Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fake svchost in WINDOWS/TEMP created by Sysmainpro. process


  • This topic is locked This topic is locked
8 replies to this topic

#1 mrJinch

mrJinch

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:53 AM

Posted 09 June 2015 - 12:42 PM

A couple days ago I was infected with malware. I cleaned most of it using adwcleaner and malwarebytes but every time I reboot there is a process called Sysmainpro. in my task manager taking around 30-40% CPU. The file location points to an "er.exe" in my C:\WINDOWS\TEMP folder. I delete the file and end the process which lasts until the next reboot. Additionally, Malwarebytes finds fake svchost files being created every reboot as well and marks them as trojans. My situation is very similar to this thread. I ran FRST following the "Preparation Guide" and have attached my log files.

 

Any help with this would be greatly appreciated. Thank you!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Jinchi (administrator) on JDUBZ-VAIOPRO13 on 09-06-2015 13:36:39
Running from C:\Users\Jinchi\Utilities\FRST
Loaded Profiles: Jinchi &  (Available Profiles: Jinchi)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SmartConnectWork.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHT\ChtIME.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Spotify Ltd) C:\Users\Jinchi\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Sony Corporation) C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
() C:\Users\Jinchi\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Jinchi\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-05-06] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392 2013-11-21] (Sony Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [644656 2013-08-17] (McAfee, Inc.)
HKLM-x32\...\Run: [ATLauncher] => C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe [511232 2013-07-23] (McAfee, Inc.)
HKLM-x32\...\Run: [ATUninstallIcon] => C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe [511232 2013-07-23] (McAfee, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKLM-x32\...\Run: [JunosPulse] => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2522672 2014-04-09] (Juniper Networks, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [Google Update] => C:\Users\Jinchi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-18] (Google Inc.)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [MusicManager] => C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7475200 2015-03-31] (Google Inc.)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [MurGee.com Auto Clicker] => C:\Users\Jinchi\AppData\Local\Auto Clicker\AutoClicker.exe [100728 2014-03-11] (MurGee.com)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [Spotify Web Helper] => C:\Users\Jinchi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-09] (Spotify Ltd)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [Amazon Music] => C:\Users\Jinchi\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-24] ()
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [UM] => C:\Users\Jinchi\AppData\Roaming\Update Manager\UM.EXE
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\MountPoints2: {028b20a5-44ad-11e4-bef0-8cae4cfeb861} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\MountPoints2: {15809e70-b8be-11e4-bf23-8cae4cfeb861} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\MountPoints2: {315eba01-6e78-11e4-bf02-8cae4cfeb861} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\MountPoints2: {ca66b404-e627-11e3-bed9-5c514f2e2696} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Jinchi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-18] (Google Inc.)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MusicManager] => C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7475200 2015-03-31] (Google Inc.)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MurGee.com Auto Clicker] => C:\Users\Jinchi\AppData\Local\Auto Clicker\AutoClicker.exe [100728 2014-03-11] (MurGee.com)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Jinchi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-09] (Spotify Ltd)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\Jinchi\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-24] ()
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [UM] => C:\Users\Jinchi\AppData\Roaming\Update Manager\UM.EXE
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {028b20a5-44ad-11e4-bef0-8cae4cfeb861} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {15809e70-b8be-11e4-bf23-8cae4cfeb861} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {315eba01-6e78-11e4-bf02-8cae4cfeb861} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ca66b404-e627-11e3-bed9-5c514f2e2696} - "E:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-01-31]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-12-01] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2012-07-12] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jinchi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001: @talk.google.com/O1DPlugin -> C:\Users\Jinchi\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jinchi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\Jinchi\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jinchi\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jinchi\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
 
