Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dllhost.exe *32 is killing me slowly...


  • This topic is locked This topic is locked
10 replies to this topic

#1 Bido

Bido

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:01 AM

Posted 09 October 2014 - 02:43 AM

Hi there, I need help removing this dllhost.exe malware/virus that opens several processes that slow down my computer.  Norton360 does nothing and MalwareBytes has not caught it either.  attached are the FRST and Addition scan logs from Farbar Recovery Scan Tool...

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-10-2014
Ran by Bido (administrator) on BIDO-VAIO on 04-10-2014 02:17:54
Running from C:\Users\Bido\Downloads
Loaded Profile: Bido (Available profiles: Bido)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8306208 2009-12-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1825064 2009-11-11] (Synaptics Incorporated)
HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [80384 2009-10-05] (Sony Electronics Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [320880 2009-08-26] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99624 2009-12-04] (Sony Corporation)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [136544 2009-05-19] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-12-11] (Google Inc.)
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [72192 2009-10-15] (Sony Corporation)
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...\Run: [Spotify Web Helper] => C:\Users\Bido\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-18] (Spotify Ltd)
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Bido\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Bido\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
Startup: C:\Users\Bido\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT_enUS365US365
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT_enUS365US365
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn [2014-10-04]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF [2014-07-20]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
CHR StartupUrls: Default -> "https://login.yahoo.com/config/login_verify2?&.src=ym"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Norton Identity Protection) - C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-10-28]
CHR Extension: (Google Wallet) - C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-02]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MSSQL$DDNI; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
S2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
S2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [49152 2011-08-13] () [File not signed]
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions)
S3 SampleCollector; C:\Program Files\Sony\VAIO Care\collsvc.exe [167424 2009-09-17] (Intel Corporation) [File not signed]
S2 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-12-04] (Sony Corporation)
S2 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-12-04] (Sony Corporation)
S4 SQLAgent$DDNI; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-09-14] (Sony Corporation) [File not signed]
S2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642416 2009-09-14] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1223024 2010-06-09] (Sony Corporation)
S2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-09-14] (Sony Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-12] (Symantec Corporation)
S1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-10] (Symantec Corporation)
S1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\IPSDefs\20141002.001\IDSvia64.sys [633560 2014-08-28] (Symantec Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-04] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20141002.025\ENG64.SYS [129752 2014-08-22] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20141002.025\EX64.SYS [2137304 2014-08-22] (Symantec Corporation)
S2 regi; C:\Windows\SysWOW64\drivers\regi.sys [11032 2007-04-17] (InterVideo)
S1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-20] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 TVICHW64; C:\Windows\system32\DRIVERS\TVICHW64.SYS [21200 2011-02-26] (EnTech Taiwan)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-11-12] ()
U2 IAStorDataMgrSvc; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-04 02:17 - 2014-10-04 02:19 - 00021841 _____ () C:\Users\Bido\Downloads\FRST.txt
2014-10-04 02:17 - 2014-10-04 02:17 - 02109440 _____ (Farbar) C:\Users\Bido\Downloads\FRST64.exe
2014-10-04 02:17 - 2014-10-04 02:17 - 00000000 ____D () C:\FRST
2014-10-04 02:06 - 2014-10-04 02:06 - 00003408 ____N () C:\bootsqm.dat
2014-10-04 02:02 - 2014-10-04 02:02 - 00000000 __SHD () C:\found.002
2014-10-03 11:08 - 2014-10-03 11:32 - 00043008 _____ () C:\Users\Bido\Documents\Northern Lights.xls
2014-10-03 02:32 - 2014-10-03 02:32 - 08473440 _____ ( ) C:\Users\Bido\Downloads\DllTool.exe
2014-10-03 02:25 - 2014-10-04 02:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-03 02:25 - 2014-10-03 02:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-03 02:25 - 2014-10-03 02:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-03 02:25 - 2014-10-03 02:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-03 02:25 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-03 02:25 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-03 02:25 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-03 02:24 - 2014-10-03 02:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bido\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-02 02:50 - 2014-10-02 02:50 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-09-27 02:45 - 2014-09-27 02:45 - 00290280 _____ () C:\Windows\Minidump\092714-72914-01.dmp
2014-09-18 03:04 - 2014-08-19 13:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-18 03:04 - 2014-08-19 12:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-18 03:04 - 2014-08-18 18:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-18 03:04 - 2014-08-18 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-18 03:04 - 2014-08-18 17:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-18 03:04 - 2014-08-18 17:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-18 03:04 - 2014-08-18 17:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-18 03:04 - 2014-08-18 17:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-18 03:04 - 2014-08-18 17:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-18 03:04 - 2014-08-18 17:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-18 03:04 - 2014-08-18 17:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-18 03:04 - 2014-08-18 17:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-18 03:04 - 2014-08-18 17:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-18 03:04 - 2014-08-18 17:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-18 03:04 - 2014-08-18 17:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-18 03:04 - 2014-08-18 17:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-18 03:04 - 2014-08-18 17:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-18 03:04 - 2014-08-18 17:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-18 03:04 - 2014-08-18 17:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-18 03:04 - 2014-08-18 16:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-18 03:04 - 2014-08-18 16:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-18 03:04 - 2014-08-18 16:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-18 03:04 - 2014-08-18 16:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-18 03:04 - 2014-08-18 16:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-18 03:04 - 2014-08-18 16:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-18 03:04 - 2014-08-18 16:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-18 03:04 - 2014-08-18 16:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-18 03:04 - 2014-08-18 16:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-18 03:04 - 2014-08-18 16:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-18 03:04 - 2014-08-18 16:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-18 03:04 - 2014-08-18 16:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-18 03:04 - 2014-08-18 16:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-18 03:04 - 2014-08-18 16:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-18 03:04 - 2014-08-18 16:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-18 03:04 - 2014-08-18 16:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-18 03:04 - 2014-08-18 16:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-18 03:04 - 2014-08-18 16:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-18 03:04 - 2014-08-18 16:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-18 03:04 - 2014-08-18 16:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-18 03:04 - 2014-08-18 16:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-18 03:04 - 2014-08-18 16:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-18 03:04 - 2014-08-18 16:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-18 03:04 - 2014-08-18 16:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-18 03:04 - 2014-08-18 16:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-18 03:04 - 2014-08-18 16:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-18 03:04 - 2014-08-18 16:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-18 03:04 - 2014-08-18 16:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-18 03:04 - 2014-08-18 16:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-18 03:04 - 2014-08-18 16:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-18 03:04 - 2014-08-18 15:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-18 03:04 - 2014-08-18 15:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-18 03:04 - 2014-08-18 15:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-18 03:04 - 2014-08-18 15:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-18 03:04 - 2014-08-18 15:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-18 03:03 - 2014-08-18 16:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-18 03:03 - 2014-08-18 16:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-18 02:20 - 2014-07-06 21:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-18 02:20 - 2014-07-06 21:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-18 02:20 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-18 02:20 - 2014-07-06 20:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-18 02:20 - 2014-07-06 20:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-18 02:19 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-18 02:19 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-18 02:19 - 2014-08-22 19:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 14:52 - 2014-09-14 16:28 - 00044544 _____ () C:\Users\Bido\Documents\Galapagos Itinerary.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-04 02:13 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-04 02:13 - 2009-07-13 23:51 - 00050239 _____ () C:\Windows\setupact.log
2014-10-04 02:10 - 2009-12-11 08:42 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-04 01:39 - 2010-01-11 06:29 - 01769756 _____ () C:\Windows\WindowsUpdate.log
2014-10-04 01:38 - 2009-12-11 08:42 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-03 11:08 - 2009-07-13 23:45 - 00014144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-03 11:08 - 2009-07-13 23:45 - 00014144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-03 10:05 - 2011-07-04 04:24 - 00000000 ___RD () C:\Users\Bido\Dropbox
2014-10-03 10:03 - 2011-07-04 04:21 - 00000000 ____D () C:\Users\Bido\AppData\Roaming\Dropbox
2014-10-03 05:00 - 2009-11-19 15:14 - 00517596 _____ () C:\Windows\PFRO.log
2014-10-03 03:11 - 2010-02-05 21:25 - 00000000 ____D () C:\Users\Bido\AppData\Local\CrashDumps
2014-10-03 02:58 - 2009-07-14 00:13 - 00805220 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-02 02:42 - 2014-07-20 14:54 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-10-02 02:42 - 2012-05-10 10:32 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-10-02 02:42 - 2011-02-04 16:16 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-10-02 02:42 - 2011-02-04 16:15 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-09-27 03:25 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-27 02:45 - 2010-04-04 03:08 - 00000000 ____D () C:\Windows\Minidump
2014-09-27 02:44 - 2010-04-04 03:08 - 499891863 _____ () C:\Windows\MEMORY.DMP
2014-09-25 02:23 - 2014-08-16 16:32 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 02:23 - 2009-12-11 08:42 - 00002183 _____ () C:\Users\Public\Desktop\Internet Browser.lnk
2014-09-23 03:08 - 2011-07-04 04:24 - 00001015 _____ () C:\Users\Bido\Desktop\Dropbox.lnk
2014-09-23 03:08 - 2011-07-04 04:21 - 00000000 ____D () C:\Users\Bido\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 03:37 - 2009-07-13 23:45 - 00448400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-18 03:03 - 2009-12-11 08:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-17 01:43 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

Some content of TEMP:
====================
C:\Users\Bido\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3kkfq0.dll
C:\Users\Bido\AppData\Local\Temp\primosdk.DLL
C:\Users\Bido\AppData\Local\Temp\px.dll
C:\Users\Bido\AppData\Local\Temp\pxafs.dll
C:\Users\Bido\AppData\Local\Temp\PxCpyA64.exe
C:\Users\Bido\AppData\Local\Temp\PxCpyI64.exe
C:\Users\Bido\AppData\Local\Temp\pxdrv.dll
C:\Users\Bido\AppData\Local\Temp\pxhpinst.exe
C:\Users\Bido\AppData\Local\Temp\PxInsA64.exe
C:\Users\Bido\AppData\Local\Temp\PxInsI64.exe
C:\Users\Bido\AppData\Local\Temp\pxmas.dll
C:\Users\Bido\AppData\Local\Temp\pxsetup.exe
C:\Users\Bido\AppData\Local\Temp\pxsfs.dll
C:\Users\Bido\AppData\Local\Temp\pxwave.dll
C:\Users\Bido\AppData\Local\Temp\vxblock.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-16 03:34

