Viewer" = Autodesk Express Viewer
"Avira AntiVir Desktop" = Avira Antivirus Premium
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"experience-sony-bundle" = TriDef 3D (Sony) 2.0.5
"Google Chrome" = Google Chrome
"ImageJ_is1" = ImageJ 1.46r
"InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}" = SmartSound Sonicfire Pro 5
"InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Neat" = Neat
"NI Uninstaller" = National Instruments Software
"PDF4Free_is1" = PDF4Free 2.0
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PROPLUS" = Microsoft Office Professional Plus 2007
"QuickBooks 99" = QuickBooks Pro 99
"RealPlayer 17.0" = RealPlayer Cloud
"SeaTools for Windows" = SeaTools for Windows
"ST6UNST #1" = Deco Planner 3
"VAIO Health Report1.0" = VAIO Health Report
"VAIO Satisfaction Survey.3.0" = VAIO Satisfaction Survey.
"V-Planner_divelog_is1" = MultiDeco divelog manager 2.68
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-747785638-1536544367-690633523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1" = ChromecastApp
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/17/2014 2:28:15 AM | Computer Name = Rwolf02 | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17126,
time stamp: 0x53882e30 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x31e66430 Faulting process id:
0xad8 Faulting application start time: 0x01cf89f537cb88aa Faulting application path:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: unknown
Report
Id: 8fa20f95-f5e8-11e3-95ff-30f9ededddb1
[ ESRV_SVC Events ]
Error - 9/8/2013 8:35:52 PM | Computer Name = Rwolf02 | Source = ESRV_SVC | ID = 2
Description =
Error - 9/12/2013 4:31:44 AM | Computer Name = Rwolf02 | Source = ESRV_SVC | ID = 2
Description =
Error - 9/12/2013 4:31:44 AM | Computer Name = Rwolf02 | Source = ESRV_SVC | ID = 2
Description =
Error - 9/30/2013 12:50:52 PM | Computer Name = Rwolf02 | Source = ESRV_SVC | ID = 2
Description =
Error - 12/29/2013 9:25:36 AM | Computer Name = Rwolf02 | Source = ESRV_SVC | ID = 2
Description =
Error - 1/11/2014 12:04:05 PM | Computer Name = Rwolf02 | Source = ESRV_SVC | ID = 2
Description =
Error - 1/11/2014 12:04:05 PM | Computer Name = Rwolf02 | Source = ESRV_SVC | ID = 2
Description =
Error - 1/12/2014 1:14:07 AM | Computer Name = Rwolf02 | Source = ESRV_SVC | ID = 2
Description =
Error - 6/16/2014 8:16:46 PM | Computer Name = Rwolf02 | Source = ESRV_SVC | ID = 2
Description =
Error - 6/16/2014 8:16:46 PM | Computer Name = Rwolf02 | Source = ESRV_SVC | ID = 2
Description =
< End of report >

 

[Broni]

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-747785638-1536544367-690633523-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O15 - HKU\S-1-5-21-747785638-1536544367-690633523-1001\..Trusted Domains: garlic.com ([www] http in Trusted sites)


:Services

:Reg

:Files
C:\FRST

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.

NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.

Last scans...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Click on "Run ESET Online Scanner" button.
• Tick the box next to YES, I accept the Terms of Use
• Click Start
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, click on List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• NOTE. If Eset won't find any threats, it won't produce any log.

 

[Rwolf01]

Thanks. I've followed your instructions and will post the files in a moment.

But, you should know that I spent some time uninstalling old programs & drivers from "Programs & Features". I was uninstalling an HP printer driver when it asked for a reboot to complete the uninstall. It seemed to hang after shutting down and never quite finished. (screen was dark keyboard would light up when touched but otherwise unresponsive.) I gavce it 30 minutes or so and then held the power button down to force a crash. On the reboot it said windows didn't shut down correctly but I let it try a normal boot and that worked. I then ran chkdsk to make sure the filestructure was sound.

After checkdisk completed, I followed your instructions as given. Log files to follow...

Regards,

Ralph

 

[Rwolf01]

OTL custom fix log:


All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_USERS\S-1-5-21-747785638-1536544367-690633523-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-747785638-1536544367-690633523-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\garlic.com\www\ deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File\Folder C:\FRST not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Rwolf02
->Temp folder emptied: 2355558 bytes
->Temporary Internet Files folder emptied: 6765 bytes
->Java cache emptied: 1409718 bytes
->Google Chrome cache emptied: 365232529 bytes
->Flash cache emptied: 58479 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 246577 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 81239629 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 639 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 430.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Rwolf02
->Java cache emptied: 0 bytes

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Rwolf02
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06172014_124549
Files\Folders moved on Reboot...
C:\Users\Rwolf02\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Rwolf02\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\lvtl818571880.rsc moved successfully.
File move failed. C:\Windows\temp\SystemWebServer_32_12.0_SYSTEM_cur.txt scheduled to be moved on reboot.
C:\Windows\temp\{1467080D-C169-436F-9B8E-471BB4175D48} moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...

 

[Rwolf01]

Security Check log:



Results of screen317's Security Check version 0.99.85
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 13.0.0.214 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 35.0.1916.114
Google Chrome 35.0.1916.153
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

 

[Rwolf01]

Farbar Service Scanner log:


Farbar Service Scanner Version: 10-06-2014
Ran by Rwolf01 (administrator) on 17-06-2014 at 13:04:25
Running from "C:\Users\Rwolf02\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============
System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============
Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

 

[Rwolf01]

For ESET Online Scanner I 'moused ahead' before reading the instructions and did not save the log file. It only found one threat and that was in the distribution file for a trial version of WinZip. I let the SW delete that.

If you need me to, I can run it again to generate a full log. But it was kind of time consuming, so I'd rather skip it, if it's not needed.

 

[Broni]

Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

Update Adobe Reader

You can download it from https://www.techspot.com/downloads/2083-adobe-reader-dc.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

=====================================

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download

DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

• Activate UAC (optional; some users prefer to keep it off)
• Remove disinfection tools
• Create registry backup
• Purge System Restore
• Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.

 

[Rwolf01]

I will follow your instructions. As a head's up, the 'mail protection' feature of Aviria seems to be broken after the ;last batch of scans.

Not a big deal, I'll just uninstall and reinstall it, unless you tell me not to....

 

[Broni]

Please reinstall Avira.

 

[Broni]

The issue seems to be resolved.