Chrome: 
=======
CHR Profile: C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2013-11-30]
CHR Extension: (Angry Birds) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-11-30]
CHR Extension: (Theme Creator) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2013-11-30]
CHR Extension: (Google Docs) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-30]
CHR Extension: (Google Drive) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-30]
CHR Extension: (JAM with Chrome) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bggjdpbfjakfkacljidachigalghbnpk [2013-11-30]
CHR Extension: (YouTube) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-30]
CHR Extension: (Google Search) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-30]
CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2013-11-30]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2013-11-30]
CHR Extension: (AdBlock) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-28]
CHR Extension: (Cut the Rope) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2013-11-30]
CHR Extension: (Bookmark Manager) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2013-11-30]
CHR Extension: (Icy Power Blue) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkjgeljmhnbdebajdlipnfpmiemllaam [2014-03-24]
CHR Extension: (Facebook Unseen) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop [2013-12-31]
CHR Extension: (StayFocusd) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2014-09-04]
CHR Extension: (Reload All Tabs) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\midkcinmplflbiflboepnahkboeonkam [2013-11-30]
CHR Extension: (No Name) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-06-09]
CHR Extension: (Google Wallet) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-30]
CHR Extension: (Gmail) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-30]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-03-15] (Intel)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-09-06] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2014-12-14] (NETGEAR)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [339456 2013-05-10] (Pharos Systems International) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-09-19] (Sony Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113664 2013-12-16] (ASIX Electronics Corp.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-29] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-17] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2013-11-28] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R1 jnprns; C:\Windows\system32\DRIVERS\jnprns.sys [506160 2014-03-13] (Juniper Networks)
S4 jnprTdi_803_44983; C:\WINDOWS\system32\Drivers\jnprTdi_803_44983.sys [108344 2014-04-09] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\system32\DRIVERS\jnprva.sys [30072 2014-03-13] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\system32\DRIVERS\jnprvamgr.sys [45352 2014-03-13] (Juniper Networks, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-09] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3482600 2014-11-06] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3648480 2013-08-30] (Intel Corporation)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2015-01-20] (CACE Technologies, Inc.)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)
R3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2014-12-23] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207256 2013-03-15] (Windows ® Win 7 DDK provider)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-09 12:50 - 2015-06-09 13:36 - 00000000 ____D C:\FRST
2015-06-09 12:33 - 2015-06-09 12:40 - 00000000 ____D C:\AdwCleaner
2015-06-05 06:12 - 2015-05-22 09:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-05 06:12 - 2015-05-21 09:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-05 06:12 - 2015-05-21 09:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-05 06:12 - 2015-05-21 09:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-05 06:12 - 2015-05-21 09:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-05 06:12 - 2015-05-21 09:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-05 06:12 - 2015-05-21 09:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-05 06:12 - 2015-04-16 18:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-04 18:09 - 2015-06-04 18:09 - 00000000 ____D C:\Users\Jinchi\AppData\Local\Studio_pomaranča_d.o.o__O
2015-06-04 17:25 - 2015-06-04 17:25 - 00002106 _____ C:\Users\Jinchi\AppData\Local\recently-used.xbel
2015-06-04 17:23 - 2015-06-04 18:06 - 00000000 ____D C:\Users\Jinchi\Documents\OmmWriter
2015-06-04 17:23 - 2015-06-04 17:23 - 00000000 ____D C:\Users\Jinchi\AppData\Local\HerraizSoto
2015-06-04 17:19 - 2015-06-04 17:19 - 00000000 ____D C:\Users\Jinchi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OmmWriter
2015-06-04 17:19 - 2015-06-04 17:19 - 00000000 ____D C:\Program Files (x86)\HerraizSoto
2015-06-04 12:59 - 2015-06-04 12:59 - 01210016 _____ C:\WINDOWS\Minidump\060415-4750-01.dmp
2015-06-03 12:41 - 2009-10-01 03:01 - 00088064 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_IBCBGJA.DLL
2015-06-03 12:41 - 2008-11-12 03:00 - 00118784 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMGJA.DLL
2015-06-02 15:44 - 2015-06-09 13:28 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-02 15:44 - 2015-06-02 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-02 15:43 - 2015-06-02 15:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-02 15:43 - 2015-06-02 15:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-02 15:43 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-02 15:43 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-02 15:43 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-02 15:24 - 2015-06-02 16:24 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-02 15:24 - 2015-06-02 15:24 - 00000000 ____D C:\Program Files (x86)\5701f708-b46a-4e42-a638-cefa20db8c5f
2015-06-02 15:18 - 2015-06-04 13:03 - 00000156 _____ C:\WINDOWS\SysWOW64\Drivers\adip58209xxc.sys
2015-06-02 15:18 - 2015-06-02 15:18 - 00003010 _____ C:\WINDOWS\System32\Tasks\propagation utility manager
2015-06-02 14:28 - 2015-06-02 14:28 - 01299784 _____ C:\WINDOWS\Minidump\060215-4234-01.dmp
2015-06-01 13:33 - 2015-06-01 13:33 - 00000000 ____D C:\Users\Jinchi\AppData\Local\GWX
2015-05-30 13:36 - 2015-05-30 13:36 - 00429136 _____ C:\WINDOWS\Minidump\053015-4718-01.dmp
2015-05-30 09:20 - 2015-06-09 13:21 - 00000000 ____D C:\Program Files (x86)\Project64 2.2
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ C:\WINDOWS\SysWOW64\Drivers\sysdriver32l.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ C:\WINDOWS\SysWOW64\Drivers\nvacyu3258b.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ C:\WINDOWS\SysWOW64\Drivers\msconfigvm.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ C:\WINDOWS\SysWOW64\Drivers\kvn398nryw.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00002962 _____ C:\WINDOWS\System32\Tasks\AlaMaintenance
2015-05-30 09:20 - 2015-05-30 09:20 - 00002960 _____ C:\WINDOWS\System32\Tasks\Media_System_Platform
2015-05-30 09:20 - 2015-05-30 09:20 - 00000029 _____ C:\WINDOWS\SysWOW64\Drivers\nkbyrnkdaklsys462.sys
2015-05-27 11:13 - 2015-05-27 11:13 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00626888 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-05-27 11:13 - 2015-05-27 11:13 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00267976 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00249032 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo27.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2015-05-20 10:27 - 2015-05-20 10:27 - 01268896 _____ C:\WINDOWS\Minidump\052015-4734-01.dmp
2015-05-15 17:10 - 2015-05-15 17:10 - 01235168 _____ C:\WINDOWS\Minidump\051515-4828-01.dmp
2015-05-13 17:56 - 2015-05-13 17:56 - 00280408 _____ C:\WINDOWS\Minidump\051315-4140-01.dmp
2015-05-13 12:43 - 2015-05-21 23:28 - 00000000 ___RD C:\Users\Jinchi\OneDrive
2015-05-12 23:43 - 2015-04-30 16:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 23:43 - 2015-04-30 16:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 23:37 - 2015-05-12 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 23:36 - 2015-05-12 23:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-12 23:36 - 2015-05-12 23:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-12 23:31 - 2015-04-09 20:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-12 23:31 - 2015-04-09 20:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-12 23:31 - 2015-03-17 13:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-12 23:31 - 2015-03-08 22:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-12 23:30 - 2015-04-30 19:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-12 23:30 - 2015-04-30 18:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-12 23:30 - 2015-04-24 17:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-12 23:30 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-12 23:30 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-12 23:30 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-12 23:30 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-12 23:30 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-12 23:30 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-12 23:30 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-12 23:30 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-12 23:30 - 2015-04-21 12:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-12 23:30 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-12 23:30 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-12 23:30 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-12 23:30 - 2015-04-21 12:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-12 23:30 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-12 23:30 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-12 23:30 - 2015-04-21 11:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-12 23:30 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-12 23:30 - 2015-04-21 11:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-12 23:30 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-12 23:30 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 23:30 - 2015-04-21 11:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-12 23:30 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-12 23:30 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-12 23:30 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-12 23:30 - 2015-04-21 11:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-12 23:30 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-12 23:30 - 2015-04-21 11:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-12 23:30 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-12 23:30 - 2015-04-21 11:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-12 23:30 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-12 23:30 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-12 23:30 - 2015-04-21 11:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-12 23:30 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-12 23:30 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-12 23:30 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-12 23:30 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-12 23:30 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-12 23:30 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-12 23:30 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-12 23:30 - 2015-04-13 18:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-12 23:30 - 2015-04-09 21:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-12 23:30 - 2015-04-09 20:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-12 23:30 - 2015-04-09 20:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-12 23:30 - 2015-04-08 18:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-12 23:30 - 2015-04-02 20:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-12 23:30 - 2015-04-02 20:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 23:30 - 2015-04-01 18:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-12 23:30 - 2015-04-01 18:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-12 23:30 - 2015-03-31 23:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-12 23:30 - 2015-03-31 22:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-12 23:30 - 2015-03-30 01:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-12 23:30 - 2015-03-26 23:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-12 23:30 - 2015-03-26 22:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-12 23:30 - 2015-03-26 22:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 23:30 - 2015-03-19 21:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-12 23:30 - 2015-03-13 00:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-12 23:30 - 2015-03-13 00:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-12 23:30 - 2015-03-12 22:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-12 23:30 - 2015-03-12 21:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-12 23:30 - 2015-03-12 20:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-12 23:30 - 2015-03-12 20:29 - 00410017 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-05-12 23:30 - 2015-03-10 21:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-12 23:30 - 2015-03-10 21:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-12 23:30 - 2015-03-05 23:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-12 23:30 - 2015-03-05 22:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-12 23:30 - 2015-03-05 22:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-12 23:30 - 2015-03-04 19:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-12 23:30 - 2015-03-03 21:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-12 23:30 - 2015-03-03 21:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 23:30 - 2015-02-17 19:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-12 23:30 - 2015-01-29 20:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-10 08:52 - 2015-05-10 08:52 - 01139120 _____ C:\WINDOWS\Minidump\051015-3703-01.dmp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-09 13:32 - 2013-11-30 08:35 - 00000000 ___RD C:\Users\Jinchi\Utilities
2015-06-09 13:28 - 2014-01-31 11:41 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-09 13:26 - 2013-11-30 01:00 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3768847704-4038817097-2733713293-1001
2015-06-09 13:21 - 2013-11-30 07:30 - 01827793 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-09 13:20 - 2013-09-30 00:04 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-09 13:16 - 2014-01-31 11:57 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-09 13:16 - 2014-01-31 11:57 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-09 13:14 - 2014-03-23 13:25 - 00000000 ___DO C:\Users\Jinchi\SkyDrive
2015-06-09 13:14 - 2014-02-21 14:07 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-09 13:14 - 2014-02-06 14:58 - 00005006 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for JDUBZ-VAIOPRO13-Jinchi jDubz-VaioPro13
2015-06-09 13:14 - 2014-01-31 11:41 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-09 13:13 - 2014-08-11 13:00 - 00148594 _____ C:\WINDOWS\setupact.log
2015-06-09 13:13 - 2013-09-29 23:55 - 00427384 _____ C:\WINDOWS\PFRO.log
2015-06-09 13:13 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\vpnplugins
2015-06-09 13:13 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-09 13:10 - 2014-02-18 18:27 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001UA.job
2015-06-09 13:02 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-09 12:38 - 2013-11-30 17:24 - 00000000 ____D C:\Users\Jinchi\Downloads\Installations
2015-06-09 12:36 - 2013-08-22 09:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-06-09 12:21 - 2014-06-21 15:55 - 00000000 ___RD C:\Users\Jinchi\Desktop\musidia
2015-06-09 12:19 - 2014-08-24 19:57 - 00000000 ____D C:\Users\Jinchi\AppData\Local\Spotify
2015-06-09 11:42 - 2014-03-19 16:15 - 00000000 ____D C:\Users\Jinchi\AppData\Roaming\Skype
2015-06-09 11:40 - 2013-08-17 23:29 - 00001184 _____ C:\WINDOWS\Synaptics.log
2015-06-09 11:39 - 2013-11-30 00:58 - 00000000 ____D C:\Update
2015-06-09 08:18 - 2014-08-24 19:56 - 00000000 ____D C:\Users\Jinchi\AppData\Roaming\Spotify
2015-06-09 00:00 - 2014-11-24 01:00 - 00000000 ____D C:\Users\Jinchi\AppData\Local\CrashDumps
2015-06-08 23:19 - 2015-01-08 05:49 - 00000000 ____D C:\Users\Jinchi\AppData\Roaming\vlc
2015-06-08 11:58 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-08 11:52 - 2015-01-21 18:25 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-08 11:52 - 2013-08-22 10:44 - 00470064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-08 11:51 - 2015-04-21 07:57 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-07 19:10 - 2014-02-18 18:27 - 00000892 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001Core.job
2015-06-05 20:04 - 2013-11-30 00:52 - 00000000 ____D C:\Users\Jinchi\AppData\Local\Packages
2015-06-05 13:28 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-04 18:32 - 2015-02-03 02:31 - 00000000 ___RD C:\Users\Jinchi\Desktop\ENR
2015-06-04 18:30 - 2013-11-30 07:26 - 00000000 ____D C:\Users\Jinchi
2015-06-04 17:25 - 2013-12-03 00:36 - 00000000 ____D C:\Users\Jinchi\AppData\Local\gtk-2.0
2015-06-04 17:25 - 2013-12-03 00:27 - 00000000 ____D C:\Users\Jinchi\.gimp-2.8
2015-06-04 13:41 - 2013-12-15 03:01 - 00000000 ____D C:\Users\Jinchi\Documents\Justin '4 0' Zhuo
2015-06-04 12:59 - 2014-01-31 15:14 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-04 12:59 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-06-04 12:59 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-06-03 18:29 - 2014-03-19 16:15 - 00000000 ____D C:\ProgramData\Skype
2015-06-03 12:41 - 2015-03-30 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-06-03 12:41 - 2014-08-22 23:10 - 00000000 ____D C:\ProgramData\EPSON
2015-06-03 07:56 - 2015-01-20 22:45 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-06-03 07:56 - 2013-12-05 18:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-02 16:25 - 2013-08-22 11:36 - 00000000 __RSD C:\WINDOWS\Media
2015-05-30 16:39 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-05-29 10:54 - 2013-11-30 15:13 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-27 20:16 - 2014-02-21 22:37 - 00000000 ____D C:\Users\Jinchi\AppData\Local\Battle.net
2015-05-27 20:16 - 2014-02-21 22:37 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-05-27 11:13 - 2013-10-21 23:54 - 00764104 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-05-27 10:51 - 2013-11-30 18:37 - 00000000 ____D C:\ProgramData\Synaptics
2015-05-27 10:51 - 2013-11-30 03:02 - 00002990 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-05-23 11:52 - 2013-08-17 23:44 - 00541749 _____ C:\WINDOWS\DirectX.log
2015-05-21 23:28 - 2014-02-21 04:01 - 00003112 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3768847704-4038817097-2733713293-1001
2015-05-21 00:30 - 2014-03-16 12:53 - 00000000 ____D C:\Users\Jinchi\AppData\Roaming\BitTorrent
2015-05-19 11:11 - 2014-03-20 13:34 - 00000000 ____D C:\Users\Jinchi\AppData\Roaming\Audacity
2015-05-16 19:05 - 2014-02-18 18:27 - 00003892 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001UA
2015-05-16 19:05 - 2014-02-18 18:27 - 00003512 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001Core
2015-05-16 12:23 - 2014-01-31 11:41 - 00003910 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 12:23 - 2014-01-31 11:41 - 00003674 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 06:23 - 2013-08-17 23:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-15 01:28 - 2015-04-04 02:59 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-15 01:28 - 2015-04-04 02:59 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-13 23:23 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-13 12:35 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-13 12:35 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-05-12 23:43 - 2013-11-30 03:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-05-12 23:37 - 2013-11-30 03:34 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-12 23:35 - 2013-09-29 23:51 - 00000000 ____D C:\Program Files\Windows Journal
 