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-10-2014
Ran by Bido at 2014-10-04 02:19:36
Running from C:\Users\Bido\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 10 Plugin (HKLM-x32\...\{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 2 64-bit (HKLM\...\{9B9162E8-4274-4323-A31B-444ECA641B8A}) (Version: 2 - Adobe)
Adobe Reader 9.5.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.1 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.85 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.193 - ArcSoft)
Audacity 1.3.12 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version:  - )
Canon MP560 series User Registration (HKLM-x32\...\Canon MP560 series User Registration) (Version:  - )
Chinese Simplified Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12334.0 - Cisco Consumer Products LLC)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.109 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Evernote v. 4.5.10 (HKLM-x32\...\{EF7E46B8-1FB7-11E2-B6B3-984BE15F174E}) (Version: 4.5.10.7472 - Evernote Corp.)
FFmpeg for Audacity on Windows (HKLM-x32\...\FFmpeg for Audacity on Windows_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.00.1030 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.7.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java™ 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.350 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.1.2.11260 - Sony Corporation)
Media Gallery (x32 Version: 1.1.2.11260 - Sony Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft Access 2010 (HKLM-x32\...\Office14.AccessR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Image Composite Editor (HKLM\...\{2C304CEF-37C3-424E-9DD7-C56C45658290}) (Version: 1.3.3 - Microsoft Corporation)
Microsoft Office Access 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARDR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Research AutoCollage 2008 version 1.1 (HKLM-x32\...\{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}) (Version: 1.01.2008 - Microsoft Research)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{BA4DA261-CB60-4690-B202-44998DFC6986}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.1 - DDNi)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.0.00.10260 - Sony Corporation)
PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.0.00.09250 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.0.00.09250 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.0.01.11230 - Sony Corporation)
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.0.01.11230 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.0.00.10150 - Sony Corporation)
PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.0.00.10150 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.0.01.12010 - Sony Corporation)
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.0.01.12010 - Sony Corporation) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickBooks Financial Center (HKLM-x32\...\{0F962B79-D0DC-40D9-96BA-ED1355120CBA}) (Version: 1.30.0000 - Intuit Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5964 - Realtek Semiconductor Corp.)
Roxio Central Audio (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Copy (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Core (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Data (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Tools (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio Easy Media Creator Home (x32 Version: 10.3.183 - Roxio) Hidden
Service Pack 1 for SQL Server 2008 (KB968369) (HKLM-x32\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.1.0.11200 - Sony Corporation)
SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.9.4.20091005.2246 - Sony)
Sony Home Network Library (HKLM-x32\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 2.0.1.12040 - Sony Corporation)
Sony Home Network Library (x32 Version: 2.0.1.12040 - Sony Corporation) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
Spotify (HKLM-x32\...\Spotify) (Version: 0.5.2 - )
Sql Server Customer Experience Improvement Program (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.3.0 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.AccessR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARDR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.AccessR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARDR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.AccessR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.STANDARDR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARDR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.STANDARDR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 5.0.3.11130 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}) (Version: 3.6.0.09250 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.6.0.09250 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Network Service Manager (HKLM-x32\...\{4427F384-B5BE-4769-B7D0-C784FC321EB1}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Content Metadata Manager Settings (HKLM-x32\...\{12D0BE8D-538C-4AB1-86DE-C540308F50DA}) (Version: 3.6.0.09240 - Sony Corporation)
VAIO Content Metadata Manager Settings (x32 Version: 3.6.0.09240 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata XML Interface Library (x32 Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Content Monitoring Settings (HKLM-x32\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.4.1.09180 - Sony Corporation)
VAIO Content Monitoring Settings (x32 Version: 2.4.1.09180 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.1.1.07160 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.2.0.09150 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.2.0.09150 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.0.00.09240 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.6.0.09150 - Sony Corporation)
VAIO Entertainment Platform (x32 Version: 3.6.0.09150 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.1.0.11300 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 3.9.1 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{DB1C9CB7-DF65-4991-BD17-71BF9CD15BA0}) (Version: 10.00.1029 - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.0.1.12040 - Sony Corporation)
VAIO Media plus Opening Movie (HKLM-x32\...\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}) (Version: 2.0.0.07030 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.0.00.09240 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.0.00.09240 - Sony Corporation) Hidden
VAIO OOBE and Startup Assistant (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 2.00.1110 - Sony Corporation)
VAIO Original Function Settings (HKLM-x32\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 2.0.0.07010 - Sony Corporation)
VAIO Original Function Settings (x32 Version: 2.0.0.07010 - Sony Corporation) Hidden
VAIO Personalization Manager (HKLM-x32\...\{A95187EF-BCF4-4468-B501-C0BAB976ADD1}) (Version: 2.0.0.06220 - Sony Corporation)
VAIO Personalization Manager (x32 Version: 2.0.0.06220 - Sony Corporation) Hidden
VAIO Power Management (HKLM-x32\...\{803E4FA5-A940-4420-B89D-A8BC2E160247}) (Version: 5.0.0.11300 - Sony Corporation)
VAIO Survey (HKLM-x32\...\{34B37A74-125E-4406-87BA-E4BD3D097AE5}) (Version: 6.00.1028 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.1.0.10200 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.1.1.06090 - Sony Corporation)
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405) (HKLM\...\930E4792BDAEAFB62A9514EE7578775658A5D07C) (Version: 09/09/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wondershare Dr.Fone for iOS(Build 3.5.1.2) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 3.5.1.2 - Wondershare Software Co.,Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

27-08-2014 07:04:00 Windows Update
18-09-2014 08:00:24 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {29C834B7-53A5-40B7-870E-CED4BC184040} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Bido => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2009-06-09] (Sony Corporation)
Task: {2D10B090-A0FF-4850-86FD-820EC813B6F8} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {32945159-A944-4FBA-9B30-A05394528AC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11] (Google Inc.)
Task: {35780F37-DF31-494A-9580-75309E4A9016} - System32\Tasks\SONY\VAIO Update\Launch Application => C:\Program Files\Sony\VAIO Update 5\ShellExeProxy.exe [2010-06-09] (Sony Corporation)
Task: {412EEE9A-0F43-4860-B740-D818624FB726} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4EC245A3-7936-409C-892B-4395AE5FEB59} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2009-10-26] ()
Task: {55C79D63-7D31-478C-9EA9-151339F727C6} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {77D3A7E7-9966-405A-A700-DD83833A2F74} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-11] (Sun Microsystems, Inc.)
Task: {7C31F998-A128-45EA-A187-D174C7C0943A} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2009-11-20] (Sony Corporation)
Task: {81CF57B3-51EE-4459-B18A-EF66C447DDF1} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {88ACA4B4-C638-4347-9EFC-47BC2455128D} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2009-11-20] (Sony Corporation)
Task: {970F1949-68B7-4294-AB25-58DDB979533E} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {97729FE7-0E8D-4E33-AE5C-EEE267B8AFD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11] (Google Inc.)
Task: {AF55AD05-A7FE-4A45-B728-6672EA6788B1} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2009-10-19] (Sony Corporation)
Task: {BCDFE9B8-5840-402A-94D2-70E50D915E12} - System32\Tasks\SONY\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2010-06-09] (Sony Corporation)
Task: {BFE42E75-5D2B-4B7F-89BA-3B6CC5682306} - System32\Tasks\Sony\OOBEReminder => C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe [2009-11-05] (Sony Electronics, Inc.)
Task: {CB9CC525-5275-4A68-AD0F-7F726AE48D69} - System32\Tasks\VAIO Care Service => C:\Program Files\Sony\VAIO Care\VAIOCareService.exe [2009-10-21] (Sony Corporation)
Task: {DEDD2667-E659-4D93-B6C8-E5FFACEFEDCF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {F0321795-FC71-4EE2-841C-1887CE1EBAC9} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {F3814875-794D-4CD4-B1D8-7853419D4447} - System32\Tasks\Sony\OOBESendInfo => C:\Program Files\Sony\First Experience\OOBESendInfo.exe [2009-11-05] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3377907549-50208328-2977345109-500 - Administrator - Disabled)
Bido (S-1-5-21-3377907549-50208328-2977345109-1005 - Administrator - Enabled) => C:\Users\Bido
Guest (S-1-5-21-3377907549-50208328-2977345109-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3377907549-50208328-2977345109-1006 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/04/2014 02:09:24 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (10/04/2014 02:09:24 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000)

Error: (10/03/2014 05:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10873

Error: (10/03/2014 05:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10873

Error: (10/03/2014 05:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/03/2014 05:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9781

Error: (10/03/2014 05:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9781

Error: (10/03/2014 05:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/03/2014 05:34:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8658

Error: (10/03/2014 05:34:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8658

System errors:
=============
Error: (10/04/2014 02:17:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/04/2014 02:17:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/04/2014 02:17:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/04/2014 02:17:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/04/2014 02:17:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/04/2014 02:17:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/04/2014 02:17:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/04/2014 02:17:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/04/2014 02:17:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/04/2014 02:17:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (10/04/2014 02:09:24 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (10/04/2014 02:09:24 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {48512A59-C8A5-4805-9048-23C9E4194BFA}0x80042000

Error: (10/03/2014 05:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10873

Error: (10/03/2014 05:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10873

Error: (10/03/2014 05:34:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/03/2014 05:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9781

Error: (10/03/2014 05:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9781

Error: (10/03/2014 05:34:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/03/2014 05:34:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8658

Error: (10/03/2014 05:34:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8658

==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 20%
Total physical RAM: 4014.09 MB
Available physical RAM: 3192.91 MB
Total Pagefile: 8026.36 MB
Available Pagefile: 7258.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:456.99 GB) (Free:351.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 766A3184)
Partition 1: (Not Active) - (Size=8.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:01 AM

Posted 09 October 2014 - 05:02 AM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

Please download the following file => and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

 

Regards,

Georgi


cXfZ4wS.png


#3 Bido

Bido
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:01 AM

Posted 10 October 2014 - 03:24 AM

Hi there Georgi!

 

Thanks for your response!  but I have to be honest with you about something... I'd already downloaded, ran, and uninstalled iobit before you'd responded.  please lemme know if I should still run your fixlist or if I need a new one.  I reran FRST for you (without your fix) just in case...

