Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Just another in line -- laptop is infected...


  • Please log in to reply
6 replies to this topic

#1 pjvex86

pjvex86

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 04 January 2015 - 11:53 PM

There are many reasons I know it is infected... Just unrecognaized processes with crazy names... slower drive speed, drive filling up.

 

I have rarely suffered from any infections as of late (unless its some dormant botnet), as I typically am behind two hardware firewalls, and further am diligent on running MBAM daily along with a variety of other diagnostics....

 

Unfortunately, my budget prevented me from getting ethernet last month, so I had to slum it at a lot of Starbucks hotspots.  As it has been so long since I have been in an open hotspot, I didn't think ahead of time and install a firewall or AV-monitoring application...  This I suspect is the problem.  

 

Also. I would really love to know what types of self-teaching programs you have available or now about which I could use to help identify problems without coming here...

 

 

Thank you!!

Paul

 

 

 

Here is a partial Speccy printout... I had run selective startup in trying to fix some issues (namely that I could not install Microsoft Security Essentials), so this is why I have a lot of services not enabled.

 

Summary
Operating System
Windows 7 Ultimate 64-bit SP1
CPU
Intel Core i5 2430M @ 2.40GHz 52 °C
Sandy Bridge 32nm Technology
RAM
6.00GB Dual-Channel DDR3 @ 665MHz (9-9-9-24)
Motherboard
ASUSTeK Computer Inc. U56E (CPU 1) 51 °C
Graphics
Generic PnP Monitor (1366x768@60Hz)
WDE LCM-17v2 (1280x1024@60Hz)
Intel HD Graphics 3000 (ASUStek Computer Inc)
Storage
596GB Hitachi HTS547564A9E384 (SATA) 35 °C
931GB Western Digital WD My Book 1110 USB Device (USB)
Optical Drives
MATbleepA DVD-RAM UJ8A2ASW
MagicISO Virtual DVD-ROM0000
Audio
Realtek High Definition Audio
Operating System
Windows 7 Ultimate 64-bit SP1
Computer type: Notebook
Installation Date: 3/31/2014 6:04:30 PM
Serial Number: FJGCP-4DFJD-GJY49-VJBQ7-HYRR2
Windows Security Center
User Account Control (UAC) Enabled
Notify level 2 - Default
Firewall Enabled
Antivirus Disabled
Windows Update
AutoUpdate Not configured
Windows Defender
Windows Defender Enabled
.NET Frameworks installed
v4.5 Full
v4.5 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 9.0.8112.16421
PowerShell
Version 2.0
Java
Java Runtime Environment
Path C:\Program Files (x86)\Java\jre7\bin\java.exe
Version 7.0
Update 71
Build 14
Java Runtime Environment
Path C:\Program Files\Java\jre7\bin\java.exe
Version 7.0
Update 67
Build 01
Environment Variables
USERPROFILE C:\Users\caleb
SystemRoot C:\Windows
User Variables
GPA_INCLUDE_DIR C:\Program Files\Intel\GPA\4.3\sdk\include
GPA_LIBRARY_DIR C:\Program Files\Intel\GPA\4.3\sdk\libs
PATH C:\Anaconda;C:\Anaconda\Scripts;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Users\caleb\Desktop\Nirlauncher\SYSINTERNALS;C:\Program Files\Mercurial
TEMP C:\Users\caleb\AppData\Local\Temp
TMP C:\Users\caleb\AppData\Local\Temp
Machine Variables
ANDROID_SDK_HOME C:\android-sdk
APR_ICONV1_PATH
asl.log Destination=file
ComSpec C:\Windows\system32\cmd.exe
devmgr_show_nonpresent_devices 1
FP_NO_HOST_CHECK NO
NUMBER_OF_PROCESSORS 4
OS Windows_NT
Path C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
C:\ProgramData\Oracle\Java\javapath
C:\Windows\System32\WindowsPowerShell\v1.0
C:\Program Files\Intel\WiFi\bin
C:\Program Files\Common Files\Intel\WirelessCommon
C:\Program Files (x86)\QuickTime\QTSystem
c:\_server\apache24
c:\_server\apache24\bin
C:\_Server\php
C:\Program Files (x86)\Git\cmd
C:\Anaconda
C:\Anaconda\scripts
C:\Anaconda\Lib\site-packages\PyQt4
C:\Anaconda\DLLs
C:\Anaconda\LIB
C:\Program Files\Calibre2
C:\Program Files\ImageMagick-6.8.7-Q16
C:\opt\gtk\bin
C:\Users\caleb\Desktop\Nirlauncher\SYSINTERNALS
C:\Program Files\OpenVPN\bin
C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86
C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
C:\android-sdk\platform-tools
C:\Program Files\VideoLAN\VLC
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.py;.pyw
PROCESSOR_ARCHITECTURE AMD64
PROCESSOR_IDENTIFIER Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
PROCESSOR_LEVEL 6
PROCESSOR_REVISION 2a07
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
PYTHONPATH c:\anaconda\
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
VBOX_MSI_INSTALL_PATH C:\Program Files\Oracle\VirtualBox\
windir C:\Windows
windows_tracing_flags 3
windows_tracing_logfile C:\BVTBin\Tests\installpackage\csilogfile.log
Battery
AC Line Online
Battery Charge % 98 %
Battery State High
Remaining Battery Time Unknown
Power Profile
Active power scheme Gaming Mode Power Plan
Hibernation Disabled
Turn Off Monitor after: (On AC Power) Never
Turn Off Monitor after: (On Battery Power) Never
Turn Off Hard Disk after: (On AC Power) Never
Turn Off Hard Disk after: (On Battery Power) Never
Suspend after: (On AC Power) Never
Suspend after: (On Battery Power) Never
Screen saver Disabled
Uptime
Current Session
Current Time 1/4/2015 10:55:52 PM
Current Uptime 6,613 sec (0 d, 01 h, 50 m, 13 s)
Last Boot Time 1/4/2015 9:05:39 PM
Services
Running Application Experience
Running Application Information
Running Base Filtering Engine
Running CNG Key Isolation
Running COM+ Event System
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running DNS Client
Running Extensible Authentication Protocol
Running Group Policy Client
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Office Software Protection Platform
Running Plug and Play
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Backup
Running Windows Defender
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Management Instrumentation
Running Windows Update
Running WLAN AutoConfig
Running WMI Performance Adapter
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Adobe Acrobat Update Service
Stopped Adobe Flash Player Update Service
Stopped Adobe SwitchBoard
Stopped AFBAgent
Stopped Apache2.4
Stopped Apple Mobile Device
Stopped Application Identity
Stopped Application Layer Gateway Service
Stopped Application Management
Stopped ASLDR Service
Stopped ASP.NET State Service
Stopped ATKGFNEX Service
Stopped Background Intelligent Transfer Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Support Service
Stopped BranchCache
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped Computer Browser
Stopped Credential Manager
Stopped Diagnostic Service Host
Stopped Diagnostic System Host
Stopped Disk Defragmenter
Stopped Distributed Link Tracking Client
Stopped Distributed Transaction Coordinator
Stopped Encrypting File System (EFS)
Stopped Function Discovery Provider Host
Stopped Function Discovery Resource Publication
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Google Updater Service
Stopped Health Key and Certificate Management
Stopped HomeGroup Listener
Stopped HomeGroup Provider
Stopped Human Interface Device Access
Stopped Intel Content Protection HECI Service
Stopped Intel Integrated Clock Controller Service - Intel ICCS
Stopped Intel PROSet/Wireless Event Log
Stopped Intel PROSet/Wireless Registry Service
Stopped Intel PROSet/Wireless Zero Configuration Service
Stopped Intel Turbo Boost Technology Monitor 2.6
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped Internet Pass-Through Service
Stopped iPod Service
Stopped IPsec Policy Agent
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped Logitech Bluetooth Service
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft Antimalware Service
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Network Inspection
Stopped Microsoft SharePoint Workspace Audit Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Mozilla Maintenance Service
Stopped Multimedia Class Scheduler
Stopped MySQL
Stopped Nalpeiron Licensing Service
Stopped Net.Msmq Listener Adapter
Stopped Net.Pipe Listener Adapter
Stopped Net.Tcp Listener Adapter
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office 64 Source Engine
Stopped Offline Files
Stopped OpenVPN Service
Stopped Parental Controls
Stopped Peer Name Resolution Protocol
Stopped Peer Networking Grouping
Stopped Peer Networking Identity Manager
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Portable Device Enumerator Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Reimage Real Time Protector
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Desktop Services UserMode Port Redirector
Stopped Remote Packet Capture Protocol v.0 (experimental)
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped SPP Notification Service
Stopped Tablet PC Input Service
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped UPnP Device Host
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Driver Foundation - User-mode Driver Framework
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Image Acquisition (WIA)
Stopped Windows Installer
Stopped Windows Media Player Network Sharing Service
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped Windows Search
Stopped Windows Time
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped Wireless PAN DHCP Server
Stopped WWAN AutoConfig