==================== Files in the root of some directories =======
 
2013-11-30 18:39 - 2013-11-30 18:39 - 0000600 _____ () C:\Users\Jinchi\AppData\Roaming\winscp.rnd
2012-05-03 07:12 - 2012-05-03 07:12 - 0000532 _____ () C:\Users\Jinchi\AppData\Local\datos.txt
2015-06-04 17:25 - 2015-06-04 17:25 - 0002106 _____ () C:\Users\Jinchi\AppData\Local\recently-used.xbel
 
Some files in TEMP:
====================
C:\Users\Jinchi\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnbwq7p.dll
C:\Users\Jinchi\AppData\Local\Temp\Gw2.exe
C:\Users\Jinchi\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Jinchi\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Jinchi\AppData\Local\Temp\mytmpinstaller.exe
C:\Users\Jinchi\AppData\Local\Temp\NGM.exe
C:\Users\Jinchi\AppData\Local\Temp\NGMDll.dll
C:\Users\Jinchi\AppData\Local\Temp\NGMResource.dll
C:\Users\Jinchi\AppData\Local\Temp\Quarantine.exe
C:\Users\Jinchi\AppData\Local\Temp\setup.exe
C:\Users\Jinchi\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jinchi\AppData\Local\Temp\sqlite3.dll
C:\Users\Jinchi\AppData\Local\Temp\unicows.dll
C:\Users\Jinchi\AppData\Local\Temp\vlc-2.2.1-win32.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-01 06:39
 