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-10-2014 01
Ran by Bido (administrator) on BIDO-VAIO on 10-10-2014 02:20:39
Running from C:\Users\Bido\Desktop
Loaded Profile: Bido (Available profiles: Bido)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
() C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Spotify Ltd) C:\Users\Bido\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Dropbox, Inc.) C:\Users\Bido\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8306208 2009-12-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1825064 2009-11-11] (Synaptics Incorporated)
HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [80384 2009-10-05] (Sony Electronics Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [320880 2009-08-26] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99624 2009-12-04] (Sony Corporation)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [136544 2009-05-19] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-12-11] (Google Inc.)
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [72192 2009-10-15] (Sony Corporation)
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...\Run: [Spotify Web Helper] => C:\Users\Bido\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-18] (Spotify Ltd)
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Bido\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Bido\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
Startup: C:\Users\Bido\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT_enUS365US365
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT_enUS365US365
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn [2014-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF [2014-07-20]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Norton Identity Safe) - C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-10-09]
CHR Extension: (Norton Security Toolbar) - C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-10-28]
CHR Extension: (Google Wallet) - C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-02]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MSSQL$DDNI; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [49152 2011-08-13] () [File not signed]
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions)
S3 SampleCollector; C:\Program Files\Sony\VAIO Care\collsvc.exe [167424 2009-09-17] (Intel Corporation) [File not signed]
R2 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-12-04] (Sony Corporation)
R2 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-12-04] (Sony Corporation)
S4 SQLAgent$DDNI; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-09-14] (Sony Corporation) [File not signed]
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642416 2009-09-14] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1223024 2010-06-09] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-09-14] (Sony Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\BASHDefs\20141003.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-10] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\IPSDefs\20141007.001\IDSvia64.sys [633560 2014-08-28] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20141007.016\ENG64.SYS [129752 2014-08-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20141007.016\EX64.SYS [2137304 2014-08-22] (Symantec Corporation)
R2 regi; C:\Windows\SysWOW64\drivers\regi.sys [11032 2007-04-17] (InterVideo)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 TVICHW64; C:\Windows\system32\DRIVERS\TVICHW64.SYS [21200 2011-02-26] (EnTech Taiwan)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-11-12] ()
U2 IAStorDataMgrSvc; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 02:20 - 2014-10-10 02:23 - 00028051 _____ () C:\Users\Bido\Desktop\FRST.txt
2014-10-10 02:20 - 2014-10-10 02:20 - 00000000 ____D () C:\Users\Bido\Desktop\FRST-OlderVersion
2014-10-06 16:51 - 2014-10-06 16:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-10-06 16:42 - 2014-10-06 16:42 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-10-06 15:21 - 2014-10-06 15:21 - 00000000 ____D () C:\Users\Bido\AppData\Roaming\ProductData
2014-10-06 15:16 - 2014-10-09 03:25 - 00000336 _____ () C:\Windows\setupact.log
2014-10-06 15:16 - 2014-10-09 02:10 - 00001864 _____ () C:\Windows\PFRO.log
2014-10-06 15:16 - 2014-10-06 15:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-05 12:23 - 2014-10-06 16:41 - 00000276 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job
2014-10-05 12:23 - 2014-10-05 12:23 - 00001228 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-10-05 12:23 - 2014-10-05 12:23 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-05 12:23 - 2014-10-05 12:23 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-10-05 12:21 - 2014-10-05 12:23 - 00000000 ____D () C:\Users\Bido\AppData\Roaming\IObit
2014-10-05 12:20 - 2014-10-06 16:43 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-05 12:20 - 2014-10-06 16:41 - 00000000 ____D () C:\ProgramData\IObit
2014-10-05 12:20 - 2014-10-05 12:20 - 01025312 _____ (IObit) C:\Users\Bido\Downloads\AdvancedSystemCare-Installer.exe
2014-10-04 02:19 - 2014-10-04 02:19 - 00047701 _____ () C:\Users\Bido\Downloads\Addition.txt
2014-10-04 02:17 - 2014-10-10 02:20 - 02109952 _____ (Farbar) C:\Users\Bido\Desktop\FRST64.exe
2014-10-04 02:17 - 2014-10-10 02:20 - 00000000 ____D () C:\FRST
2014-10-04 02:17 - 2014-10-04 02:19 - 00035547 _____ () C:\Users\Bido\Downloads\FRST.txt
2014-10-04 02:06 - 2014-10-04 02:06 - 00003408 ____N () C:\bootsqm.dat
2014-10-04 02:02 - 2014-10-04 02:02 - 00000000 __SHD () C:\found.002
2014-10-03 11:08 - 2014-10-03 11:32 - 00043008 _____ () C:\Users\Bido\Documents\Northern Lights.xls
2014-10-03 02:32 - 2014-10-03 02:32 - 08473440 _____ ( ) C:\Users\Bido\Downloads\DllTool.exe
2014-10-03 02:25 - 2014-10-10 02:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-03 02:25 - 2014-10-03 02:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-03 02:25 - 2014-10-03 02:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-03 02:25 - 2014-10-03 02:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-03 02:25 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-03 02:25 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-03 02:25 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-03 02:24 - 2014-10-03 02:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bido\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-02 02:50 - 2014-10-02 02:50 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-09-18 03:04 - 2014-08-19 13:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-18 03:04 - 2014-08-19 12:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-18 03:04 - 2014-08-18 18:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-18 03:04 - 2014-08-18 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-18 03:04 - 2014-08-18 17:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-18 03:04 - 2014-08-18 17:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-18 03:04 - 2014-08-18 17:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-18 03:04 - 2014-08-18 17:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-18 03:04 - 2014-08-18 17:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-18 03:04 - 2014-08-18 17:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-18 03:04 - 2014-08-18 17:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-18 03:04 - 2014-08-18 17:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-18 03:04 - 2014-08-18 17:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-18 03:04 - 2014-08-18 17:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-18 03:04 - 2014-08-18 17:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-18 03:04 - 2014-08-18 17:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-18 03:04 - 2014-08-18 17:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-18 03:04 - 2014-08-18 17:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-18 03:04 - 2014-08-18 17:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-18 03:04 - 2014-08-18 16:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-18 03:04 - 2014-08-18 16:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-18 03:04 - 2014-08-18 16:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-18 03:04 - 2014-08-18 16:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-18 03:04 - 2014-08-18 16:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-18 03:04 - 2014-08-18 16:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-18 03:04 - 2014-08-18 16:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-18 03:04 - 2014-08-18 16:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-18 03:04 - 2014-08-18 16:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-18 03:04 - 2014-08-18 16:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-18 03:04 - 2014-08-18 16:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-18 03:04 - 2014-08-18 16:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-18 03:04 - 2014-08-18 16:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-18 03:04 - 2014-08-18 16:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-18 03:04 - 2014-08-18 16:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-18 03:04 - 2014-08-18 16:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-18 03:04 - 2014-08-18 16:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-18 03:04 - 2014-08-18 16:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-18 03:04 - 2014-08-18 16:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-18 03:04 - 2014-08-18 16:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-18 03:04 - 2014-08-18 16:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-18 03:04 - 2014-08-18 16:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-18 03:04 - 2014-08-18 16:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-18 03:04 - 2014-08-18 16:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-18 03:04 - 2014-08-18 16:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-18 03:04 - 2014-08-18 16:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-18 03:04 - 2014-08-18 16:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-18 03:04 - 2014-08-18 16:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-18 03:04 - 2014-08-18 16:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-18 03:04 - 2014-08-18 16:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-18 03:04 - 2014-08-18 15:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-18 03:04 - 2014-08-18 15:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-18 03:04 - 2014-08-18 15:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-18 03:04 - 2014-08-18 15:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-18 03:04 - 2014-08-18 15:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-18 03:03 - 2014-08-18 16:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-18 03:03 - 2014-08-18 16:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-18 02:20 - 2014-07-06 21:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-18 02:20 - 2014-07-06 21:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-18 02:20 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-18 02:20 - 2014-07-06 20:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-18 02:20 - 2014-07-06 20:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-18 02:19 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-18 02:19 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-18 02:19 - 2014-08-22 19:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 14:52 - 2014-09-14 16:28 - 00044544 _____ () C:\Users\Bido\Documents\Galapagos Itinerary.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 02:20 - 2010-01-11 06:29 - 01915537 _____ () C:\Windows\WindowsUpdate.log
2014-10-10 02:19 - 2009-07-13 23:45 - 00014144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-10 02:19 - 2009-07-13 23:45 - 00014144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-10 02:18 - 2009-12-11 08:42 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-10 02:18 - 2009-12-11 08:42 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-09 03:28 - 2011-07-04 04:24 - 00000000 ___RD () C:\Users\Bido\Dropbox
2014-10-09 03:28 - 2011-07-04 04:21 - 00000000 ____D () C:\Users\Bido\AppData\Roaming\Dropbox
2014-10-09 03:25 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-06 19:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\schemas
2014-10-06 15:37 - 2010-02-05 21:25 - 00000000 ____D () C:\Users\Bido\AppData\Local\CrashDumps
2014-10-05 13:48 - 2009-11-19 14:47 - 00000000 ____D () C:\Windows\Panther
2014-10-05 13:47 - 2010-04-04 03:08 - 00000000 ____D () C:\Windows\Minidump
2014-10-05 12:23 - 2010-07-09 22:52 - 00000000 ____D () C:\Users\Bido\AppData\Roaming\Apple Computer
2014-10-03 02:58 - 2009-07-14 00:13 - 00805220 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-02 02:42 - 2014-07-20 14:54 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-10-02 02:42 - 2012-05-10 10:32 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-10-02 02:42 - 2011-02-04 16:16 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-10-02 02:42 - 2011-02-04 16:15 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-09-27 03:25 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-25 02:23 - 2014-08-16 16:32 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 02:23 - 2009-12-11 08:42 - 00002183 _____ () C:\Users\Public\Desktop\Internet Browser.lnk
2014-09-23 03:08 - 2011-07-04 04:24 - 00001015 _____ () C:\Users\Bido\Desktop\Dropbox.lnk
2014-09-23 03:08 - 2011-07-04 04:21 - 00000000 ____D () C:\Users\Bido\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 03:37 - 2009-07-13 23:45 - 00448400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-18 03:03 - 2009-12-11 08:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-17 01:43 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

Some content of TEMP:
====================
C:\Users\Bido\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmc93u_.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-16 03:34

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2014 01
Ran by Bido at 2014-10-10 02:25:47
Running from C:\Users\Bido\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 10 Plugin (HKLM-x32\...\{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 2 64-bit (HKLM\...\{9B9162E8-4274-4323-A31B-444ECA641B8A}) (Version: 2 - Adobe)
Adobe Reader 9.5.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.1 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.85 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.193 - ArcSoft)
Audacity 1.3.12 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version:  - )
Canon MP560 series User Registration (HKLM-x32\...\Canon MP560 series User Registration) (Version:  - )
Chinese Simplified Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12334.0 - Cisco Consumer Products LLC)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.109 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Evernote v. 4.5.10 (HKLM-x32\...\{EF7E46B8-1FB7-11E2-B6B3-984BE15F174E}) (Version: 4.5.10.7472 - Evernote Corp.)
FFmpeg for Audacity on Windows (HKLM-x32\...\FFmpeg for Audacity on Windows_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.00.1030 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.7.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java™ 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.350 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.1.2.11260 - Sony Corporation)
Media Gallery (x32 Version: 1.1.2.11260 - Sony Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft Access 2010 (HKLM-x32\...\Office14.AccessR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Image Composite Editor (HKLM\...\{2C304CEF-37C3-424E-9DD7-C56C45658290}) (Version: 1.3.3 - Microsoft Corporation)
Microsoft Office Access 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARDR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Research AutoCollage 2008 version 1.1 (HKLM-x32\...\{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}) (Version: 1.01.2008 - Microsoft Research)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{BA4DA261-CB60-4690-B202-44998DFC6986}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.1 - DDNi)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.0.00.10260 - Sony Corporation)
PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.0.00.09250 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.0.00.09250 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.0.01.11230 - Sony Corporation)
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.0.01.11230 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.0.00.10150 - Sony Corporation)
PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.0.00.10150 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.0.01.12010 - Sony Corporation)
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.0.01.12010 - Sony Corporation) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickBooks Financial Center (HKLM-x32\...\{0F962B79-D0DC-40D9-96BA-ED1355120CBA}) (Version: 1.30.0000 - Intuit Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5964 - Realtek Semiconductor Corp.)
Roxio Central Audio (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Copy (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Core (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Data (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Tools (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio Easy Media Creator Home (x32 Version: 10.3.183 - Roxio) Hidden
Service Pack 1 for SQL Server 2008 (KB968369) (HKLM-x32\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.1.0.11200 - Sony Corporation)
SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.9.4.20091005.2246 - Sony)
Sony Home Network Library (HKLM-x32\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 2.0.1.12040 - Sony Corporation)
Sony Home Network Library (x32 Version: 2.0.1.12040 - Sony Corporation) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
Spotify (HKLM-x32\...\Spotify) (Version: 0.5.2 - )
Sql Server Customer Experience Improvement Program (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.3.0 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.AccessR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARDR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.AccessR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARDR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.AccessR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.STANDARDR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARDR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.STANDARDR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 5.0.3.11130 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}) (Version: 3.6.0.09250 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.6.0.09250 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Network Service Manager (HKLM-x32\...\{4427F384-B5BE-4769-B7D0-C784FC321EB1}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Content Metadata Manager Settings (HKLM-x32\...\{12D0BE8D-538C-4AB1-86DE-C540308F50DA}) (Version: 3.6.0.09240 - Sony Corporation)
VAIO Content Metadata Manager Settings (x32 Version: 3.6.0.09240 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata XML Interface Library (x32 Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Content Monitoring Settings (HKLM-x32\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.4.1.09180 - Sony Corporation)
VAIO Content Monitoring Settings (x32 Version: 2.4.1.09180 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.1.1.07160 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.2.0.09150 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.2.0.09150 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.0.00.09240 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.6.0.09150 - Sony Corporation)
VAIO Entertainment Platform (x32 Version: 3.6.0.09150 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.1.0.11300 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 3.9.1 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{DB1C9CB7-DF65-4991-BD17-71BF9CD15BA0}) (Version: 10.00.1029 - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.0.1.12040 - Sony Corporation)
VAIO Media plus Opening Movie (HKLM-x32\...\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}) (Version: 2.0.0.07030 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.0.00.09240 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.0.00.09240 - Sony Corporation) Hidden
VAIO OOBE and Startup Assistant (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 2.00.1110 - Sony Corporation)
VAIO Original Function Settings (HKLM-x32\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 2.0.0.07010 - Sony Corporation)
VAIO Original Function Settings (x32 Version: 2.0.0.07010 - Sony Corporation) Hidden
VAIO Personalization Manager (HKLM-x32\...\{A95187EF-BCF4-4468-B501-C0BAB976ADD1}) (Version: 2.0.0.06220 - Sony Corporation)
VAIO Personalization Manager (x32 Version: 2.0.0.06220 - Sony Corporation) Hidden
VAIO Power Management (HKLM-x32\...\{803E4FA5-A940-4420-B89D-A8BC2E160247}) (Version: 5.0.0.11300 - Sony Corporation)
VAIO Survey (HKLM-x32\...\{34B37A74-125E-4406-87BA-E4BD3D097AE5}) (Version: 6.00.1028 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.1.0.10200 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.1.1.06090 - Sony Corporation)
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405) (HKLM\...\930E4792BDAEAFB62A9514EE7578775658A5D07C) (Version: 09/09/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wondershare Dr.Fone for iOS(Build 3.5.1.2) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 3.5.1.2 - Wondershare Software Co.,Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {29C834B7-53A5-40B7-870E-CED4BC184040} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Bido => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2009-06-09] (Sony Corporation)
Task: {2D10B090-A0FF-4850-86FD-820EC813B6F8} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {32945159-A944-4FBA-9B30-A05394528AC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11] (Google Inc.)
Task: {35780F37-DF31-494A-9580-75309E4A9016} - System32\Tasks\SONY\VAIO Update\Launch Application => C:\Program Files\Sony\VAIO Update 5\ShellExeProxy.exe [2010-06-09] (Sony Corporation)
Task: {412EEE9A-0F43-4860-B740-D818624FB726} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4EC245A3-7936-409C-892B-4395AE5FEB59} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2009-10-26] ()
Task: {55C79D63-7D31-478C-9EA9-151339F727C6} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {77D3A7E7-9966-405A-A700-DD83833A2F74} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-11] (Sun Microsystems, Inc.)
Task: {7C31F998-A128-45EA-A187-D174C7C0943A} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2009-11-20] (Sony Corporation)
Task: {81CF57B3-51EE-4459-B18A-EF66C447DDF1} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {88ACA4B4-C638-4347-9EFC-47BC2455128D} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2009-11-20] (Sony Corporation)
Task: {970F1949-68B7-4294-AB25-58DDB979533E} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {97729FE7-0E8D-4E33-AE5C-EEE267B8AFD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11] (Google Inc.)
Task: {AF55AD05-A7FE-4A45-B728-6672EA6788B1} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2009-10-19] (Sony Corporation)
Task: {BCDFE9B8-5840-402A-94D2-70E50D915E12} - System32\Tasks\SONY\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2010-06-09] (Sony Corporation)
Task: {BFE42E75-5D2B-4B7F-89BA-3B6CC5682306} - System32\Tasks\Sony\OOBEReminder => C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe [2009-11-05] (Sony Electronics, Inc.)
Task: {CB9CC525-5275-4A68-AD0F-7F726AE48D69} - System32\Tasks\VAIO Care Service => C:\Program Files\Sony\VAIO Care\VAIOCareService.exe [2009-10-21] (Sony Corporation)
Task: {DEDD2667-E659-4D93-B6C8-E5FFACEFEDCF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {F0321795-FC71-4EE2-841C-1887CE1EBAC9} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {F3814875-794D-4CD4-B1D8-7853419D4447} - System32\Tasks\Sony\OOBESendInfo => C:\Program Files\Sony\First Experience\OOBESendInfo.exe [2009-11-05] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) =============