Edited by pjvex86, 04 January 2015 - 11:58 PM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:16 AM

Posted 05 January 2015 - 06:19 PM

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 pjvex86

pjvex86
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 06 January 2015 - 12:34 AM

I.  Results of Security Check:

 

 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File  
 TuneUp Utilities Language Pack (en-US) 
 Java 7 Update 71  
 Java 7 Update 67  
  Adobe Flash Player 15.0.0.246 Flash Player out of Date!
 Mozilla Firefox (34.0.5) 
 Google Chrome (39.0.2171.71) 
 Google Chrome (39.0.2171.95) 
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log``````````````````````
 
-------------
NOTE:  My hosts file has many entries... some to avoid malware or adware, others because I occasionally run a LAMP server, and lastly because I have a cracked version of Adobe CS6 Creative Suite (or some applications included in it), so certain adobe registration servers are blocked....  My hosts file has been virtually the same from a month after I purchased this laptop about three years ago.  Aside from the potential risks of using P2P networks (of which I am aware and further, do not use that frequently), this Adobe software and these corresponding entries in the HOSTS file cannot now be the cause of whatever problem I seem to be having.
-------------
 
II. Results of the Farbar Service Scanner
 

Farbar Service Scanner Version: 21-07-2014
Ran by caleb (administrator) on 05-01-2015 at 23:02:02
Running from "C:\Users\caleb\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****

 

III.  Results of the Mini ToolBox Scan:

[This is a little bit of a mess... I see a common error which was partly the reason I started trying to repair this laptop: I was unable to install Microsoft Security Essentials as an AV application.  I tried everything.]