==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Jinchi at 2015-06-09 12:51:30
Running from C:\Users\Jinchi\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3768847704-4038817097-2733713293-500 - Administrator - Disabled)
Guest (S-1-5-21-3768847704-4038817097-2733713293-501 - Limited - Disabled)
Jinchi (S-1-5-21-3768847704-4038817097-2733713293-1001 - Administrator - Enabled) => C:\Users\Jinchi
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Amazon Amazon Music) (Version: 3.9.4.807 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 3.9.4.807 - Amazon Services LLC)
ArtRage Studio (HKLM-x32\...\{C017CDD4-CDC7-4D08-8622-E89CF2D36304}) (Version: 3.5.11 - Ambient Design)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Auto Clicker v1.6 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 1.6 - MurGee.com)
BitTorrent (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
BitTorrent (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
calibre 64bit (HKLM\...\{03CC8BD2-B994-4DBC-B10C-FDB2F6DEAAA0}) (Version: 1.35.0 - Kovid Goyal)
Canon MX420 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX420_series) (Version:  - )
CDisplayEx 1.10.25 (HKLM\...\CDisplayEx_is1) (Version:  - cdisplayex.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
EPSON NX330 Series Printer Uninstall (HKLM\...\EPSON NX330 Series) (Version:  - SEIKO EPSON Corporation)
EPSON WorkForce 320 Series Printer Uninstall (HKLM\...\EPSON WorkForce 320 Series) (Version:  - SEIKO EPSON Corporation)
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version:  - SEIKO EPSON Corporation)
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
Intel AT Service (HKLM\...\McAfee Anti-Theft) (Version: 1.0 - McAfee, Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{978B5476-EAF9-4EB0-AD34-92689249A016}) (Version: 4.2.41.2499 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® WiDi (HKLM\...\{28B4FCD3-1E17-411F-B56A-769DCF9169E0}) (Version: 4.1.14.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c78a13fd-4324-4ddb-a613-746d2461441d}) (Version: 17.13.1 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Jamestown (HKLM-x32\...\Steam App 94200) (Version:  - Final Form Games)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Juniper Networks Setup Client (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Juniper_Setup_Client) (Version: 8.0.3.44983 - Juniper Networks)
Juniper Networks Setup Client (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Juniper_Setup_Client) (Version: 8.0.3.44983 - Juniper Networks)
Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junos Pulse 5.0 (HKLM-x32\...\Junos Pulse 5.0) (Version: 5.0.44983 - Juniper Networks, Inc.)
Junos Pulse Core Components (x32 Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse Drivers Add-On (Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse Host Checker Plugin Add-On (x32 Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse Tunnel Manager Add-On (x32 Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse UAC/NC Components (x32 Version: 5.0.44983 - Juniper Networks) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MATLAB R2014a (HKLM\...\Matlab R2014a) (Version: 8.3 - The MathWorks, Inc.)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\MusicManager) (Version:  - Google, Inc.)
Music Manager (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MusicManager) (Version:  - Google, Inc.)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.3.1.57 - NETGEAR Inc.)
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
NFC Connection Utility (HKLM\...\{F3FC1B12-45AA-4ACE-AD9F-DFD87BE9457E}) (Version: 1.0.0.14100 - Sony Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.3.1.0 - NXP Semiconductors)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
OmmWriter (HKLM-x32\...\{804002A3-ACF2-4DF4-9BD2-092A4F738C73}) (Version: 0.1.0.15 - Herraiz & Soto)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.2 - Tracker Software Products Ltd)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Pharos (HKLM-x32\...\Pharos) (Version:  - )
PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Reader for PC (HKLM-x32\...\{25340F94-F74E-4CCF-ABDF-ECBCF03911BE}) (Version: 2.0.00.07121 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6895 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (Version: 1.0.1.11110 - Sony Corporation) Hidden
Spotify (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Spotify (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
The Jackbox Party Pack (HKLM-x32\...\Steam App 331670) (Version:  - Jackbox Games, Inc.)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Update for CHS Microsoft IME HAP Dictionary (Version: 16.0.1522.1 - Microsoft Corporation) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote Keyboard with PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.1.05220 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.3.11280 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.12.13060 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Touch Search (HKLM\...\{F792DDDD-71C8-419E-AE05-46B0CDB1BEC8}) (Version: 1.1.0.1511 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VanDyke Software SecureCRT 6.1 (HKLM-x32\...\{FB9AFA81-FC64-452A-AC30-C992745CC18D}) (Version: 6.1.0 - VanDyke Software, Inc.)
VC8 CRT (Version: 8.0.50727.762 - Juniper Networks) Hidden
VCCMMx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\WinDirStat) (Version:  - )
WinDirStat 1.1.2 (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WinDirStat) (Version:  - )
WinSCP 4.1.6 (HKLM-x32\...\winscp3_is1) (Version: 4.1.6 - Martin Prikryl)
Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jinchi\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jinchi\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
08-06-2015 03:50:57 Scheduled Checkpoint
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2014-11-11 01:44 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {030423F4-6AE5-423C-A071-5F5F24D4DA86} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {0808CAD4-811B-4C62-902F-CD72F04F43B8} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-11-28] (Sony Corporation)
Task: {12F6D2B1-ACBA-4A46-8F05-7CF39301ACB2} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {152888AE-3924-4319-85E8-6E42EE068406} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {171C27B2-9EB5-4A1D-9093-C3C7EE7F4F41} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {1C5A2E66-E565-49A0-AA4C-D7ACAC4F4560} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {1DAED29A-8AF5-4088-8D98-01C0F96F197A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {29794DC0-3754-4410-ADE1-57DE032AD25A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-31] (Google Inc.)
Task: {2A5F3D65-001C-489F-9B7D-A3DED3846A76} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {2B9EF640-8B62-4E27-AA01-EBA2F4E98569} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-02-28] (Sony Corporation)
Task: {31B9760D-C907-4434-AFE8-FE766B6E1AAE} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {323321B2-04B8-4829-BB47-5047687C4097} - System32\Tasks\AlaMaintenance => C:\WINDOWS\SysWOW64\drivers\NVACYU~1.EXE [2015-05-30] ()
Task: {34B0E4B7-CB55-4779-8131-EBBA3E29702A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {445E46C5-8CD4-4E03-9190-A7F29636FE53} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-12] (Microsoft Corporation)
Task: {49C58B60-3AE4-4612-9F8F-151ABEAFA504} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {4D147FA4-0860-4416-95DA-6F94D4E8906B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {4E108295-0B9B-4D0D-97F3-62A1885E3817} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {50E15AA5-E8FC-457D-A8C5-02E80953CD5C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {549B0586-916E-4A19-959E-C1E4D584EC54} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {58A61337-9F57-4273-AB55-13F3FB0273B4} - System32\Tasks\Media_System_Platform => C:\WINDOWS\SysWOW64\drivers\KVN398~1.EXE [2015-05-30] ()
Task: {6BD8553D-D29E-4B0E-B715-D77543F3FE28} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2013-11-07] (Sony Corporation)
Task: {7083F386-39DA-418A-AC8E-1FAB3D9B031B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JDUBZ-VAIOPRO13-Jinchi jDubz-VaioPro13 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-03-10] (Microsoft Corporation)
Task: {71546852-4512-4C88-A869-E690B944DCA3} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {7687A3B2-7E7C-4091-88D5-FD4F4EA3AA96} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {78871205-75A7-4518-ABBC-C8D2D894A770} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {7982BC1E-3759-4437-B410-3F9712C6C313} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-12-09] (Sony Corporation)
Task: {7C1CF5CA-8655-426C-815D-A767366EEBA1} - System32\Tasks\Sony Corporation\VAIO Control Center\NightTimeEnd => C:\Program Files (x86)\Sony\VAIO Control Center\VESSmartConnectTime.exe [2013-03-15] (Sony Corporation)
Task: {7D20217F-BC39-45B4-AC8C-E46A7E695429} - System32\Tasks\propagation utility manager => C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\syscomplus80.exe [2015-06-02] ()
Task: {842642D9-35FD-4FCC-987C-F5DB2FD2603E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {84FE5F63-27E7-4FF8-A706-2870636ADE65} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)
Task: {889E7D7E-A64E-4961-9C47-099AFF877C47} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001UA => C:\Users\Jinchi\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)
Task: {88D4E4B0-00D8-419C-8648-923E8186F53A} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-15] (Microsoft Corporation)
Task: {923F640F-D7B1-4A47-A158-B315DE0A9E0B} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {9787CF4F-1123-4826-8B30-F06CF6BEE638} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {97D7BDD9-D054-43D7-882B-AD249B77244E} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3768847704-4038817097-2733713293-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {9AE6CBF1-00F0-4F50-AE80-1497C9C858E0} - System32\Tasks\Sony Corporation\VAIO Control Center\NightTimeStart => C:\Program Files (x86)\Sony\VAIO Control Center\VESSmartConnectTime.exe [2013-03-15] (Sony Corporation)
Task: {9B57288A-3AAE-421B-B4FE-6FE8C053B0D5} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {9B80C144-628B-47E1-BFD0-11B344818EF2} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {9C387779-0F66-45B0-859A-1F03F28785BA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {9FFABB92-E02B-4EA5-9F85-0058AC3244F3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {AC369F06-22DA-4D4F-A61D-3FC072FEF06C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-31] (Google Inc.)