2011-08-13 20:14 - 2011-08-13 20:14 - 00049152 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
2009-12-11 09:49 - 2010-06-09 13:00 - 00055808 _____ () C:\Program Files\Sony\VAIO Update 5\VUAgentPS64.dll
2009-12-11 09:36 - 2009-09-30 02:50 - 00238080 _____ () C:\Program Files\Sony\VAIO Care\ManagedVAIORecovery.dll
2009-12-11 09:36 - 2009-09-30 02:50 - 00075264 _____ () C:\Program Files\Sony\VAIO Care\VAIORecovery.dll
2009-12-11 09:36 - 2009-09-30 02:50 - 00069632 _____ () C:\Program Files\Sony\VAIO Care\Logging.dll
2009-12-11 09:36 - 2009-09-30 02:50 - 00028672 _____ () C:\Program Files\Sony\VAIO Care\VAIOCommon.dll
2009-12-11 09:36 - 2009-09-30 02:50 - 00206336 _____ () C:\Program Files\Sony\VAIO Care\OsServices.dll
2009-12-11 09:36 - 2009-09-30 02:50 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\PluginFactory.dll
2009-12-11 09:36 - 2009-09-30 02:50 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\XMLTools.dll
2009-12-11 09:36 - 2009-09-30 02:50 - 00059392 _____ () C:\Program Files\Sony\VAIO Care\VAIOInstallAppsDrivers.dll
2009-12-11 09:36 - 2009-09-30 02:50 - 00156160 _____ () C:\Program Files\Sony\VAIO Care\InstallDB.dll
2009-12-11 09:36 - 2009-09-30 02:50 - 00137216 _____ () C:\Program Files\Sony\VAIO Care\InstallationTools.dll
2009-12-11 09:36 - 2009-09-30 02:50 - 00024576 _____ () C:\Program Files\Sony\VAIO Care\VAIOUtility.dll
2009-12-11 09:01 - 2009-10-05 16:57 - 00016384 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
2009-12-11 09:01 - 2009-10-05 16:42 - 00017920 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
2009-12-11 09:01 - 2009-10-05 16:42 - 00033792 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
2009-12-11 09:01 - 2009-10-05 16:42 - 00161080 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-13 20:14 - 2011-08-13 20:14 - 00050176 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\DdniCore.dll
2011-08-13 20:14 - 2011-08-13 20:14 - 00034304 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\AspUpdate.dll
2009-12-11 09:44 - 2009-12-04 17:26 - 00376832 _____ () C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\sqlite3.dll
2009-12-11 09:44 - 2009-11-30 22:20 - 00010752 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2009-12-11 09:44 - 2009-11-30 22:20 - 00009728 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2009-12-11 09:47 - 2009-06-09 22:52 - 00495616 _____ () C:\Program Files\Sony\VAIO Personalization Manager\sqlite3.dll
2014-10-09 03:28 - 2014-10-09 03:28 - 00043008 _____ () c:\users\bido\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmc93u_.dll
2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\Bido\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-08 14:16 - 2012-09-08 14:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-09-08 14:16 - 2012-09-08 14:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00121856 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00007680 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00009728 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00018944 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00023040 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00027648 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00006656 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00004608 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SystemPowerDLL.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00107008 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3377907549-50208328-2977345109-500 - Administrator - Disabled)
Bido (S-1-5-21-3377907549-50208328-2977345109-1005 - Administrator - Enabled) => C:\Users\Bido
Guest (S-1-5-21-3377907549-50208328-2977345109-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3377907549-50208328-2977345109-1006 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/09/2014 03:26:44 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (10/09/2014 03:26:44 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000)

Error: (10/09/2014 03:23:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17280, time stamp: 0x4a5bc6b7
Faulting module name: MSHTML.dll, version: 11.0.9600.17280, time stamp: 0x53f27d67
Exception code: 0xc0000005
Fault offset: 0x001032c5
Faulting process id: 0x1a68
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (10/09/2014 02:59:24 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8007000e)

Error: (10/09/2014 02:58:59 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8007000e)

Error: (10/09/2014 02:49:42 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (10/09/2014 02:49:42 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000)

Error: (10/09/2014 02:11:19 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (10/09/2014 02:11:18 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000)

Error: (10/08/2014 03:34:32 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {bb571ef1-6ad6-42d0-95a0-5627734d4c55}

System errors:
=============
Error: (10/10/2014 02:18:37 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/09/2014 03:27:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/09/2014 03:26:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (10/09/2014 03:25:42 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:23:42 AM on ‎10/‎9/‎2014 was unexpected.

Error: (10/09/2014 02:52:56 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/09/2014 02:52:21 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/09/2014 02:49:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (10/09/2014 02:47:47 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (10/09/2014 02:47:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/09/2014 02:47:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (10/09/2014 03:26:44 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (10/09/2014 03:26:44 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {48512A59-C8A5-4805-9048-23C9E4194BFA}0x80042000

Error: (10/09/2014 03:23:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.172804a5bc6b7MSHTML.dll11.0.9600.1728053f27d67c0000005001032c51a6801cfe398f510e603C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll7a53fe2b-4f8d-11e4-9f95-2c8158c8e70c

Error: (10/09/2014 02:59:24 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8007000e

Error: (10/09/2014 02:58:59 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8007000e

Error: (10/09/2014 02:49:42 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (10/09/2014 02:49:42 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {48512A59-C8A5-4805-9048-23C9E4194BFA}0x80042000

Error: (10/09/2014 02:11:19 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (10/09/2014 02:11:18 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {48512A59-C8A5-4805-9048-23C9E4194BFA}0x80042000

Error: (10/08/2014 03:34:32 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {bb571ef1-6ad6-42d0-95a0-5627734d4c55}

==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 80%
Total physical RAM: 4014.09 MB
Available physical RAM: 794 MB
Total Pagefile: 8026.36 MB
Available Pagefile: 3372.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:456.99 GB) (Free:344.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 766A3184)
Partition 1: (Not Active) - (Size=8.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

sorry for the delayed response, I can only get to my computer once every 24 hours... :/

 

Thanks!

Bido



#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:01 AM

Posted 10 October 2014 - 07:35 AM

Hi Bido,

 

Thank you for the update! Please run the fix above and then please re-run FRST (make sure that Addition.txt is ticked before your press the Scan button) and then post both files in your next reply.

Also let me know if the problem still persists...

 

 

Regards,

Georgi


cXfZ4wS.png


#5 Bido

Bido
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:01 AM

Posted 11 October 2014 - 02:13 AM

Hey there Georgi!

 

I ran your fix and things seem to be running Much smoother... thanks!

see below for the FRST output files after the fix...