 

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by caleb (administrator) on 05-01-2015 at 23:05:01
Running from "C:\Users\caleb\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
"extensions.preferencesmonitor.revonstrg", "{\"extensions.autoDisableScopes\":15,\"general.useragent.compatMode.firefox\":false,\"browser.newtab.preload\":true,\"browser.startup.homepage\":\"chrome://branding/locale/browserconfig.properties\",\"keyword.enabled\":true,\"general.useragent.site_specific_overrides\":true,\"network.proxy.autoconfig_url\":\"\",\"browser.startup.page\":1,\"browser.newtab.url\":\"about:newtab\",\"general.useragent.locale\":\"en-US\",\"general.useragent.override\":null}"
========================= Hosts content: =================================
 
::1             localhost
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
127.0.0.1 zzzz.
127.0.0.1       localhost
127.0.0.1       localhost
127.0.0.1 neurozap
127.0.0.1 zap
127.0.0.1 nzphp
127.0.0.1 www
127.0.0.1 bleepup
127.0.0.1 phplearn
127.0.0.1 oldsite
127.0.0.1 demo
127.0.0.1 mystart.incredibar.com
127.0.0.1 applian.securesites.com
127.0.0.1   www.applian.securesites.com
127.0.0.1 adobe.com.d1.sc.omtrdc.net, stats.adobe.com
127.0.0.1 products.wip4.adobe.com
127.0.0.1 www.wip4.adobe.com
127.0.0.1   activate.adobe.com
127.0.0.1 adobe.activate.com     127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate.wip3.adobe.com
 
There are 23033 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
Atheros AR9271 Wireless Network Adapter = Atheros (Connected)
Intel® Centrino® Wireless-N 6150 = Native Wireless NIC (Hardware not present)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Wired ISP Connection (Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 4 (Hardware not present)
TAP-Windows Adapter V9 = VPN (Hardware not present)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Hardware not present)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled taskoffload=disabled
add route prefix=10.11.0.0/24 interface="iftype0_0" nexthop=192.168.99.1 metric=1 publish=Yes
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : SYNAPSE
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Atheros:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Atheros AR9271 Wireless Network Adapter
   Physical Address. . . . . . . . . : 02-33-B7-CE-33-D1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.7(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, January 05, 2015 9:21:33 PM
   Lease Expires . . . . . . . . . . : Tuesday, January 06, 2015 9:21:37 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4009:805::1008
 216.58.216.206
 216.58.216.192
 
 
Pinging google.com [173.194.46.104] with 32 bytes of data:
Reply from 173.194.46.104: bytes=32 time=12ms TTL=54
Reply from 173.194.46.104: bytes=32 time=12ms TTL=54
 
Ping statistics for 173.194.46.104:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 12ms, Average = 12ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=58ms TTL=45
Reply from 98.139.183.24: bytes=32 time=55ms TTL=45
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 55ms, Maximum = 58ms, Average = 56ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...02 33 b7 ce 33 d1 ......Atheros AR9271 Wireless Network Adapter
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.7     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.7    281
      192.168.1.7  255.255.255.255         On-link       192.168.1.7    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.7    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.7    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.7    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
        10.11.0.0    255.255.255.0     192.168.99.1       1
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/05/2015 09:35:40 PM) (Source: Microsoft Security Client Setup) (User: SYNAPSE)
Description: HRESULT:0x80070645
Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x80070645. This action is only valid for products that are currently installed.
 
Error: (01/05/2015 09:21:23 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
 
Error: (01/05/2015 09:21:23 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
 
Error: (01/05/2015 09:21:23 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
 
Error: (01/05/2015 01:39:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/05/2015 01:39:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/05/2015 01:37:48 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (01/04/2015 10:20:35 PM) (Source: Microsoft Security Client Setup) (User: SYNAPSE)
Description: HRESULT:0x80070645
Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x80070645. This action is only valid for products that are currently installed.
 
Error: (01/04/2015 09:12:57 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
 
Error: (01/04/2015 09:12:57 PM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
 
 
System errors:
=============
Error: (01/05/2015 09:18:30 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a29\??\C:\Users\caleb\ntuser.dat
 
Error: (01/05/2015 09:18:13 PM) (Source: Service Control Manager) (User: )
Description: The Reimage Real Time Protector service failed to start due to the following error: 
%%2
 
Error: (01/05/2015 09:18:00 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error: 
%%1053
 
Error: (01/05/2015 09:18:00 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.
 
Error: (01/05/2015 09:17:09 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (01/05/2015 09:17:09 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (01/05/2015 09:17:03 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (01/05/2015 09:15:24 PM) (Source: Service Control Manager) (User: )
Description: The Reimage Real Time Protector service failed to start due to the following error: 
%%2
 
Error: (01/05/2015 09:15:17 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error: 
%%1053
 
Error: (01/05/2015 09:15:17 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.
 