Task: {ACBF82C2-C2BF-4DCC-AEAA-BD6F5BF22037} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {AD1BED37-66C9-433E-B3C1-F2F861E2C024} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {B4591711-5698-442B-85D4-ED3EDA0CF916} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-05-27] (Synaptics Incorporated)
Task: {BA08B23A-6573-40F1-A308-5D74E46D4835} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001Core => C:\Users\Jinchi\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)
Task: {C8603A6D-CC34-4AD7-9BF3-247077D9B3EB} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {D55F3AC8-6713-4933-B76D-388BABEBA2C2} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {D692D7FB-BCD0-4A73-93A0-9F560AD6CC9B} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E40870DD-A941-4764-82D2-F0F7D5F4F428} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {EB31A902-91C9-4573-976A-E167505B53F0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {EDF1E628-FD13-4FF9-B134-AA386E3A915F} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {F11CB3CD-421B-4EAB-9334-1F4DA7160E40} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {F2A02852-C346-4014-8619-221C284D27A9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {F2BE108D-C1CE-45DB-A829-EB34ECBBDD17} - System32\Tasks\Sony Corporation\NFC Connection Utility\NFC Logon Start => C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe [2014-02-11] (Sony Corporation)
Task: {F60B3402-006E-4F29-AA24-F70C7059EDF1} - System32\Tasks\Sony Corporation\VAIO Care\UpdateConfig => %ProgramData%\Sony Corporation\VCM Data\UpdateConfig.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001Core.job => C:\Users\Jinchi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001UA.job => C:\Users\Jinchi\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ () C:\WINDOWS\SysWOW64\drivers\sysdriver32l.exe
2015-06-02 15:18 - 2015-06-02 15:17 - 00543232 _____ () C:\WINDOWS\SysWOW64\drivers\UMDF\en-US\eventlogman32.exe
2014-03-20 13:56 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-06 18:06 - 2013-09-06 18:06 - 00198120 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-09-06 18:06 - 2013-09-06 18:06 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-09-06 18:05 - 2013-09-06 18:05 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-02-04 20:24 - 2015-02-04 20:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-06-09 12:37 - 2015-05-30 09:20 - 00989696 _____ () C:\WINDOWS\TEMP\er.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ () C:\WINDOWS\SysWOW64\drivers\KVN398~1.EXE
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ () C:\WINDOWS\SysWOW64\drivers\NVACYU~1.EXE
2015-02-25 02:52 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-06-09 12:38 - 2015-05-30 09:20 - 00989696 _____ () C:\Users\Jinchi\AppData\Local\Temp\er.exe
2014-10-28 09:11 - 2015-04-24 21:53 - 05886784 _____ () C:\Users\Jinchi\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-06-02 15:18 - 2015-06-02 15:17 - 00543232 _____ () C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\syscomplus80.exe
2015-03-14 01:49 - 2015-03-14 01:49 - 00291840 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2013-11-19 11:21 - 2013-11-19 11:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-11-30 02:59 - 2013-05-22 02:25 - 00127464 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\iSCTConnect.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 10683392 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 07741952 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 01681408 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 02248192 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00117248 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00231936 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00253440 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00344064 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 00026624 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2014-02-21 14:07 - 2015-04-16 13:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 17:59 - 2015-04-22 22:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-22 01:04 - 2015-06-04 14:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-19 17:59 - 2015-04-22 22:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 17:59 - 2015-04-22 22:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-28 16:13 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 16:13 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 16:13 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-28 16:13 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 16:13 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-02-21 14:07 - 2015-06-04 14:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-05-19 22:29 - 2015-05-19 22:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2014-02-21 14:07 - 2015-05-11 15:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-11-13 10:20 - 2014-11-25 22:12 - 40622592 _____ () C:\Users\Jinchi\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2014-11-13 10:20 - 2014-11-25 22:12 - 00911360 _____ () C:\Users\Jinchi\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2014-11-13 10:20 - 2014-11-25 22:12 - 00134144 _____ () C:\Users\Jinchi\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2015-05-25 17:29 - 2015-05-22 16:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-25 17:29 - 2015-05-22 16:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2013-11-30 03:20 - 2013-05-08 00:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Jinchi\SkyDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jinchi\Pictures\water_forest_2560x1440.jpg
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jinchi\Pictures\water_forest_2560x1440.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\StartupApproved\Run: => "MurGee.com Auto Clicker"
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\StartupApproved\Run: => "UM"
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "MurGee.com Auto Clicker"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8AAA2962-98BF-4561-8446-070D15AFF0BD}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{F6FD1D1E-7BCD-494C-AE18-F5E10EC4BD00}] => (Allow) C:\Users\Jinchi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EB1D6051-6DC5-4E4E-99A0-76F0997DD1A2}] => (Allow) C:\Users\Jinchi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{791B8DC4-488F-4CCC-97B6-A48CD117FF0E}] => (Allow) C:\Users\Jinchi\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{97518567-F6EE-43A5-9220-3A71C3092833}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2A6FCFCE-1889-470C-91B7-6B3C586F5B42}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E120CEE3-FB95-4685-AF4C-581D697283DE}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{09C65444-9E49-4016-AFD4-2C46D8EF8B03}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{1C6D2338-58F6-41B7-9C60-0C8047D158DD}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{55412196-4B43-43EC-A082-5DEDB04C4BF7}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{E353C792-C677-48C7-B015-914EFA660B2D}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{63CAE482-DDB5-4187-AE7C-39C0809ED0C8}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{E3F1E628-78C7-43C7-B500-5B49FF7E0FF5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BD493E0D-100F-4882-BC6E-7AD0357C7FE9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{251B91E5-585F-427C-AFBA-9E5810A40D95}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C897F144-EB0C-4122-87F6-856760C9D5D4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AF322307-A300-4E27-80C1-EA374A4D0B6B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{87843785-23D4-49CF-9761-677FC305096A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5BD520C5-FAA1-4168-A2C2-0345ABDA612B}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{205AA04E-E323-4943-BA78-A144C44151E4}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{31F0FEA3-CC25-4FC3-839F-2C1A010901CA}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{8B8371EC-4A0D-40DE-8018-BB13A1B14CFE}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{08C88937-DA82-4D89-AA5C-915911D66CC2}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [TCP Query User{12302747-C7E1-4B23-B720-756D7CEC8B58}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{62F4D8AC-28A5-4295-985F-BCDA5EE2B46C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{25ADA3AE-6C5C-4EB9-9037-4770A4472BC4}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{502C5361-ED40-4CF6-B109-FD0FFAF68CC4}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{7AD297A5-9A53-428C-9BD9-7B692F86C7DF}] => (Allow) C:\Users\Jinchi\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{6C04DF68-1EF8-47DF-9B12-553B827A4927}] => (Allow) C:\Users\Jinchi\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{6453304B-1C45-46DE-96E9-BC500401CBF1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{75721F3D-024D-4471-BEF1-1AA2D7721F16}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{E5CBBA80-AE60-406A-A474-B5BAC3FB9705}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{E317F802-C9AB-4BD3-B085-356CEC5FF10D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{BE7E2239-2362-4AA3-A03B-ACE80FFB1F9E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{E82670D9-49E4-4AAA-8424-60E2BFA3DD65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{A80FAE7F-E488-4060-8EED-68088003691C}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0495F14C-548F-40E0-A535-A6E8987C61DA}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5845DD02-4469-4A05-A346-D4A7F4F77759}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{F44BBD2E-ABEC-42CB-B621-03623EF1F56E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{CE20CBB9-AC0F-4E44-BA11-E1F8027D7342}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{3365CD26-78F5-4B7E-9573-91AAC52872BD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{36A01BAE-2D0D-4041-88F4-987A3006EE3B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{D23E44CC-C04F-459C-86E5-CD64AFD0503C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{E98A7E2E-E3DC-42E6-BE9B-B0A4D6D2272D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{50DE9A46-6BF5-4CD8-933A-8A762550054B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{DC0BB4CF-F7E0-4C47-8885-5761E964BC88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{00A069BC-CFD1-4C64-9EC0-A6C66B954B22}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{BB93A3D9-3CBA-49FC-87C5-F1FC28D9279E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{1E4C0F28-F197-4F02-A22A-DEC30B741F20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{8D3F088D-BBF1-42FB-8185-455B060E2283}] => (Allow) F:\Program Files (jDubz-VaioPro13)\StarCraft II\StarCraft II.exe