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-10-2014 01
Ran by Bido (administrator) on BIDO-VAIO on 11-10-2014 01:54:03
Running from C:\Users\Bido\Desktop
Loaded Profile: Bido (Available profiles: Bido)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Spotify Ltd) C:\Users\Bido\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
() C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
() C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Sony Electronics, Inc.) C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe
() C:\Program Files\Sony\First Experience\OOBESendInfo.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8306208 2009-12-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1825064 2009-11-11] (Synaptics Incorporated)
HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [80384 2009-10-05] (Sony Electronics Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [320880 2009-08-26] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99624 2009-12-04] (Sony Corporation)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [136544 2009-05-19] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-12-11] (Google Inc.)
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [72192 2009-10-15] (Sony Corporation)
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...\Run: [Spotify Web Helper] => C:\Users\Bido\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-18] (Spotify Ltd)
HKU\S-1-5-21-3377907549-50208328-2977345109-1005\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Bido\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Bido\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
Startup: C:\Users\Bido\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT_enUS365US365
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT_enUS365US365
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn [2014-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF [2014-07-20]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Norton Identity Safe) - C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-10-09]
CHR Extension: (Norton Security Toolbar) - C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-10-28]
CHR Extension: (Google Wallet) - C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-02]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MSSQL$DDNI; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
S2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [49152 2011-08-13] () [File not signed]
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions)
S3 SampleCollector; C:\Program Files\Sony\VAIO Care\collsvc.exe [167424 2009-09-17] (Intel Corporation) [File not signed]
R2 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-12-04] (Sony Corporation)
R2 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-12-04] (Sony Corporation)
S4 SQLAgent$DDNI; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-09-14] (Sony Corporation) [File not signed]
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642416 2009-09-14] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1223024 2010-06-09] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-09-14] (Sony Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\BASHDefs\20141003.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-10] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\IPSDefs\20141009.002\IDSvia64.sys [633560 2014-08-28] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20141009.001\ENG64.SYS [129752 2014-08-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20141009.001\EX64.SYS [2137304 2014-08-22] (Symantec Corporation)
R2 regi; C:\Windows\SysWOW64\drivers\regi.sys [11032 2007-04-17] (InterVideo)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 TVICHW64; C:\Windows\system32\DRIVERS\TVICHW64.SYS [21200 2011-02-26] (EnTech Taiwan)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-11-12] ()
U2 IAStorDataMgrSvc; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 03:04 - 2014-10-10 03:04 - 00000000 _____ () C:\Users\Bido\AppData\Local\{05089A80-B49D-4810-A7FA-2808A580AAEC}
2014-10-10 02:37 - 2014-10-10 02:37 - 01176168 ____T () C:\Windows\SysWOW64\00013585.tmp
2014-10-10 02:20 - 2014-10-10 02:20 - 00000000 ____D () C:\Users\Bido\Desktop\FRST-OlderVersion
2014-10-06 16:51 - 2014-10-06 16:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-10-06 16:42 - 2014-10-06 16:42 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-10-06 15:21 - 2014-10-06 15:21 - 00000000 ____D () C:\Users\Bido\AppData\Roaming\ProductData
2014-10-06 15:16 - 2014-10-10 11:49 - 00000504 _____ () C:\Windows\setupact.log
2014-10-06 15:16 - 2014-10-10 03:00 - 00002308 _____ () C:\Windows\PFRO.log
2014-10-06 15:16 - 2014-10-06 15:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-05 12:23 - 2014-10-06 16:41 - 00000276 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job
2014-10-05 12:23 - 2014-10-05 12:23 - 00001228 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-10-05 12:23 - 2014-10-05 12:23 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-05 12:23 - 2014-10-05 12:23 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-10-05 12:21 - 2014-10-05 12:23 - 00000000 ____D () C:\Users\Bido\AppData\Roaming\IObit
2014-10-05 12:20 - 2014-10-06 16:43 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-05 12:20 - 2014-10-06 16:41 - 00000000 ____D () C:\ProgramData\IObit
2014-10-05 12:20 - 2014-10-05 12:20 - 01025312 _____ (IObit) C:\Users\Bido\Downloads\AdvancedSystemCare-Installer.exe
2014-10-04 02:19 - 2014-10-04 02:19 - 00047701 _____ () C:\Users\Bido\Desktop\Addition.txt
2014-10-04 02:17 - 2014-10-11 01:55 - 00026837 _____ () C:\Users\Bido\Desktop\FRST.txt
2014-10-04 02:17 - 2014-10-11 01:54 - 00000000 ____D () C:\FRST
2014-10-04 02:17 - 2014-10-10 02:20 - 02109952 _____ (Farbar) C:\Users\Bido\Desktop\FRST64.exe
2014-10-04 02:02 - 2014-10-04 02:02 - 00000000 __SHD () C:\found.002
2014-10-03 11:08 - 2014-10-03 11:32 - 00043008 _____ () C:\Users\Bido\Documents\Northern Lights.xls
2014-10-03 02:32 - 2014-10-03 02:32 - 08473440 _____ ( ) C:\Users\Bido\Downloads\DllTool.exe
2014-10-03 02:25 - 2014-10-11 01:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-03 02:25 - 2014-10-03 02:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-03 02:25 - 2014-10-03 02:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-03 02:25 - 2014-10-03 02:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-03 02:25 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-03 02:25 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-03 02:25 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-03 02:24 - 2014-10-03 02:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bido\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-02 02:50 - 2014-10-02 02:50 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-09-18 03:04 - 2014-08-19 13:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-18 03:04 - 2014-08-19 12:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-18 03:04 - 2014-08-18 18:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-18 03:04 - 2014-08-18 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-18 03:04 - 2014-08-18 17:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-18 03:04 - 2014-08-18 17:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-18 03:04 - 2014-08-18 17:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-18 03:04 - 2014-08-18 17:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-18 03:04 - 2014-08-18 17:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-18 03:04 - 2014-08-18 17:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-18 03:04 - 2014-08-18 17:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-18 03:04 - 2014-08-18 17:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-18 03:04 - 2014-08-18 17:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-18 03:04 - 2014-08-18 17:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-18 03:04 - 2014-08-18 17:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-18 03:04 - 2014-08-18 17:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-18 03:04 - 2014-08-18 17:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-18 03:04 - 2014-08-18 17:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-18 03:04 - 2014-08-18 17:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-18 03:04 - 2014-08-18 16:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-18 03:04 - 2014-08-18 16:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-18 03:04 - 2014-08-18 16:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-18 03:04 - 2014-08-18 16:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-18 03:04 - 2014-08-18 16:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-18 03:04 - 2014-08-18 16:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-18 03:04 - 2014-08-18 16:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-18 03:04 - 2014-08-18 16:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-18 03:04 - 2014-08-18 16:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-18 03:04 - 2014-08-18 16:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-18 03:04 - 2014-08-18 16:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-18 03:04 - 2014-08-18 16:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-18 03:04 - 2014-08-18 16:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-18 03:04 - 2014-08-18 16:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-18 03:04 - 2014-08-18 16:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-18 03:04 - 2014-08-18 16:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-18 03:04 - 2014-08-18 16:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-18 03:04 - 2014-08-18 16:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-18 03:04 - 2014-08-18 16:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-18 03:04 - 2014-08-18 16:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-18 03:04 - 2014-08-18 16:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-18 03:04 - 2014-08-18 16:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-18 03:04 - 2014-08-18 16:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-18 03:04 - 2014-08-18 16:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-18 03:04 - 2014-08-18 16:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-18 03:04 - 2014-08-18 16:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-18 03:04 - 2014-08-18 16:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-18 03:04 - 2014-08-18 16:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-18 03:04 - 2014-08-18 16:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-18 03:04 - 2014-08-18 16:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-18 03:04 - 2014-08-18 15:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-18 03:04 - 2014-08-18 15:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-18 03:04 - 2014-08-18 15:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-18 03:04 - 2014-08-18 15:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-18 03:04 - 2014-08-18 15:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-18 03:03 - 2014-08-18 16:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-18 03:03 - 2014-08-18 16:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-18 02:20 - 2014-07-06 21:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-18 02:20 - 2014-07-06 21:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-18 02:20 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-18 02:20 - 2014-07-06 20:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-18 02:20 - 2014-07-06 20:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-18 02:19 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-18 02:19 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-18 02:19 - 2014-08-22 19:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 14:52 - 2014-09-14 16:28 - 00044544 _____ () C:\Users\Bido\Documents\Galapagos Itinerary.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-11 01:54 - 2010-01-11 06:29 - 01925350 _____ () C:\Windows\WindowsUpdate.log
2014-10-11 01:53 - 2011-07-04 04:24 - 00000000 ___RD () C:\Users\Bido\Dropbox
2014-10-11 01:53 - 2011-07-04 04:21 - 00000000 ____D () C:\Users\Bido\AppData\Roaming\Dropbox
2014-10-11 01:52 - 2009-12-11 08:42 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-11 01:52 - 2009-12-11 08:42 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-10 12:17 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-10-10 11:58 - 2009-07-13 23:45 - 00014144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-10 11:58 - 2009-07-13 23:45 - 00014144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-10 11:54 - 2009-07-14 00:13 - 00805220 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-10 11:49 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-06 19:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\schemas
2014-10-06 15:37 - 2010-02-05 21:25 - 00000000 ____D () C:\Users\Bido\AppData\Local\CrashDumps
2014-10-05 13:48 - 2009-11-19 14:47 - 00000000 ____D () C:\Windows\Panther
2014-10-05 13:47 - 2010-04-04 03:08 - 00000000 ____D () C:\Windows\Minidump
2014-10-05 12:23 - 2010-07-09 22:52 - 00000000 ____D () C:\Users\Bido\AppData\Roaming\Apple Computer
2014-10-02 02:42 - 2014-07-20 14:54 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-10-02 02:42 - 2012-05-10 10:32 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-10-02 02:42 - 2011-02-04 16:16 - 00002319 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-10-02 02:42 - 2011-02-04 16:15 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-09-27 03:25 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-25 02:23 - 2014-08-16 16:32 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 02:23 - 2009-12-11 08:42 - 00002183 _____ () C:\Users\Public\Desktop\Internet Browser.lnk
2014-09-23 03:08 - 2011-07-04 04:24 - 00001015 _____ () C:\Users\Bido\Desktop\Dropbox.lnk
2014-09-23 03:08 - 2011-07-04 04:21 - 00000000 ____D () C:\Users\Bido\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 03:37 - 2009-07-13 23:45 - 00448400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-18 03:03 - 2009-12-11 08:51 - 00000000 ____D () C:\ProgramData\Microsoft Help

Some content of TEMP:
====================
C:\Users\Bido\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmhqohh.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-10 12:07

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2014 01
Ran by Bido at 2014-10-11 01:56:16
Running from C:\Users\Bido\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 10 Plugin (HKLM-x32\...\{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 2 64-bit (HKLM\...\{9B9162E8-4274-4323-A31B-444ECA641B8A}) (Version: 2 - Adobe)
Adobe Reader 9.5.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.1 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.85 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.193 - ArcSoft)
Audacity 1.3.12 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version:  - )
Canon MP560 series User Registration (HKLM-x32\...\Canon MP560 series User Registration) (Version:  - )
Chinese Simplified Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12334.0 - Cisco Consumer Products LLC)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.109 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Evernote v. 4.5.10 (HKLM-x32\...\{EF7E46B8-1FB7-11E2-B6B3-984BE15F174E}) (Version: 4.5.10.7472 - Evernote Corp.)
FFmpeg for Audacity on Windows (HKLM-x32\...\FFmpeg for Audacity on Windows_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.00.1030 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.7.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Java™ 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.350 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.1.2.11260 - Sony Corporation)
Media Gallery (x32 Version: 1.1.2.11260 - Sony Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft Access 2010 (HKLM-x32\...\Office14.AccessR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Image Composite Editor (HKLM\...\{2C304CEF-37C3-424E-9DD7-C56C45658290}) (Version: 1.3.3 - Microsoft Corporation)
Microsoft Office Access 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARDR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Research AutoCollage 2008 version 1.1 (HKLM-x32\...\{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}) (Version: 1.01.2008 - Microsoft Research)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{BA4DA261-CB60-4690-B202-44998DFC6986}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.1 - DDNi)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.0.00.10260 - Sony Corporation)
PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.0.00.09250 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.0.00.09250 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.0.01.11230 - Sony Corporation)
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.0.01.11230 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.0.00.10150 - Sony Corporation)
PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.0.00.10150 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.0.01.12010 - Sony Corporation)
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.0.01.12010 - Sony Corporation) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickBooks Financial Center (HKLM-x32\...\{0F962B79-D0DC-40D9-96BA-ED1355120CBA}) (Version: 1.30.0000 - Intuit Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5964 - Realtek Semiconductor Corp.)
Roxio Central Audio (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Copy (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Core (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Data (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Tools (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio Easy Media Creator Home (x32 Version: 10.3.183 - Roxio) Hidden
Service Pack 1 for SQL Server 2008 (KB968369) (HKLM-x32\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.1.0.11200 - Sony Corporation)
SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.9.4.20091005.2246 - Sony)
Sony Home Network Library (HKLM-x32\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 2.0.1.12040 - Sony Corporation)
Sony Home Network Library (x32 Version: 2.0.1.12040 - Sony Corporation) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
Spotify (HKLM-x32\...\Spotify) (Version: 0.5.2 - )
Sql Server Customer Experience Improvement Program (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.3.0 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.AccessR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARDR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.AccessR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARDR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.AccessR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.STANDARDR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARDR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.STANDARDR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARDR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 5.0.3.11130 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}) (Version: 3.6.0.09250 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.6.0.09250 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Network Service Manager (HKLM-x32\...\{4427F384-B5BE-4769-B7D0-C784FC321EB1}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Content Metadata Manager Settings (HKLM-x32\...\{12D0BE8D-538C-4AB1-86DE-C540308F50DA}) (Version: 3.6.0.09240 - Sony Corporation)
VAIO Content Metadata Manager Settings (x32 Version: 3.6.0.09240 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata XML Interface Library (x32 Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Content Monitoring Settings (HKLM-x32\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.4.1.09180 - Sony Corporation)
VAIO Content Monitoring Settings (x32 Version: 2.4.1.09180 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.1.1.07160 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.2.0.09150 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.2.0.09150 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.0.00.09240 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.6.0.09150 - Sony Corporation)
VAIO Entertainment Platform (x32 Version: 3.6.0.09150 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.1.0.11300 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 3.9.1 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{DB1C9CB7-DF65-4991-BD17-71BF9CD15BA0}) (Version: 10.00.1029 - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.0.1.12040 - Sony Corporation)
VAIO Media plus Opening Movie (HKLM-x32\...\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}) (Version: 2.0.0.07030 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.0.00.09240 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.0.00.09240 - Sony Corporation) Hidden
VAIO OOBE and Startup Assistant (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 2.00.1110 - Sony Corporation)
VAIO Original Function Settings (HKLM-x32\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 2.0.0.07010 - Sony Corporation)
VAIO Original Function Settings (x32 Version: 2.0.0.07010 - Sony Corporation) Hidden
VAIO Personalization Manager (HKLM-x32\...\{A95187EF-BCF4-4468-B501-C0BAB976ADD1}) (Version: 2.0.0.06220 - Sony Corporation)
VAIO Personalization Manager (x32 Version: 2.0.0.06220 - Sony Corporation) Hidden
VAIO Power Management (HKLM-x32\...\{803E4FA5-A940-4420-B89D-A8BC2E160247}) (Version: 5.0.0.11300 - Sony Corporation)
VAIO Survey (HKLM-x32\...\{34B37A74-125E-4406-87BA-E4BD3D097AE5}) (Version: 6.00.1028 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.1.0.10200 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.1.1.06090 - Sony Corporation)
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405) (HKLM\...\930E4792BDAEAFB62A9514EE7578775658A5D07C) (Version: 09/09/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wondershare Dr.Fone for iOS(Build 3.5.1.2) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 3.5.1.2 - Wondershare Software Co.,Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3377907549-50208328-2977345109-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Bido\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