 
Microsoft Office Sessions:
=========================
Error: (01/05/2015 09:35:40 PM) (Source: Microsoft Security Client Setup)(User: SYNAPSE)
Description: HRESULT:0x80070645
Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x80070645. This action is only valid for products that are currently installed.
 
Error: (01/05/2015 09:21:23 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name43900
 
Error: (01/05/2015 09:21:23 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name25900
 
Error: (01/05/2015 09:21:23 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name17900
 
Error: (01/05/2015 01:39:13 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"c:\program files (x86)\Last.fm\ext_skypenotify.dll
 
Error: (01/05/2015 01:39:13 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"c:\program files (x86)\Last.fm\ext_messengernotify.dll
 
Error: (01/05/2015 01:37:48 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe
 
Error: (01/04/2015 10:20:35 PM) (Source: Microsoft Security Client Setup)(User: SYNAPSE)
Description: HRESULT:0x80070645
Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x80070645. This action is only valid for products that are currently installed.
 
Error: (01/04/2015 09:12:57 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name43900
 
Error: (01/04/2015 09:12:57 PM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path name25900
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-01-03 20:31:48.121
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-03 20:31:48.059
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-03 20:31:47.996
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-03 20:31:47.934
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-16 03:42:11.353
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-16 03:42:11.306
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-16 03:42:11.259
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-16 03:42:11.228
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-07 15:25:04.814
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-07 15:25:04.783
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
 