FirewallRules: [{46E34459-B59A-4FF8-80C3-A9FFA570DA95}] => (Allow) F:\Program Files (jDubz-VaioPro13)\StarCraft II\StarCraft II.exe
FirewallRules: [{DC1935B2-387A-49E7-B25C-77E58AA5707D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{C10F3F30-F05D-4CBE-AECD-3A99BEA66363}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{23EB8DF5-B400-4FAB-8FE7-571CD9370779}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B59228DD-F389-4134-BF0F-2C7BEB701252}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C4103880-1F3A-4E4B-968C-2107B1CADB45}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{80EA95F6-F360-4D14-B103-C746258503A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{058DF99D-CDAA-48B9-B738-087CBD74BAA6}] => (Allow) F:\Program Files (jDubz-VaioPro13)\StarCraft II\StarCraft II\StarCraft II.exe
FirewallRules: [{C1A98549-3BCA-491C-8A44-7A522A3C8465}] => (Allow) F:\Program Files (jDubz-VaioPro13)\StarCraft II\StarCraft II\StarCraft II.exe
FirewallRules: [{AE5F9B45-9630-4A60-8B5F-93F51E917B20}] => (Allow) F:\Program Files (jDubz-VaioPro13)\StarCraft II\Diablo III\Diablo III.exe
FirewallRules: [{6B301B05-7D3E-4470-A560-F2D82CB7D48D}] => (Allow) F:\Program Files (jDubz-VaioPro13)\StarCraft II\Diablo III\Diablo III.exe
FirewallRules: [{AD195C8E-94DC-40B5-8689-70C284D7B09B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{67888B5E-3F5D-408E-A62A-EACC128E0842}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{B3A5162E-4122-40A6-AF5C-64FDB850D89D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{8D7F49B6-CDE4-46D1-88F4-613F2D45ECF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{110DAD28-A1BC-436A-8A7D-99DAEAC915E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{C4531F6C-FA1B-4A53-A96F-0492F098245F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{E3DA1792-8785-4318-9BB7-C02E00BB98DE}] => (Allow) F:\Program Files (jDubz-VaioPro13)\Diablo III\Diablo III\Diablo III.exe
FirewallRules: [{5FB06E85-344C-4321-9DCE-13EB1D407D18}] => (Allow) F:\Program Files (jDubz-VaioPro13)\Diablo III\Diablo III\Diablo III.exe
FirewallRules: [{E094F486-9C85-43E6-BA60-6A925B80983D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{BF7FB06E-24FB-4077-BA34-AEAB42A5A60B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{E0B0069C-4B1D-41B5-A6D0-A7FA4628D080}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{81860655-B976-4103-837E-05D6E4AFAD52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{9AC2C5C2-E121-4729-BF53-49F9565AAFB8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{B6DA9A04-E806-47D2-9C07-B31861AE2FA0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{6957DDEE-47CF-4180-A4BC-4C293426B957}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{9E8204E6-FBEC-466F-AC48-A83E8E03D770}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{F3916993-E489-40F6-8AFF-64BF6FC70662}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{2599BCD5-04FE-4D1B-A5A5-45DF0E5803BC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{AA548EB3-BF98-47B8-B69D-CFED1BCACC6E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{5483B2BF-AF1A-4D24-B7EB-5CCCA5AAA801}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{A8DE2EA6-5260-4A21-BDBD-F3985B297AA2}] => (Allow) E:\Program Files (jDubz-VaioPro13)\Diablo III\Diablo III.exe
FirewallRules: [{767D1032-0535-4BDB-BADA-3229D7A4A395}] => (Allow) E:\Program Files (jDubz-VaioPro13)\Diablo III\Diablo III.exe
FirewallRules: [{DE63C0AA-5ED3-4E79-8B2B-CAF1B0AE8F13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{EC7C7221-D843-4FB5-B3F5-0B625F2A6134}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{524E045D-356E-417F-98F4-F009032628FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{DD7D1823-B827-433E-A657-59925B565513}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{EC9AE200-890A-4E41-BBA1-A6D5EB3FE67B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{D4E514FD-00FF-46E4-9B09-CD7FA0F7F093}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{15E353EC-3481-4F8D-80F3-092603B6FD83}C:\users\jinchi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jinchi\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8FEDE70E-E603-4216-A7A3-844697DFB902}C:\users\jinchi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jinchi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E94EEF82-89B4-468C-9B58-A770361CFA9B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{3500FF7E-4DF6-47E7-ABF3-409999AF9A86}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{1C3EB99F-F0EC-47BB-8EA5-63D5D0D8A6F6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D2ABEE00-5913-4E4A-9B38-6FFC4D2F96C5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{D3646E6C-A650-4643-9ACC-DEA744641FC9}C:\users\jinchi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jinchi\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3D1D352B-3303-4DA2-B1D0-730B81784C67}C:\users\jinchi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jinchi\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2A3A219A-CE17-4D00-85B7-BA674F889C70}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{9369B298-C6DD-4688-A476-C5954505C3A6}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{906A536B-6264-48D8-BB26-68AE21610CE2}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{632C8043-55FD-47A6-BC3F-AC3625C640CE}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{59DFAD8F-7AB1-4307-A1BC-51108ADD3B77}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{57BEC37C-EBA5-4920-8259-9068A85A6CA7}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{9839765B-9955-42C0-868A-9B475B601613}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{E432DCE2-9770-4311-B633-917753449E56}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [TCP Query User{8DB4EB37-0ABC-4945-80F0-51EBC4730AA1}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{6B0B1C33-683E-4583-9E1A-0309E54BBB09}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [TCP Query User{8FBF3A64-26D1-468A-81F1-708D0AD865E9}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{8CF18467-B70F-407C-BB22-0B86857EECD0}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{933CD28C-77EC-423E-8304-A1050E969941}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{D89BDACC-CEF6-4A48-A593-2A6910425019}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AACDE79C-510C-4BD9-B23D-AFA8ADC97F94}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{57210441-E915-49AE-BD82-C6C7A0A04908}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{922A446F-DF52-4EEF-892E-1D77A09F5AB9}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{B48CC07B-F2E0-4D64-98D8-9DE92D4C955E}] => (Allow) F:\Program Files (jDubz-VaioPro13)\Hearthstone\Hearthstone.exe
FirewallRules: [{D89DD20F-8D07-4090-AB69-8F352F7A4099}] => (Allow) F:\Program Files (jDubz-VaioPro13)\Hearthstone\Hearthstone.exe
FirewallRules: [{54D13F0E-D893-4BCF-8C41-919E881022F2}] => (Allow) F:\Program Files (jDubz-VaioPro13)\Diablo III\Diablo III.exe
FirewallRules: [{9F206291-A2D3-48DF-A772-E87735EC1156}] => (Allow) F:\Program Files (jDubz-VaioPro13)\Diablo III\Diablo III.exe
FirewallRules: [{DD25789B-F44E-41FF-869E-ADB5CF5E2377}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{FE112EFF-C326-4577-B14C-49B37A374411}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{52D65AAD-3D82-49D0-B406-08D8FA767171}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{E1C3C5C0-1E9F-47E6-A4BC-AB6A05FF9EB8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{5A16C813-2406-4FF1-B34B-2068AFDC5C5A}F:\program files (jdubz-vaiopro13)\starcraft ii\versions\base32283\sc2.exe] => (Allow) F:\program files (jdubz-vaiopro13)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{2800DE1B-F1C0-4286-9978-92F65D533DAD}F:\program files (jdubz-vaiopro13)\starcraft ii\versions\base32283\sc2.exe] => (Allow) F:\program files (jdubz-vaiopro13)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{C3A354D5-5113-47FB-8E4D-FA8B2D23C4E9}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{4AB904BE-EE39-4DFD-A3EB-59BEFF38F2FC}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{440E5F9B-FE9A-4044-8B25-2E8DE56673D7}C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe
FirewallRules: [UDP Query User{A9C15CB1-5532-45DB-B7BB-158052C6487E}C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe
FirewallRules: [{8E41BCA7-502D-4486-B527-CF0FAFEC1156}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{2B3793F2-9266-486A-BE21-18EFD96B43B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{65D31D05-BB72-4F36-AB4E-4C2B66493A3D}C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{5087FF18-52D3-4AF3-844D-4B5E1CAC3076}C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [{7EC1864E-0560-4E3C-AF07-57296475FEBA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack\TJPP.exe
FirewallRules: [{163A303D-BE69-4C35-8FC6-06AF21190EB4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack\TJPP.exe
FirewallRules: [{5C4E911C-D967-4A68-8D86-0B988078FF84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jamestown\Jamestown.exe
FirewallRules: [{B0DEC9C8-AD97-4016-8F7D-D76FB822C988}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jamestown\Jamestown.exe
FirewallRules: [{369CB4F6-A3A4-4721-8809-84C7E5C30AE3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9336C1A8-6B53-4240-ABDB-52E288D99240}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{96113DD1-640B-4748-9006-DDB37E01A593}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1B12E98C-D977-4551-9436-33A9D4D707BC}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BC7EC7E0-B477-4B1A-A261-6B1588562412}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{2BA78191-0034-4865-9CF4-60856E57EE5A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8B4EF6F8-AAC4-45EA-9E97-7959C4E75AC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BECAC9FC-4F12-41E6-8FCA-59DBFBFC4F30}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{84B627E3-7BFA-44FE-B149-885484EA04F5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{729B1B06-A3C1-42AC-AD3E-B3DB789888C1}] => (Allow) F:\Program Files (jDubz-VaioPro13)\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{65730D45-7D8F-4AAF-9858-3EEDD89C4FF7}] => (Allow) F:\Program Files (jDubz-VaioPro13)\steamapps\common\dota 2 beta\dota.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/09/2015 00:42:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SpfService64.exe, version: 1.3.0.9090, time stamp: 0x4e684dec
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
Exception code: 0xc0000005
Fault offset: 0x000000000003e516
Faulting process id: 0x1cdc
Faulting application start time: 0xSpfService64.exe0
Faulting application path: SpfService64.exe1
Faulting module path: SpfService64.exe2
Report Id: SpfService64.exe3
Faulting package full name: SpfService64.exe4
Faulting package-relative application ID: SpfService64.exe5
 