10-10-2014 17:14:31 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {29C834B7-53A5-40B7-870E-CED4BC184040} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Bido => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2009-06-09] (Sony Corporation)
Task: {2D10B090-A0FF-4850-86FD-820EC813B6F8} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {32945159-A944-4FBA-9B30-A05394528AC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11] (Google Inc.)
Task: {35780F37-DF31-494A-9580-75309E4A9016} - System32\Tasks\SONY\VAIO Update\Launch Application => C:\Program Files\Sony\VAIO Update 5\ShellExeProxy.exe [2010-06-09] (Sony Corporation)
Task: {412EEE9A-0F43-4860-B740-D818624FB726} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4EC245A3-7936-409C-892B-4395AE5FEB59} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2009-10-26] ()
Task: {55C79D63-7D31-478C-9EA9-151339F727C6} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {77D3A7E7-9966-405A-A700-DD83833A2F74} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-11] (Sun Microsystems, Inc.)
Task: {7C31F998-A128-45EA-A187-D174C7C0943A} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2009-11-20] (Sony Corporation)
Task: {81CF57B3-51EE-4459-B18A-EF66C447DDF1} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2009-11-30] (Sony Corporation)
Task: {88ACA4B4-C638-4347-9EFC-47BC2455128D} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2009-11-20] (Sony Corporation)
Task: {970F1949-68B7-4294-AB25-58DDB979533E} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {97729FE7-0E8D-4E33-AE5C-EEE267B8AFD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-11] (Google Inc.)
Task: {AF55AD05-A7FE-4A45-B728-6672EA6788B1} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2009-10-19] (Sony Corporation)
Task: {BCDFE9B8-5840-402A-94D2-70E50D915E12} - System32\Tasks\SONY\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2010-06-09] (Sony Corporation)
Task: {BFE42E75-5D2B-4B7F-89BA-3B6CC5682306} - System32\Tasks\Sony\OOBEReminder => C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe [2009-11-05] (Sony Electronics, Inc.)
Task: {CB9CC525-5275-4A68-AD0F-7F726AE48D69} - System32\Tasks\VAIO Care Service => C:\Program Files\Sony\VAIO Care\VAIOCareService.exe [2009-10-21] (Sony Corporation)
Task: {DEDD2667-E659-4D93-B6C8-E5FFACEFEDCF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {F0321795-FC71-4EE2-841C-1887CE1EBAC9} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {F3814875-794D-4CD4-B1D8-7853419D4447} - System32\Tasks\Sony\OOBESendInfo => C:\Program Files\Sony\First Experience\OOBESendInfo.exe [2009-11-05] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) =============

2011-08-13 20:14 - 2011-08-13 20:14 - 00049152 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
2009-12-11 09:01 - 2009-10-05 16:57 - 00016384 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
2009-12-11 09:01 - 2009-10-05 16:42 - 00161080 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
2009-12-11 09:01 - 2009-10-05 16:42 - 00017920 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
2009-12-11 09:01 - 2009-10-05 16:42 - 00033792 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
2009-12-11 09:15 - 2009-10-26 18:34 - 00390448 _____ () C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe
2009-12-11 08:39 - 2009-11-05 19:41 - 00074032 _____ () C:\Program Files\Sony\First Experience\OOBESendInfo.exe
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-13 20:14 - 2011-08-13 20:14 - 00050176 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\DdniCore.dll
2011-08-13 20:14 - 2011-08-13 20:14 - 00034304 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\AspUpdate.dll
2009-12-11 09:44 - 2009-12-04 17:26 - 00376832 _____ () C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\sqlite3.dll
2009-12-11 09:44 - 2009-11-30 22:20 - 00010752 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2009-12-11 09:44 - 2009-11-30 22:20 - 00009728 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2009-12-11 09:47 - 2009-06-09 22:52 - 00495616 _____ () C:\Program Files\Sony\VAIO Personalization Manager\sqlite3.dll
2012-09-08 14:16 - 2012-09-08 14:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-09-08 14:16 - 2012-09-08 14:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00121856 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00007680 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00009728 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00018944 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00107008 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00023040 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00027648 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00006656 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
2009-12-11 09:01 - 2009-10-05 16:42 - 00004608 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3377907549-50208328-2977345109-500 - Administrator - Disabled)
Bido (S-1-5-21-3377907549-50208328-2977345109-1005 - Administrator - Enabled) => C:\Users\Bido
Guest (S-1-5-21-3377907549-50208328-2977345109-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3377907549-50208328-2977345109-1006 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/10/2014 11:50:06 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (10/10/2014 11:50:06 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000)

Error: (10/10/2014 03:17:55 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8007000e)

Error: (10/10/2014 03:17:54 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8007000e)

Error: (10/10/2014 03:10:48 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (10/10/2014 03:10:47 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000)

Error: (10/10/2014 03:02:05 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (10/10/2014 03:02:00 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000)

Error: (10/10/2014 02:40:42 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8007000e)

Error: (10/10/2014 02:39:53 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8007000e)

System errors:
=============
Error: (10/11/2014 01:52:07 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.

Error: (10/11/2014 01:52:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.

Error: (10/11/2014 01:51:37 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.

Error: (10/10/2014 11:50:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/10/2014 11:50:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (10/10/2014 11:47:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2014 11:47:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2014 11:47:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2014 11:47:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/10/2014 11:47:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (10/10/2014 11:50:06 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (10/10/2014 11:50:06 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {48512A59-C8A5-4805-9048-23C9E4194BFA}0x80042000

Error: (10/10/2014 03:17:55 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8007000e

Error: (10/10/2014 03:17:54 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8007000e

Error: (10/10/2014 03:10:48 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (10/10/2014 03:10:47 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {48512A59-C8A5-4805-9048-23C9E4194BFA}0x80042000

Error: (10/10/2014 03:02:05 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {56F9312C-C989-4E04-8C23-299DEE3A36F5}0x80042019

Error: (10/10/2014 03:02:00 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {48512A59-C8A5-4805-9048-23C9E4194BFA}0x80042000

Error: (10/10/2014 02:40:42 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8007000e

Error: (10/10/2014 02:39:53 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8007000e

==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 46%
Total physical RAM: 4014.09 MB
Available physical RAM: 2154.16 MB
Total Pagefile: 8026.36 MB
Available Pagefile: 5927.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:456.99 GB) (Free:344.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 766A3184)
Partition 1: (Not Active) - (Size=8.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

one dllhost.exe *32 by COM Surrogate had appeared after reboot and during the FRST rescan, but it's currently gone as I type this.  lemme know if there's anything else I need to do...

 

Thanks!

-Bido



#6 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:01 AM

Posted 11 October 2014 - 09:02 AM

Hello Bido,

 

one dllhost.exe *32 by COM Surrogate had appeared after reboot and during the FRST rescan, but it's currently gone as I type this.  lemme know if there's anything else I need to do...

 

 

This is a normal behavior. The main infection seems to be removed.

 

However if you don't mind, I want to make sure there is nothing lurking on the system so just in case I want you to go through these steps:

 

The most of them should take no more than 5 minutes each (but the time they take to complete can vary depending on the size of your hard and the speed of your computer).

 

 

STEP 1

 

 

  • Please download RKill by Grinler from the link below and save it to your desktop.

    Rkill
  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log.
  • Please post the log in your next reply.

 

 

STEP 2

 

 

  • Please download RogueKillerX64.exe and save to the desktop.
  • Close all windows and browsers
  • Right-click the program and select 'Run as Administrator'
  • Wait for the prescan to complete and then press the Scan button.
  • When done press the Report button.
  • Please copy and past the results in your next reply.

 

 

STEP 3
 

 

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
     
  • Put a checkmark beside loaded modules.
    Sbf88.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
     
  • Click the Start Scan button.
     
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
     
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

 

STEP 4

 

 

Please download Malwarebytes Anti-Malware to your desktop.
 

  • Double-click mbam-setup-2.0.2.1012.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Settings tab > Detection and Protection subtab, Detection Options, tick the box 'Scan for rootkits'.
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may see this message box.
    • 'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

STEP 5

 

 

1.Please download HitmanPro.

  • For 32-bit Operating System - dEMD6.gif.
  • This is the mirror - dEMD6.gif
  • For 64-bit Operating System - dEMD6.gif
  • This is the mirror - dEMD6.gif

2.Launch the program by double clicking on the 5vo5F.jpg icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).

Note: If the program won't run please then open the program while holding down the left CTRL key until the program is loaded.

3.Click on the next button. You must agree with the terms of EULA. (if asked)

4.Check the box beside "No, I only want to perform a one-time scan to check this computer".

5.Click on the next button.

6.The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.

7.When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!
 
8.Click on the next button.

9.Click on the "Save Log" button.

10.Save that file to your desktop and post the content of that file in your next reply.
 
Note: if there isn't a dropdown menu when the scan is done then please don't delete anything and close HitmanPro

Navigate to C:\ProgramData\HitmanPro\Logs open the report and copy and paste it to your next reply.

 

 

 

STEP 6

 

 

Download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

and then if there aren't any issues left I'll give you my final recommendations. :)

 

 

Regards,

Georgi


cXfZ4wS.png


#7 Bido

Bido
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:01 AM

Posted 12 October 2014 - 02:03 PM

Hey there Georgi,

 

sorry for the delayed response, but these took longer to run than I thought.  Especially since my computer crashed twice trying to run RogueKillerX64 (but I eventually got it to work).  HitManPro also took 30min on my computer instead of 2-3 minutes.  :S  anyways, please see below for results...

 

RKILL

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/12/2014 03:55:18 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 10/12/2014 03:56:45 AM
Execution time: 0 hours(s), 1 minute(s), and 26 seconds(s)

 

 

 

ROGUEKILLERX64

 

RogueKiller V10.0.1.0 (x64) [Oct 10 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Bido [Administrator]
Mode : Scan -- Date : 10/12/2014  12:27:14

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 15 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3377907549-50208328-2977345109-1005\Software\Microsoft\Internet Explorer\Main | Start Page : http://mail.yahoo.com/  -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3377907549-50208328-2977345109-1005\Software\Microsoft\Internet Explorer\Main | Start Page : http://mail.yahoo.com/  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 192.168.1.1  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 192.168.1.1  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 209.18.47.61 209.18.47.62 192.168.1.1  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5CA2638F-A594-4D24-80BE-A37A7C278809} | DhcpNameServer : 209.18.47.61 209.18.47.62 192.168.1.1  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F080DE39-A95A-4ECD-9EF4-659C412F3AD6} | DhcpNameServer : 209.18.47.61 209.18.47.62  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5CA2638F-A594-4D24-80BE-A37A7C278809} | DhcpNameServer : 209.18.47.61 209.18.47.62 192.168.1.1  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{F080DE39-A95A-4ECD-9EF4-659C412F3AD6} | DhcpNameServer : 209.18.47.61 209.18.47.62  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{5CA2638F-A594-4D24-80BE-A37A7C278809} | DhcpNameServer : 209.18.47.61 209.18.47.62 192.168.1.1  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{F080DE39-A95A-4ECD-9EF4-659C412F3AD6} | DhcpNameServer : 209.18.47.61 209.18.47.62  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] aa1abec0b886d50a7a04576404a77d40
[BSP] 7d1f4a7c3af530e5b3851d074dbc6691 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 8885 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 18198528 | Size: 100 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 18403328 | Size: 467953 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Ricoh Memory Stick Disk Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive2: Ricoh SD/MMC Disk Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! ([32] The request is not supported. )
Error reading LL2 MBR! ([32] The request is not supported. )

 

 

 

TDSSKILLER

 

http://pastebin.com/5KFH5VhT

 

 

 

MALWAREBYTES

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/12/2014
Scan Time: 12:46:51 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.12.06
Rootkit Database: v2014.10.11.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Bido

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340366
Time Elapsed: 32 min, 2 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

 

HITMANPRO

 

HitmanPro 3.7.9.225
www.hitmanpro.com
   Computer name . . . . : BIDO-VAIO
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : BIDO-VAIO\Bido
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
   Scan date . . . . . . : 2014-10-12 13:22:31
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 24m 37s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 37
   Objects scanned . . . : 5,005,653
   Files scanned . . . . : 649,449
   Remnants scanned  . . : 3,185,036 files / 1,171,168 keys
Suspicious files ____________________________________________________________
   C:\Users\Bido\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2,109,440 bytes
      Age  . . . . . . . : 8.5 days (2014-10-04 02:17:23)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 929C74E61732D706A9C8E640EA3D30E46B2450CDE50C34BD22669587AD7B6CA9
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 23.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
   C:\Users\Bido\Desktop\FRST64.exe
      Size . . . . . . . : 2,109,952 bytes
      Age  . . . . . . . : 2.5 days (2014-10-10 02:20:20)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 3C4317D870B877ACD97B235AC6A4DD213A767FD19D140638934D62C152702901
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

Potential Unwanted Programs _________________________________________________
   ask.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Web Data

Cookies _____________________________________________________________________
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:247realmedia.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.xtendmedia.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrite.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:adinterax.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:adlegend.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.thefrisky.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:divx.112.2o7.net
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:emjcd.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:pointroll.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:revenue.net
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:surveymonkey.122.2o7.net
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:wachovia.112.2o7.net
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:yieldmanager.net
   C:\Users\Bido\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com

 

 

 

SECURITY CHECK

 

 Results of screen317's Security Check version 0.99.88 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Norton 360   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java™ 6 Update 35 
 Java version out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Reader 9 Adobe Reader out of Date!
 Google Chrome 37.0.2062.120 
 Google Chrome 37.0.2062.124 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

 

 

 

also, don't know if it's related, but my Norton360 keeps finding a Trojan.Poweliks.  I'm not doing anything with that though until you tell me to do so... ;)

 

Thanks!