=========================== Installed Programs ============================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Android ADB Fastboot (HKLM-x32\...\{7702CBCB-D7E0-45F3-BE1C-1B17A54A1E63}) (Version: 1.2 - ajua Custom Installers)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version:  - )
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.22 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{AECA3622-E634-4A55-A696-70A511CBE06E}) (Version: 2.0.3 - AsusTek Computer Inc.)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 8.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
AutoGroup Editor (HKLM-x32\...\AutoGroup Editor) (Version:  - )
AviSynth 2.5 (HKLM-x32\...\Avisynth) (Version:  - )
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Beyond Compare 3.3.8 (HKCU\...\BeyondCompare3_is1) (Version: 3.3.8.16340 - Scooter Software)
Boris Continuum Complete 8 for Adobe CS5 - CS6 (HKLM\...\{9CC0D070-A258-4A20-953B-6370833D8B10}) (Version: 8.1.0.1 - Boris FX, Inc.)
Buena Depth Cue version 2.5 (HKLM-x32\...\{3208B7AA-CF07-4584-A90B-4A37F76384F0}_is1) (Version: 2.5 - Digieffects)
Bulk Rename Utility 2.7.1.2 (HKLM\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
calibre 64bit (HKLM\...\{F914E24C-BFF9-4D72-9775-60126B4BC51E}) (Version: 2.15.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CINEMA 4D 15.057 (HKLM\...\MAXON12664043) (Version: 15.057 - MAXON Computer GmbH)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
Damage version 2.5 (HKLM-x32\...\{03D0FE1B-9788-418C-A95E-DA7D4376F82C}_is1) (Version: 2.5 - Digieffects)
dBpoweramp [ReplayGain] Codec (HKLM-x32\...\dBpoweramp [ReplayGain] Codec) (Version: Release 2 - Illustrate)
dBpoweramp AAC Encoder (HKLM-x32\...\dBpoweramp AAC Encoder) (Version:  - )
dBpoweramp CLI Encoder (HKLM-x32\...\dBpoweramp CLI Encoder) (Version:  - )
dBpoweramp Dalet Codec (HKLM-x32\...\dBpoweramp Dalet Codec) (Version:  - )
dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: Release 8 - Illustrate)
dBpoweramp FLAC Codec (HKLM-x32\...\dBpoweramp FLAC Codec) (Version:  - )
dBpoweramp m4a FDK (AAC) Encoder (HKLM-x32\...\dBpoweramp m4a FDK (AAC) Encoder) (Version: Release 2.1  (FDK v0.1.3) - Illustrate)
dBpoweramp m4a Utilities (HKLM-x32\...\dBpoweramp m4a Utilities) (Version:  - )
dBpoweramp m4b Audio book Encoder (HKLM-x32\...\dBpoweramp m4b Audio book Encoder) (Version:  - )
dBpoweramp Midi Decoder (HKLM-x32\...\dBpoweramp Midi Decoder) (Version:  - )
dBpoweramp Mp2 and BwfMp2 codec (HKLM-x32\...\dBpoweramp Mp2 and BwfMp2 codec) (Version:  - )
dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 14.3 - Illustrate)
dBpoweramp Ogg Vorbis Codec (HKLM-x32\...\dBpoweramp Ogg Vorbis Codec) (Version: Release 23 (Vorbis v1.3.3) - Illustrate)
dBpoweramp Windows Media Audio 10 Codec (HKLM-x32\...\dBpoweramp Windows Media Audio 10 Codec) (Version: Release 8 - Illustrate)
Definition Update for Microsoft Office 2010 (KB2910899) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4A25440C-70D7-45A3-881E-92DD0D6C0BDB}) (Version:  - Microsoft)
Delirium version 2.5 (HKLM-x32\...\{0D30434C-07D5-4DE7-BD2D-29B2CC1AB68E}_is1) (Version: 2.5 - Digieffects)
Dropbox (HKCU\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Duplicate File Detector v4.7.0 (October-25-2009) (HKLM-x32\...\Duplicate File Detector_is1) (Version: 4.7.0 - AL Softwate Team)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Effects Suite 64-bit (HKLM-x32\...\InstallShield_{B7765C3D-27EE-4AA8-BB54-D88285D128A0}) (Version: 10.0.2 - Red Giant Software)
Effects Suite 64-bit (Version: 10.0.2 - Red Giant Software) Hidden
Ethergrouik (HKLM-x32\...\Ethergrouik) (Version:  - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.4.9.0 - Telerik)
Fiddler Syntax-Highlighting Addons (HKLM-x32\...\FiddlerSyntaxAddons) (Version:  - )
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Flash Keep FullScreen version 1.1.0 (HKLM-x32\...\{A32F064E-4F08-4159-B7AD-0790114887E7}_is1) (Version: 1.1.0 - Clangen)
FOCA Free (HKLM-x32\...\{B66CFB02-1CF0-41E8-AA79-8C7FA8BEC0FF}) (Version: 3.0.0 - Informatica64)
foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)
FreeCommander 2009.02b (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Git version 1.8.1.2-preview20130201 (HKLM-x32\...\Git_is1) (Version: 1.8.1.2-preview20130201 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{95763F66-297E-30CE-9728-6D0F20BF97F5}) (Version: 5.38.5.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
High-Logic FontCreator 6.5 (HKLM-x32\...\FontCreator6_is1) (Version:  - High-Logic B.V.)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.007 - HTC Corporation)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Imagenomic Noiseware 5.0 Plug-in (build 5007) (HKLM\...\ImagenomicNoisewarePlugin) (Version:  - )
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version:  - )
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel® Management Engine Components (Version: 10.0.25.1036 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version:  - )
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
iZotope RX (HKLM-x32\...\iZotope RX_is1) (Version: 1.00 - iZotope, Inc.)
iZotope Trash 2 (HKLM-x32\...\iZotope Trash 2_is1) (Version: 2.00 - iZotope, Inc.)
iZotope Vinyl (HKLM-x32\...\iZotope Vinyl_is1) (Version: 1.61 - iZotope, Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - )
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
JGsoft RegexBuddy 3 v.3.2.1 (HKLM-x32\...\RegexBuddy 3) (Version: v.3.2.1 - JGsoft)
Keying Suite 64-bit (HKLM-x32\...\InstallShield_{C6A6C665-F8D7-4CAD-942A-5D2A5C8F5133}) (Version: 11.0.1 - Red Giant Software)
Keying Suite 64-bit (Version: 11.0.1 - Red Giant Software) Hidden
K-Lite Codec Pack 10.5.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.0 - )
Last.fm Scrobbler 2.1.30 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Laubwerk Plants Kit 2 (HKLM-x32\...\Laubwerk) (Version: 1.0.6 - Laubwerk GmbH)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{3C09DE13-867C-4289-9F95-4510BB3A5F57}) (Version: 11.4.0 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.4.0 - Red Giant Software) Hidden