Error: (06/09/2015 00:20:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ffb58fdb151
Faulting process id: 0x120c
Faulting application start time: 0xVCAgent.exe0
Faulting application path: VCAgent.exe1
Faulting module path: VCAgent.exe2
Report Id: VCAgent.exe3
Faulting package full name: VCAgent.exe4
Faulting package-relative application ID: VCAgent.exe5
 
Error: (06/09/2015 00:20:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCAgent.App.Main()
 
Error: (06/09/2015 00:00:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IOLOTO~1.EXE, version: 1.0.5.7, time stamp: 0x4f146042
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0x0eedfade
Fault offset: 0x00014598
Faulting process id: 0x4b1c
Faulting application start time: 0xIOLOTO~1.EXE0
Faulting application path: IOLOTO~1.EXE1
Faulting module path: IOLOTO~1.EXE2
Report Id: IOLOTO~1.EXE3
Faulting package full name: IOLOTO~1.EXE4
Faulting package-relative application ID: IOLOTO~1.EXE5
 
Error: (06/09/2015 00:00:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IOLOTO~1.EXE, version: 1.0.5.7, time stamp: 0x4f146042
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54504ade
Exception code: 0x0eedfade
Fault offset: 0x00014598
Faulting process id: 0x4b1c
Faulting application start time: 0xIOLOTO~1.EXE0
Faulting application path: IOLOTO~1.EXE1
Faulting module path: IOLOTO~1.EXE2
Report Id: IOLOTO~1.EXE3
Faulting package full name: IOLOTO~1.EXE4
Faulting package-relative application ID: IOLOTO~1.EXE5
 
Error: (06/08/2015 05:06:45 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - OnThermalBatterySuspendRequest   Received a callback to suspend due to thermal or battery - bThermal = 0.
 
Error: (06/08/2015 05:06:44 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - OnThermalBatterySuspendRequest   Received a callback to suspend due to thermal or battery - bThermal = 0.
 
Error: (06/08/2015 05:06:43 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - OnThermalBatterySuspendRequest   Received a callback to suspend due to thermal or battery - bThermal = 0.
 
Error: (06/08/2015 05:06:42 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - OnThermalBatterySuspendRequest   Received a callback to suspend due to thermal or battery - bThermal = 0.
 
Error: (06/08/2015 05:06:41 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - OnThermalBatterySuspendRequest   Received a callback to suspend due to thermal or battery - bThermal = 0.
 
 
System errors:
=============
Error: (06/09/2015 00:42:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VAIO Entertainment Common Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/09/2015 00:42:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/09/2015 00:42:00 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Juniper Unified Network Service service hung on starting.
 
Error: (06/09/2015 00:40:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\System32\IWMSSvc.dll
 
Error: (06/09/2015 00:40:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\System32\IWMSSvc.dll
 
Error: (06/09/2015 00:40:17 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
 
Error: (06/09/2015 00:40:17 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
 
Error: (06/09/2015 00:40:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\System32\IWMSSvc.dll
 
Error: (06/09/2015 00:40:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Internet Pass-Through Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (06/09/2015 00:40:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® Capability Licensing Service Interface service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
 
Microsoft Office:
=========================
Error: (06/09/2015 00:42:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.3.9600.17736550f4336c0000005000000000003e5161cdc01d0a2d348d2d65bC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\WINDOWS\SYSTEM32\ntdll.dll874ecf6b-0ec6-11e5-bf52-5c514f2e2696
 
Error: (06/09/2015 00:20:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c000000500007ffb58fdb151120c01d0a203dc26aee3C:\Program Files\Sony\VAIO Care\VCAgent.exeunknown6329b9e8-0ec3-11e5-bf4f-8cae4cfeb861
 
Error: (06/09/2015 00:20:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCAgent.App.Main()
 
Error: (06/09/2015 00:00:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IOLOTO~1.EXE1.0.5.74f146042KERNELBASE.dll6.3.9600.1741554504ade0eedfade000145984b1c01d0a268c32e7bc8C:\PROGRA~1\Sony\VAIOCA~1\Iolo\IOLOTO~1.EXEC:\WINDOWS\SYSTEM32\KERNELBASE.dll01c154f3-0e5c-11e5-bf4f-8cae4cfeb861
 
Error: (06/09/2015 00:00:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IOLOTO~1.EXE1.0.5.74f146042KERNELBASE.dll6.3.9600.1741554504ade0eedfade000145984b1c01d0a268c32e7bc8C:\PROGRA~1\Sony\VAIOCA~1\Iolo\IOLOTO~1.EXEC:\WINDOWS\SYSTEM32\KERNELBASE.dll00fa52b7-0e5c-11e5-bf4f-8cae4cfeb861
 
Error: (06/08/2015 05:06:45 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - OnThermalBatterySuspendRequest   Received a callback to suspend due to thermal or battery - bThermal = 0.
 