-Bido
 



#8 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:01 AM

Posted 14 October 2014 - 03:12 AM

Hello,

 

The logs seems to be clean. Try the following and let me know about the results...

 

Go ahead and delete the folder C:\FRST\Quarantine and empty the Recycle Bin.

 

Then update Norton and go into Norton's History, go into the Drop down list and choose the "Unresolved Threats" list and click the "Clear Entries" button  to remove the listings. A restart is probably required. You can clear the entries for all sections in the Norton's history (just in case). Next run a complete system scan with it and let me know about the results. If nothing is found then watch the computer for a few days to see if anything strange happens and post back if any problems develop. Then I'll give you my final recommendations.

 

 

In the meantime I have a few updating tasks for you:

 

 

Upgrading Java:


javaicon.gif Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application.
 

  • Download the latest version of Java SE 7.
  • Click the Java™ 7 Update 67 "Download JRE" button to the right.
  • Select your Platform, Register and check the box that says: "I agree to the Java SE Runtime Environment 7 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-7u67-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel > Programs, click on Uninstall a program and remove all older versions of Java:
    Java™ 6 Update 35
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version. (Vista/Windows 7 users, right click on the jre-7u67-windows-i586.exe and select "Run as an Administrator.")

 

 

:Run JavaRa
 

  • Please download JavaRa 2.6 and unzip it to your desktop.
  • Double-click on JavaRa.exe to start the program.
  • Choose Remove Java Runtime and since you already uninstalled JAVA skip step 1 and click on the next button.
  • Now click on Perform Removal Routine to remove the older versions of Java installed on your computer.
  • When that's successfully done, please click OK to close the message.
  • Click on Next and skip the downloading process. Click Next and now click on Close this wizard and click Finish.
  • From the main menu please choose Additional tasks
  • Place a checkmark beside Remove startup entry, Remove Outdated JRE Firefox Extentions and Clean JRE Temp Files and click Run. The browsers should be closed before running this task.
  • When that's succesfully done you will see a message at the top saying: "Selected tasks completed successfully".
  • A log file should be created in the same directory as JavaRa.
  • Please post the log in your next reply.
  • Close JavaRa by clicking the red cross button.

 

 

You can choose between 2 variants:

 

1. If you have applications that require Java to be installed on the computer then uninstall the old version of Java and then run JavaRa to remove all remnants and then go ahead and download & install the latest version of Java (Java SE 8).

 

2. If you want to be on the safe side then go ahead and uninstall the old version of Java, then run JavaRa to remove all remnants and then remove all applications that require Java (time to learn to live without Java and find alternatives to the applications that require Java)... Check this article.

 

It's your call. smile.png

 

 

Your Adobe Flash Player is out of date!

Older versions may have vulnerabilities that malware can use to infect your system.

 

software.gif Please download and instal: Adobe Flash Player 15.0.0.152 Final for (Internet Explorer)

 

 

Your Adobe Reader is out of date.
Older versions may have vulnerabilities that malware can use to infect your system.
Please download Adobe Reader 11.0.09 to your PC's desktop.
 

  • Uninstall Adobe Reader 9 via Start => Control Panel > Uninstall a program
  • Install the new downloaded updated software.

Note that the McAfee Security scan is prechecked. You may wish to uncheck it before downloading.

 

  • It is possible for other programs on your computer to have security vulnerability that can allow malware to infect you.
  • Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities.
  • You can check these by visiting Secunia Software Inspector or you can use the following application for this purpose PatchMyPC

 

 
Visit Microsoft's Windows Update Site Frequently

 

  • It is important that you visit Windows Update regularly.
  • This will ensure your computer has always the latest security updates available installed on your computer.
  • If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

 

When done post a new log from SecurityCheck.

 

 

Regards,

Georgi


Edited by B-boy/StyLe/, 15 October 2014 - 12:06 PM.

cXfZ4wS.png


#9 Bido

Bido
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:01 AM

Posted 17 October 2014 - 03:51 PM

Hey there Georgi,

 

sorry for the delayed response.  but here we go...

 

Norton 360 didn't find anything during full system scan.  Norton hasn't found anything for past few days, except when I tried to update Java.  there were some low concern tracking cookies from adware.webwise detected.

 

Did the Java update for 71 since 67 didn't exist on the page anymore.  ran the JavaRa, and here are the results from that...

 

User initialised redundant data purge.
......................

Removed registry subkey: java.exe
Removed registry subkey: javaw.exe
Removed registry subkey: 0357E4991DA5FF14F9615B3412062B02
Removed registry subkey: 0357E4991DA5FF14F9615B3612062B02
Removed registry subkey: {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
Removed registry subkey tree: {DBC80044-A445-435b-BC74-9C25C1C588A9}
Removed registry subkey: F60730A4A66673047777F5728467D401
Removed registry subkey tree: F60730A4A66673047777F5728467D401
Removed registry subkey: 6C5ADB75C34456D42B338232391207FF
Removed registry subkey: A5CCAAC40F5B69B47777ACF82566467C
Removed registry subkey tree: {5852F5EC-8BF4-11D4-A245-0080C6F74284}
Removed registry subkey: application/java-deployment-toolkit
Removed registry subkey: application/x-java-applet
Removed registry subkey: application/x-java-jnlp-file
Removed registry subkey tree: {5852F5E0-8BF4-11D4-A245-0080C6F74284}
Removed registry subkey: .jar
Removed registry subkey: .jnlp
Removed registry subkey tree: jarfile
Removed registry subkey tree: JavaWebStart.isInstalled
Removed registry subkey tree: JavaWebStart.isInstalled.1.7.0.0
Removed registry subkey tree: JNLPFile
Removed registry subkey: javaws.exe
Removed registry subkey tree: Browser Helper Objects
Removed registry subkey: 6C5ADB75C34456D42B338232391207FF
Removed registry subkey: A5CCAAC40F5B69B47777ACF82566467C
Removed registry subkey: 225FA5D4CDB0C57489E7F511C11D0182
Removed registry subkey: 225FC5D4ADB0C57489E7F511C11D0182
Removed registry subkey: 225FC5D4BDB0C57489E7F511C11D0182
Removed registry subkey: 225FC5D4CDB0C57489E7F511C11D0182
Removed registry subkey: 52AAFD69654C07446983ADA1256FC7A9
Removed registry subkey: AD9BB15F1AC776D49B768EDF5A02B896
Removed registry subkey: E1215CC4312C58A4A8F9D630115FB457
Removed registry subkey tree: F60730A4A66673047777F5728467D401
Exception encountered in module [JavaRa]
Message: Cannot delete a subkey tree because the subkey does not exist.
   at Microsoft.Win32.RegistryKey.DeleteSubKeyTreeInternal(String subkey)
   at Microsoft.Win32.RegistryKey.DeleteSubKeyTree(String subkey)
   at JavaRa.routines_registry.delete_key(String key)

Removed registry subkey: Oracle_JavaAccessBridge
Removed registry subkey tree: JavaSoft
Removal routine completed successfully. 35 items have been deleted.
== Cleaning JRE temporary files ==
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\lastAccessed
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf-n\jmc.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf-n\msvcp71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf-n\msvcr71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340-n\decora-d3d.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340-n\decora-sse.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e-n\jmc.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e-n\msvcp71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e-n\msvcr71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63-n\decora-d3d.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63-n\decora-sse.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863-n\jmc.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863-n\msvcp71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863-n\msvcr71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-111af867.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-125b600b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-19f0f53e
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-19f0f53e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-40b06194
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-40b06194.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-513f4e67.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-6c43e0b6.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\3\1cfa1583-2ff38725
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\3\1cfa1583-2ff38725.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\29\2d9f109d-3eff331b
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\29\2d9f109d-3eff331b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-3c816df1
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-3c816df1.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-7f82a85e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\25\794f2bd9-23fd9e8b
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\25\794f2bd9-23fd9e8b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\24\2a20e358-4233658e
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\24\2a20e358-4233658e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\3db38257-3a67df9a
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\3db38257-3a67df9a.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\6fa462d7-66239c78
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\6fa462d7-66239c78.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5-n\decora-d3d.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5-n\decora-sse.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\11\21e928cb-57f0de86
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\11\21e928cb-57f0de86.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\lastAccessed
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\44ae8dc7-57e38fe8
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\44ae8dc7-57e38fe8.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\acb917b-616a2e53-temp
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\acb917b-616a2e53.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\5f3dbf31-67231925
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\5f3dbf31-67231925.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\1f113f2c-535a8765
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\1f113f2c-535a8765.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\19858eeb-6bc854e3
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\19858eeb-6bc854e3.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\16b6cc4-6a0d38b4
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\16b6cc4-6a0d38b4.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\293a0e44-128174a0
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\293a0e44-128174a0.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\575f2a04-4ee83095
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\575f2a04-4ee83095.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\3c845666-157ab26b
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\3c845666-157ab26b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-1906d5f4.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-1a9890b5.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-34e49dad.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-36de42f9
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-36de42f9.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-39af7199.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-3d0aa8a4.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-3d65a706.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-741788dd.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\5536e69e-34f24cbf
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\5536e69e-34f24cbf.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\2d9f109d-2d81736a
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\2d9f109d-2d81736a.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\7403101d-131fc97b
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\7403101d-131fc97b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\794f2bd9-13f90ebe
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\794f2bd9-13f90ebe.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\26607098-392d41e7
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\26607098-392d41e7.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\617a26d5-27d55ae7
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\617a26d5-27d55ae7.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\7f513d13-4980acd4
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\7f513d13-4980acd4.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\634e27d1-67a18102.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\1c83f490-39765534.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\2334030f-14973d94
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\2334030f-14973d94.idx
 
== Cleaning JRE temporary files ==
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\lastAccessed
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf-n\jmc.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf-n\msvcp71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf-n\msvcr71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340-n\decora-d3d.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340-n\decora-sse.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e-n\jmc.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e-n\msvcp71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e-n\msvcr71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63-n\decora-d3d.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63-n\decora-sse.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863-n\jmc.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863-n\msvcp71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863-n\msvcr71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-111af867.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-125b600b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-19f0f53e
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-19f0f53e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-40b06194
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-40b06194.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-513f4e67.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-6c43e0b6.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\3\1cfa1583-2ff38725
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\3\1cfa1583-2ff38725.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\29\2d9f109d-3eff331b
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\29\2d9f109d-3eff331b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-3c816df1
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-3c816df1.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-7f82a85e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\25\794f2bd9-23fd9e8b
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\25\794f2bd9-23fd9e8b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\24\2a20e358-4233658e
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\24\2a20e358-4233658e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\3db38257-3a67df9a
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\3db38257-3a67df9a.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\6fa462d7-66239c78
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\6fa462d7-66239c78.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5-n\decora-d3d.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5-n\decora-sse.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\11\21e928cb-57f0de86
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\11\21e928cb-57f0de86.idx
 
== Cleaning JRE temporary files ==
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\lastAccessed
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf-n\jmc.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf-n\msvcp71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf-n\msvcr71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340-n\decora-d3d.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340-n\decora-sse.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e-n\jmc.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e-n\msvcp71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e-n\msvcr71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63-n\decora-d3d.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63-n\decora-sse.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863-n\jmc.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863-n\msvcp71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863-n\msvcr71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-111af867.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-125b600b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-19f0f53e
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-19f0f53e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-40b06194
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-40b06194.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-513f4e67.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-6c43e0b6.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\3\1cfa1583-2ff38725
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\3\1cfa1583-2ff38725.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\29\2d9f109d-3eff331b
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\29\2d9f109d-3eff331b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-3c816df1
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-3c816df1.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-7f82a85e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\25\794f2bd9-23fd9e8b
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\25\794f2bd9-23fd9e8b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\24\2a20e358-4233658e
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\24\2a20e358-4233658e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\3db38257-3a67df9a
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\3db38257-3a67df9a.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\6fa462d7-66239c78
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\6fa462d7-66239c78.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5-n\decora-d3d.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5-n\decora-sse.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\11\21e928cb-57f0de86
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\11\21e928cb-57f0de86.idx
 
== Cleaning JRE temporary files ==
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\lastAccessed
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf-n\jmc.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf-n\msvcp71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6db24ccf-n\msvcr71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340-n\decora-d3d.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-70ee0340-n\decora-sse.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e-n\jmc.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e-n\msvcp71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-7db8019e-n\msvcr71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63-n\decora-d3d.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5ba16e63-n\decora-sse.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863-n\jmc.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863-n\msvcp71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f467863-n\msvcr71.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-111af867.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-125b600b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-19f0f53e
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-19f0f53e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-40b06194
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-40b06194.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-513f4e67.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-6c43e0b6.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\3\1cfa1583-2ff38725
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\3\1cfa1583-2ff38725.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\29\2d9f109d-3eff331b
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\29\2d9f109d-3eff331b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-3c816df1
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-3c816df1.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-7f82a85e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\25\794f2bd9-23fd9e8b
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\25\794f2bd9-23fd9e8b.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\24\2a20e358-4233658e
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\24\2a20e358-4233658e.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\3db38257-3a67df9a
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\3db38257-3a67df9a.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\6fa462d7-66239c78
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\23\6fa462d7-66239c78.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5.idx
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5-n\decora-d3d.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6b43c1b5-n\decora-sse.dll
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\11\21e928cb-57f0de86
Deleted file: C:\Users\Bido\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\11\21e928cb-57f0de86.idx
 

 

wasn't sure what to do after this regarding Java, so I didn't do anything.  is it required to remove programs that use Java, or can I just not use them?...