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Media Preview (HKLM\...\{9EE88DE0-9E1C-43E5-9827-4C3EEB0DDE5E}) (Version: 1.3.1.343 - BabelSoft)
MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MorphDesigner (HKLM-x32\...\MorphDesigner) (Version:  - )
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mp3tag v2.64 (HKLM-x32\...\Mp3tag) (Version: v2.64 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
MySQL Server 5.5 (HKLM-x32\...\{33933681-9A64-4A5C-97F5-4F6AEDB9FA0F}) (Version: 5.5.20 - Oracle Corporation)
NF VST 32-bit Installer (HKLM-x32\...\NF VST 32-bit Installer1.0.11) (Version: 1.0.11 - Nomad Factory)
NF VST 64-bit Installer (HKLM-x32\...\NF VST 64-bit Installer1.0.11) (Version: 1.0.11 - Nomad Factory)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
OpenVPN 2.3.3-I001  (HKLM\...\OpenVPN) (Version: 2.3.3-I001 - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Perfect Photo Suite 8 (HKLM-x32\...\{54F3375C-5F19-4DE6-957B-EDE4EFEA5F23}) (Version: 8.1.0 - onOne Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pismo File Mount Audit Package (HKLM\...\PismoFileMountAuditPackage) (Version:  - )
PowerTools Lite 2013 (HKLM-x32\...\PowerTools Lite 2011) (Version:  - Macecraft Software)
Protected Music Converter 1.7 (HKLM-x32\...\Protected Music Converter_is1) (Version: 1.7 - WMA-MP3.com)
PSD Codec by Ardfry Imaging, LLC (32 bit) (x32 Version: 1.0.8.0 - Ardfry Imaging, LLC) Hidden
PSD Codec by Ardfry Imaging, LLC (64 bit) (Version: 1.0.8.0 - Ardfry Imaging, LLC) Hidden
PSD CODEC Version 1.4.1.0 (HKLM\...\Ardfry PSD CODEC_is1) (Version: 1.4.1.0 - Ardfry Imaging, LLC)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Quark Update (HKLM-x32\...\{82154114-943B-4A6F-9B20-073C9573E93E}) (Version: 1.0.0.1 - Quark, Inc.)
QuarkXPress (HKLM-x32\...\{CE949716-2A5A-40F2-BA31-54CE71B37FE5}) (Version: 9.1.0.0 - Quark Inc.)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
Replay Video Capture (HKLM-x32\...\Replay Video Capture3.1B) (Version: 3.1B - Applian Technologies Inc.)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Speccy (HKLM\...\Speccy) (Version: 1.27 - Piriform)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Topaz Clean 3 (64-bit) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz DeJpeg 4 (64-bit) (Version: 4.0.2 - Topaz Labs) Hidden
Topaz Detail 2 (64-bit) (Version: 2.0.5 - Topaz Labs) Hidden
Topaz InFocus (64-bit) (Version: 1.0.0 - Topaz Labs) Hidden
Topaz Simplify 3 (64-bit) (Version: 3.0.2 - Topaz Labs) Hidden
Touchpad Blocker (HKLM-x32\...\Touchpad Blocker) (Version: 2.9 - KARPOLAN)
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{BA357941-25A7-410C-A47E-9AAF7DE1248B}) (Version: 12.0.0 - Red Giant Software)
Trapcode Suite 64-bit (Version: 12.0.0 - Red Giant Software) Hidden
TuneUp Utilities Language Pack (en-US) (x32 Version: 12.0.2160.13 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 64-Bit Edition (HKLM\...\{90140000-0016-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7F57246-AFBD-4977-974F-9C7BCDFF648E}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7F57246-AFBD-4977-974F-9C7BCDFF648E}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 64-Bit Edition (HKLM\...\{90140000-001B-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7F57246-AFBD-4977-974F-9C7BCDFF648E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B340E9EB-DDA6-40E7-8501-5B7BAEC6D25F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597089) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{2CE7AC23-5E40-43BD-8DA3-8D17677D8199}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{9505441B-65A1-4AD5-B727-0CE42D24D2B7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{69CF587A-D75B-47F8-9D59-3958C37C0A88}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{69CF587A-D75B-47F8-9D59-3958C37C0A88}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{956B3213-0246-42A8-A6FE-3EF7DC6E66A9}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889818) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8F8930D5-8742-437E-BD53-366A0372E882}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889818) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8F8930D5-8742-437E-BD53-366A0372E882}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0BD1F50F-19CE-40F8-B409-18CA5BD6E52D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{569742BC-C32F-4C9C-9B21-18409AFF9599}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{512A0E32-6C63-4C73-9C82-FC1B10668ED8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2597088) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B28BBA96-A9B0-4946-839D-36771176F8FD}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2597088) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B28BBA96-A9B0-4946-839D-36771176F8FD}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2597088) 64-Bit Edition (HKLM\...\{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C7CCA745-11BC-4F86-951D-4DCB9396CDA2}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2880517) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{50E292AD-677D-4E6F-842A-D226E7B7C8DE}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2880517) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{E524AD3D-6342-41BB-82D9-4EA962839356}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
ValhallaRoom 1.1.0 (HKLM-x32\...\ValhallaRoom_is1) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSFilter 2.41.322 (0c3a1ea) Nightly (HKLM-x32\...\vsfilter_is1) (Version: 2.41.322 - MPC-HC Team)
WebP Codec for Windows 0.19 (HKLM\...\{9D2F4EB8-98AD-4C8B-A0C5-4C114B3F1287}) (Version: 0.19.9 - Google Inc)
Windows 7 Manager (HKLM\...\{856821E0-53DC-4B7B-9574-2869DC2EC55C}) (Version: 4.4.4 - Yamicsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.2 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C9}) (Version: 16.0.9686 - WinZip Computing, S.L. )
WM Recorder (HKLM-x32\...\WM Recorder14.11.3) (Version: 14.11.3 - AllAlex, Inc)
 
========================= Devices: ================================
 
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Intel® Centrino® Wireless-N 6150
Description: Intel® Centrino® Wireless-N 6150
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Intel® Centrino® Wireless-N + WiMAX 6150
Description: Intel® Centrino® Wireless-N + WiMAX 6150
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Description: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 44%
Total physical RAM: 6049.13 MB
Available physical RAM: 3374.69 MB
Total Pagefile: 12096.45 MB
Available Pagefile: 9106.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.63 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:521.54 GB) (Free:57.9 GB) NTFS
4 Drive g: (Seagate FreeAgent) (Fixed) (Total:864.13 GB) (Free:128.3 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\SYNAPSE
 
Administrator            caleb                    Guest                    
 
========================= Restore Points ==================================
 
17-12-2014 12:51:49 Configured Microsoft Office Professional Plus 2010
25-12-2014 14:05:11 Scheduled Checkpoint
25-12-2014 19:20:53 Installed calibre 64bit
01-01-2015 21:50:32 Scheduled Checkpoint
03-01-2015 16:42:15 Installed Java 7 Update 71
03-01-2015 19:28:15 Installed calibre 64bit
04-01-2015 16:25:55 Removed Wireless Console 3
04-01-2015 16:31:43 Removed Evil Foca
04-01-2015 16:37:43 Removed Sawbuck
04-01-2015 18:44:43 Removed CustomEffects Installer
05-01-2015 00:12:53 Installed Privatefirewall 7.0
05-01-2015 01:52:35 Installed Microsoft CAPICOM 2.1.0.2 SDK
05-01-2015 02:07:34 Removed Privatefirewall 7.0
05-01-2015 02:12:44 Installed Privatefirewall 7.0
05-01-2015 02:16:16 Removed Privatefirewall 7.0
05-01-2015 03:20:28 Installed Microsoft Fix it 50692
05-01-2015 03:38:49 Restore Point before  was removed using Program Install and Uninstall troubleshooter
05-01-2015 03:50:07 Restore Point before  was removed using Program Install and Uninstall troubleshooter
05-01-2015 04:00:23 Restore Point before Name not available was removed using Program Install and Uninstall troubleshooter
05-01-2015 05:06:15 Windows Update
 
**** End of log ****
 

IV. MBAM SCAN (PENDING)... Will Post the MBAM Log and additional requested diagnostics/logs in the next reply.

 

[Thank you very much for your help!!! And what better way to thank you than in Comic Sans!!]

 



#4 pjvex86

pjvex86
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 06 January 2015 - 04:33 AM

IV. MBAM Scan Results

 

Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 1/5/2015
Scan Time: 11:24:09 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.01.06.01
Rootkit Database: v2014.12.30.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: caleb
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 426373
Time Elapsed: 54 min, 17 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
V. MBAM Anti-Rootkit Scan Results
 
To my surprise, there were no problems reported with this scan.
 
VI. RKill Results
[Other than my already acknowledged ugly HOSTS file, this didn't seem to report anything catastrophic... but I will let you review these things]
 
Rkill 2.6.9 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 01/06/2015 03:15:24 AM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Windows\SysWOW64\ACEngSvr.exe (PID: 2648) [WD-HEUR]
 * C:\Users\caleb\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (PID: 3372) [UP-HEUR]
 
2 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * taskmgr.exe debugger. [IFEO Debugger Deleted]
 
Backup Registry file created at:
 C:\Users\caleb\Desktop\rkill\rkill-01-06-2015-03-15-32.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
  127.0.0.1       localhost
  ::1             localhost
  127.0.0.1 neurozap
  127.0.0.1 zap
  127.0.0.1 nzphp
  127.0.0.1 www
  127.0.0.1 bleepup
  127.0.0.1 phplearn
  127.0.0.1 oldsite
  127.0.0.1 demo
  127.0.0.1 mystart.incredibar.com
  127.0.0.1 applian.securesites.com
  127.0.0.1   www.applian.securesites.com
  127.0.0.1 adobe.com.d1.sc.omtrdc.net, stats.adobe.com
  127.0.0.1 products.wip4.adobe.com
  127.0.0.1 www.wip4.adobe.com
  127.0.0.1   activate.adobe.com
  127.0.0.1 adobe.activate.com     #probably not valid but just to be safe I have included it
  127.0.0.1 activate-sea.adobe.com
 
  20 out of 23055 HOSTS entries shown.
  Please review HOSTS file for further entries.
 
Program finished at: 01/06/2015 03:18:32 AM
Execution time: 0 hours(s), 3 minute(s), and 7 seconds(s)
 
 
 
AGAIN... THANK YOU VERY MUCH FOR YOUR TIME!     :clapping: 


#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:16 AM

Posted 06 January 2015 - 11:08 AM

p22002970.gif I don't see any AV program running.

Install ONE of these:

- Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html

- free Microsoft Security Essentials: http://windows.microsoft.com/en-GB/windows/products/security-essentials
Note for Windows 8 users: Microsoft Security Essentials comes preinstalled and renamed as Windows Defender.
You can keep it or you have to disable it before installing another AV program.  How to...

- free Comodo Antivirus: http://www.comodo.com/home/internet-security/antivirus.php

Update, run full scan, report on any findings.
 

Then...

 

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


p22002970.gif Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 pjvex86

pjvex86
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 07 January 2015 - 01:17 PM

I realize I need an AV application, and that is one of the factors or events that brought me here.  I was very happy with Microsoft Security Essentials—even though I know it is not the best.  I liked it because it was ad free and had no additional bundled software as so many freeware applications do.   BUT...I cannot seem to install Microsoft Security Essentials.  

 

 

Whenever I attempt to install it, I get this install dialog box:

 

g5sNvZ.png

 

 

I have scoured the internet looking for answers, and of course have followed all of Microsoft's proposed solutions—which, by the way all seem to assume it is due to residual pieces of an earlier installation of MSE.  As best I can tell, this is not the case.  Whenever I uninstall anything I start by using Revo Uninstaller Pro (which I paid for), because I know how messed up and congested the registry can get.  I also did supplementary searches in the registry (and filesystem) for anything that might relate to MSE....nothing.

 

Secondly, I did follow Microsoft's instructions to use a particular "FixIt" tool which is supposed to get rid of remaining elements of applications so you can install or re-install some application as the case may be (it is actually a handy little utility in general, as you can use it to check for residual parts of uninstalled programs that not even Revo Uninstaller knows about).