 

Adobe Flash Player and Reader were updated as requested.

 

I ran PatchMyPC, which supposedly updated my Java 71 to 72, amongst other things...

 

Windows Update coincidentally downloaded Microsoft Malicious Software Removal, which didn't find anything.

 

Here are the results from the last SecurityCheck...

 

 Results of screen317's Security Check version 0.99.88 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Norton 360   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 71 
 Java 7 Update 72 
 Java version out of Date!
 Adobe Flash Player 15.0.0.189 
 Adobe Reader 9 
 Adobe Reader XI 
 Google Chrome 37.0.2062.124 
 Google Chrome 38.0.2125.104 
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 



#10 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:01 AM

Posted 18 October 2014 - 12:44 PM

Hello Bido,

 

I am sorry about the delay. I was out of town for a couple of days so I couldn't reply earlier.

 

Norton 360 didn't find anything during full system scan.  Norton hasn't found anything for past few days, except when I tried to update Java.  there were some low concern tracking cookies from adware.webwise detected.

 

That's good to hear. We can consider this as resolved then. :)

 


Did the Java update for 71 since 67 didn't exist on the page anymore.  ran the JavaRa, and here are the results from that..
I ran PatchMyPC, which supposedly updated my Java 71 to 72, amongst other things...

 

Yeah it seems that Oracle has pushed out new Java updates to patch security holes... :)
 

wasn't sure what to do after this regarding Java, so I didn't do anything.  is it required to remove programs that use Java, or can I just not use them?...

 

No need to worry about the them. Since Java is updated they should be safe to be used. If you don't need them then go ahead and uninstall them to free some disk space.

 

 

 

Nicely done ! :bananas: This is the end of our journey if you don't have any more questions.
Thank you for following my instructions perfectly. smile.png
I have some final words for you.
All Clean !
Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it Clean.

 

 

STEP 1 CLEANUP
 

To remove all of the tools we used and the files and folders they created, please do the following:

 

 

Click on Start => now type in ComboFix /Uninstall into the serach-box and click OK.
Note the space between the X and the /Uninstall, it needs to be there.

 

  • Next please download Delfix.exe by Xplode and save it to your desktop.
  • Please start it and check the box next to "Remove disinfection tools" and click on the run button.
  • The tool will delete itself once it finishes.

 

Note: If any tool, file, log file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.


 
STEP 2 SECURITY ADVICES


Change all your passwords !


Since your computer was infected for peace of mind, I would however advise you that all your passwords be changed immediately including those for bank accounts, credit cards and home loans, PIN codes etc)!! (just in case).

 

If you're storing password in the browser to access websites than they are non encrypted well. Only if you use Firefox with master password protection activated provide better security...then you can add Secure Login to prevent Java and other exploits when log-in.

 

So I strongly recommend to change as much password as possible. Many of the modern malware samples have backdoor abilities and can steal confidential information from the compromised computer. Also you should check for any suspicious transactions if such occur. If you find out that you have been victim to fraud contact your bank or the appropriate institution for assistance.
Use different passwords for all your accounts. Also don't use easy passwords such as your favorite teams, bands or pets because this will allow people to guess your password.
You can use Password Generator - Norton Identity Safe to create random passwords and then install an application like KeePass Password Safe to store them for easy access.If you do Online Banikng please read this article: Online Banking Protection Against Identity Theft
 

 

 

Keep your antivirus software turned on and up-to-date

 

  • Make sure that you keep it updated
  • New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
  • Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
  • Note: You should scan your computer with an antimalware program like Malwarebytes' Anti-Malware on a regular basis just as you would an antivirus software.
  • Be sure to check for and download any definition updates prior to performing a scan.
  • Also keep in mind that MBAM is not a replacement for antivirus software, it is meant to complement the protection provided by a full antivirus product and is designed to detect the threats that are missed by most antivirus software.

 

 

Install HIPS based software if needed (or use Limited Account with UAC enabled)

 

 

I usually recommend to users to install HIPS based software (like Comodo Firewall, OnlineArmor, PrivateFirewall or Outpost Security Suite FREE) to prevent an unknown malware from gaining access but since you use Norton Internet Security you can skip this step.

Norton Internet Security is not only antivirus software, but also includes smart firewall protection, file Insight, SONAR technology, reputation analysis etc. This application offer many proactive features.
More information about HIPS can be found here: What is Host Intrusion Prevention System (HIPS) and how does it work?

 

If these kind of programs are difficult for you to use then you can use a standard user account with UAC enabled. If you need administrative privileges to perform some tasks, then you can use Run As or log on as the administrator account for that specific task.

 

 

 

Be prepared for CryptoLocker and similar threats:


CryptoLocker Ransomware Information Guide and FAQ
Cryptolocker Ransomware: What You Need To Know
New CryptoLocker Ransomware Variant Spread Through Yahoo Messenger
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
CryptoWall - A new ransomware from the creators of CryptoDefense

Analysis of ‘TorrentLocker’ – A New Strain of Ransomware Using Components of CryptoLocker and CryptoWall

 

 

Since the prevention is better than cure you can use gpedit built-in Windows or CryptoPrevent (described in the first link) to secure the PC against these lockers.
Another way is to use Comodo Firewall and to add all local disks to Protected Files and Folders (if you decide to install it). Also Comodo Firewall offers a sandbox that will help you prevent being infected. If you like to stick with Norton antivirus software then you can install Sandboxie.

 

You may want to check Malwarebytes Anti-Exploit and add install it to be safe when surfing the net. It work with the most popular browsers and it is very effective. See the article here.

 

HitmanPro.Alert.CryptoGuard provides similar protection but it failed in the latest test here. However the tool is still under development and will be improved a lot in the future so you can keep an eye on it and its progress.

 

Note: However keep in mind that HitmanPro.Alert is not fully compatible with Malwarebytes' Anti-Exploit and you should choose only one between both of them.

 

EMET and VoodooShield are another great tools which should lock the computer against exploits but they are too confusing to use for home users. However you can take a look at them if you want.
 
I would not install them all because they could render your pc unusable and will slow it down like a turtle.
Having more than one "real-time" program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

 

 

Practice Safe Internet


One of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will.  Below are a list of simple precautions to take to keep your computer clean and running securely:

  • If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that.  Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.
  • .exe, .com, .bat, .pif, .scr, .cmd or .vbs do not open the attachment unless you know for a fact that it is clean.  For the casual computer user, you will almost never receive a valid attachment of this type.
  • If you receive an attachment from someone you know, and it looks suspicious, then it probably is.  The email could be from someone you know infected with a malware that is trying to infect everyone in their address book.
  • If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software. For an example of these types of popups, or Foistware, you should read this article:
    Foistware, And how to avoid it. There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams.  For a list of these types of programs we recommend you visit this link: About Malwares, Rogues, Scarewares, SmitfraudFix
  • Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message  or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you.  We suggest that you close these windows by clicking on the X instead of the OK button. Alternatively, you can check to see if it's a real alert by right-clicking on the window.  If there is a menu that comes up saying Add to Favorites... you know it's a fake.
  • Do not go to adult sites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do.
  • When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link, message back to the person asking if it is legit before you click on it.
  • Stay away from Warez and Crack sites! In addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections. Avoid using cracks and unknown programs from sources you don't trust. There are MANY alternative open-source applications. Malware writers just love cracks and keygens, and will often attach malicious code into them. By using cracks and/or keygens, you are asking for problems. So my advice is - stay away from them!
  • Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download a piece of software a from a site, and are not sure if they are legitimate, you can use McAfee Siteadvisor to look up info on the site. Note: skip this advice if your antivirus have a Web Guard.
  • DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software.
  • You may want to install unchecky to prevent adware bundled into many free programs to install.

 

 

Tweak your browsers
 

MOZILLA FIREFOX

 

To prevent further infections be sure to install the following add-ons NoScript and AdBlock Plus
 

Adblock Plus hides all those annoying (and potentially dangerous) advertisements on websites that try and tempt you to buy or download something. AdBlock not only speeds up your browsing and makes it easier on your eyes, but also makes it safer.

 

 

Adblock Plus can be found here.
 
Do not add to many filters subscriptions because it will slow down your browser startup time.
 
erfxUim.jpg
 

NoScript is only for advanced users as it blocks all the interactive parts of a webpage, such as login options. Obviously you wouldn’t want to block your ability to log on to your internet banking or your webmail, but thankfully you can tell NoScript to allow certain websites and block others. This is very useful to ensure that the website you’re visiting is not trying to tempt you to interact with another, more dangerous website.

 

 

NoScript can be found here
 
You can find the optimal settings here
A tutorial on how to use it can be found here

 

 

Google Chrome

 
If you like Google Chrome there are many similar extensions for this browser as well. Since I am not a Google Chrome user I can't tell you which of them are good and how they work. You should find out by yourself.

However Google Chrome can block a lot of unknown malware because of his sandbox.Beware of the fact that Google Chrome doesn't provide master password protection for your saved in the browser passwords. Check this out: Google Chrome security flaw offers unrestricted password access


 
For Internet Explorer 9/10/11 read the articles below:


Security and privacy features in Internet Explorer 9
Enhanced Protected Mode
Use Tracking Protection in Internet Explorer
Security in Internet Explorer 10

 

 
 
Immunize your browsers with SpywareBlaster 5 and Spybot Search and Destroy 1.6 and MVPS HOSTS.

Also you can change your DNS settings 8.26.56.26 and 8.20.247.20 to use Comodo Secure DNS for free (to prevent phishing attacks)

 

 

Make the extensions for known file types visible:
 
 
Be wary of files with a double extension such as jpg.exe. As a default setting, Windows often hides common file extensions, meaning that a program like image.jpg.exe will appear to you as simply image.jpg. Double extensions exploit this by hiding the second, dangerous extension and reassuring you with the first one.Check this out - Show or hide file name extensions.


 
Disable Autorun and Windows Scripting Host:
 
 
It's a good idea to disable the Autorun functionality using the following tool to prevent spreading of the infections from USB flash drives.

 

If you don't use any script files then you can go ahead and disable Windows Scripting Host using the tool provided by Symantec - NoScript.exe. Simple download and run it and click on the Disable button and reboot the computer. If you need to run any js. or vbs scripts at a later stage you should run NoScript again and select Enable, then reboot the computer.
 

 

 
Create an image of your system (you can use the built-in Windows software as well if you prefer)

  • Now when your pc is malware free it is a good idea to do a backup of all important files just in case something happens it.
  • Macrium Reflect is very good choice that enables you to create an image of your system drive which can be restored in case of problems.
  • The download link is here.
  • The tutorial on how to create an system image can be found here.
  • The tutorial on how to restore an system image can be found here.
  • Be sure to read the tutorial first.

 

 

Follow this list and your potential for being infected again will reduce dramatically.

 

Safe Surfing ! :)

 

Regards,

Georgi


cXfZ4wS.png


#11 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:10:01 AM

Posted 25 October 2014 - 04:05 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

cXfZ4wS.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users