 

I ran the FixIt, and I didn't see MSE anywhere.  There is obviously some reason why I cannot install this....MSE worked fine on my laptop until approximately four months ago.  At the time, I disabled it because I was running MBAM... Unfortunately, I forgot to turn it on for about a week.  Upon re-activating it, I get a notice that there was an update available.  I downloaded the update, and got this install error (above)...and have been unable to install it ever since.  I don't know if you can help me resolve this issue or not (especially because it is Microsoft, who historically has caused more than their share of AV vulnerabilities and problems to begin with). But if you can help me get this installed, that would be amazing.

 

 But also, for learning purposes, let me just continue describing what I found in the course of using this "FixIt" Utility.  What I saw was one of the reasons I ended up coming to BP.  The things I saw were very strange.  I may be wrong and it may be nothing, but let me describe them to you.

 

So continuing, I didn't see MSE in the FixIt listing of applications.... but I did see some items I didn't really feel comfortable with—specifically entries which state "Name not available":  

 

Here is a screenshot:

 

skiS1J.pngis

 

First, let me say that I have seen things like this before.  Awhile back I was having some issues installing Java... I ended up researching and finally found this FixIt utility which helped me with my java installation.  However, At the time I saw some similar entries to the ones above.... I ran the FixIt utility on these nameless applications and they were eliminated.... so that is why I saw it is a good tool.

 

Because of that experience, I figured these things were taking up space at minimum, or at worst, were malicious and cleverly concealing themselves in this part of Windows...

 

So I selected one of these "Name Not Available" entries and ran FixIt to try and "Uninstall it".  After attempting to uninstall it, I get the following screen:

 

H0efb5.png

 

 

The red arrow is the error (obviously).  The report (indicated by the blue arrow) I figured would provide some additional information. [Note: sorry about all of the arrows...]

 

I ran this report and the results were strange.  [Keep in mind I am teeling you all of this to see what your skilled opinion is.]

 

When I run the report, it opens up an html file that has already been saved on my hard drive at file:///C:/Users/caleb/AppData/Local/Temp/MATS-Temp/ResultReport/ResultReport.html#IDAO1LZBIDAW1LZB

 

.The report looks like this....

 

jjd7NX.png

 

 

I also clicked on the two links (as shown by the blue arrow).  "Corrupt patch Registry Key" and "Problem Registry Key" hoping at least it might reference a registry key which at least might explain what this peculiar "Name Not Available" entry in the FixIt utility is so I could examine it further.

 

When I click on either or bothof those links... I get some really bizarre overlaid text... Like this:

 

 

 

Nqzg4p.png

 

I used Firebug on the page (and also looked at the source) to see where these weird characters were coming from... and it looked as if some javascript had been injected into the page.  I don't know if it is obfuscating the registry key (which is what I suspected), but it was just very, very strange (to me).  Definitely not normal for a microsoft report.

 

So....  I don't know if I am being paranoid or if the items above seem suspicious to you as well... but I guess I would like to know if there is anything you would suggest....

 

It really is two separate questions:  (1) Is there any assistance you can give me to help me install Microsoft Security Essentials.... and (2) Do the "Name Not Available" entries in the "FixIt" utility and the resulting bizarre report seem suspicious to you and is there anything you can suggest?

 

Regarding #1:  I could pursue this with Microsoft.  However I have used Microsoft in the past and they are generally unhelpful (unless you are paying $29.95 every five minutes on the phone...then they are more useful).  But considering Microsoft is taking the position that these "cannot install MSE issues" are all due to the fact that some part of MSE is still installed on my computer—when I am almost 99% sure it is not, I do not think Microsoft will provide any additional support to help me install their MSE application, especially because it is free. 

 

So on the MSE installation issue, if there is anything you can recommend (another diagnostic or something else....) to further investigate this, I'd be grateful.  If however, because this is crazy Micorsoft bleep that you cannot really diagnose or fix, I'd understand that as well.  If you cannot help with MSE, do you have a particular preference for a low-hassle AV application (that does not come bundled with additional freeware), from among the ones you listed earlier?  I started to install Comodo until I saw it had some additional application called "Geek Buddy", which just turned me off (I hate freeware that bundles a ton of other stuff).  At that point I uninstalled Comodo and decided to bring up this whole issue with Microsoft Security Essentials. 

 

If we go that direction (if you suggest just using another AV application), I will install whichever application seems best and then proceed with the remaining diagnostics you instructed me to do in your last message.

 

Regarding #2:, if you have any comments or instructions on the "Name not available" entries in the FixIt program and subsequent report, I would love to hear them.

 

 

Thank you! 

 

By the way.....You guys here at BC are really great.... which is also why I asked in my first post if there was any series of steps one needs to take to learn these skills (all of these diagnostic skills and how to use the tools). I realize what you do here is voluntary, but I would enjoy learning the knowledge precisely so I could help others....Please let me know on this.


Edited by pjvex86, 07 January 2015 - 01:31 PM.


#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:16 AM

Posted 07 January 2015 - 04:12 PM

If you want to pursue MSE installation I suggest new topic in Windows forum.

Otherwise install one of other AV programs I suggested above.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users