Error: (06/08/2015 05:06:44 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - OnThermalBatterySuspendRequest   Received a callback to suspend due to thermal or battery - bThermal = 0.
 
Error: (06/08/2015 05:06:43 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - OnThermalBatterySuspendRequest   Received a callback to suspend due to thermal or battery - bThermal = 0.
 
Error: (06/08/2015 05:06:42 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - OnThermalBatterySuspendRequest   Received a callback to suspend due to thermal or battery - bThermal = 0.
 
Error: (06/08/2015 05:06:41 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - OnThermalBatterySuspendRequest   Received a callback to suspend due to thermal or battery - bThermal = 0.
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-06-06 05:35:32.563
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:32.388
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:32.205
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:32.027
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:31.852
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:31.675
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:21.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:21.018
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-05 04:43:36.108
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-05 04:43:35.929
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 85%
Total physical RAM: 4002.88 MB
Available physical RAM: 579.05 MB
Total Pagefile: 8596.67 MB
Available Pagefile: 3842.78 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:104.57 GB) (Free:13.39 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: C75D96EC)
 
Partition: GPT Partition Type.
 
==================== End of log ============================

Attached Files


Edited by xXToffeeXx, 09 June 2015 - 12:44 PM.
Added logs~


BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:05:53 PM

Posted 11 June 2015 - 05:41 AM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop. Don't kill any malicious processes at your own.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that Addition.txt is checked before you press the Scan button.
  • Press Scan button.
  • It will make 2 logs (FRST.txt and Addition.txt) in the same directory the tool is run. Please copy and paste them to your reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#3 mrJinch

mrJinch
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:53 AM

Posted 11 June 2015 - 07:19 PM

Hm, Windows just installed a wave of updates, and now I don't see the Sysmainpro., but Malwarebytes still detects the fake scvhost. Here are my logs (FRST and Addition):

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Jinchi (administrator) on JDUBZ-VAIOPRO13 on 11-06-2015 19:59:38
Running from C:\Users\Jinchi\Desktop
Loaded Profiles: Jinchi (Available Profiles: Jinchi)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SmartConnectWork.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESGfxMgr.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHT\ChtIME.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Sony Corporation) C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Spotify Ltd) C:\Users\Jinchi\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
() C:\Users\Jinchi\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Jinchi\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-05-06] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392 2013-11-21] (Sony Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [644656 2013-08-17] (McAfee, Inc.)
HKLM-x32\...\Run: [ATLauncher] => C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe [511232 2013-07-23] (McAfee, Inc.)
HKLM-x32\...\Run: [ATUninstallIcon] => C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe [511232 2013-07-23] (McAfee, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKLM-x32\...\Run: [JunosPulse] => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2522672 2014-04-09] (Juniper Networks, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [Google Update] => C:\Users\Jinchi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-18] (Google Inc.)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [MusicManager] => C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7646208 2015-05-29] (Google Inc.)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [MurGee.com Auto Clicker] => C:\Users\Jinchi\AppData\Local\Auto Clicker\AutoClicker.exe [100728 2014-03-11] (MurGee.com)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [Spotify Web Helper] => C:\Users\Jinchi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-09] (Spotify Ltd)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [Amazon Music] => C:\Users\Jinchi\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-24] ()
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [UM] => C:\Users\Jinchi\AppData\Roaming\Update Manager\UM.EXE
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\MountPoints2: {028b20a5-44ad-11e4-bef0-8cae4cfeb861} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\MountPoints2: {15809e70-b8be-11e4-bf23-8cae4cfeb861} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\MountPoints2: {315eba01-6e78-11e4-bf02-8cae4cfeb861} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\MountPoints2: {ca66b404-e627-11e3-bed9-5c514f2e2696} - "E:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-01-31]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-12-01] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2012-07-12] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jinchi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001: @talk.google.com/O1DPlugin -> C:\Users\Jinchi\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3768847704-4038817097-2733713293-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jinchi\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jinchi\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
 
Chrome: 
=======
CHR Profile: C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2013-11-30]
CHR Extension: (Angry Birds) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-11-30]
CHR Extension: (Theme Creator) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2013-11-30]
CHR Extension: (Google Docs) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-30]
CHR Extension: (Google Drive) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-30]
CHR Extension: (JAM with Chrome) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bggjdpbfjakfkacljidachigalghbnpk [2013-11-30]
CHR Extension: (YouTube) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-30]
CHR Extension: (Google Search) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-30]
CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2013-11-30]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2013-11-30]
CHR Extension: (AdBlock) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-28]
CHR Extension: (Cut the Rope) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2013-11-30]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2013-11-30]
CHR Extension: (Icy Power Blue) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkjgeljmhnbdebajdlipnfpmiemllaam [2014-03-24]
CHR Extension: (Facebook Unseen) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop [2013-12-31]
CHR Extension: (StayFocusd) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2014-09-04]
CHR Extension: (Reload All Tabs) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\midkcinmplflbiflboepnahkboeonkam [2013-11-30]
CHR Extension: (No Name) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-06-09]
CHR Extension: (Google Wallet) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-30]
CHR Extension: (Gmail) - C:\Users\Jinchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-30]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AlaPerformance; C:\WINDOWS\SysWOW64\drivers\svchost.exe [114688 2015-06-11] (ServiceEx) [File not signed]
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-03-15] (Intel)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-09-06] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2014-12-14] (NETGEAR)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [339456 2013-05-10] (Pharos Systems International) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-09-19] (Sony Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113664 2013-12-16] (ASIX Electronics Corp.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-29] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-17] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2013-11-28] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R1 jnprns; C:\Windows\system32\DRIVERS\jnprns.sys [506160 2014-03-13] (Juniper Networks)
S4 jnprTdi_803_44983; C:\WINDOWS\system32\Drivers\jnprTdi_803_44983.sys [108344 2014-04-09] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\system32\DRIVERS\jnprva.sys [30072 2014-03-13] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\system32\DRIVERS\jnprvamgr.sys [45352 2014-03-13] (Juniper Networks, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-09] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3482600 2014-11-06] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3648480 2013-08-30] (Intel Corporation)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2015-01-20] (CACE Technologies, Inc.)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)
R3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2014-12-23] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207256 2013-03-15] (Windows ® Win 7 DDK provider)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-11 19:59 - 2015-06-11 19:59 - 00028937 _____ C:\Users\Jinchi\Desktop\FRST.txt
2015-06-11 19:57 - 2015-06-11 19:57 - 00114688 _____ (ServiceEx) C:\WINDOWS\SysWOW64\Drivers\svchost.exe
2015-06-11 14:39 - 2015-06-09 12:50 - 02108928 _____ (Farbar) C:\Users\Jinchi\Desktop\FRST64.exe
2015-06-10 19:32 - 2015-06-10 19:48 - 00000000 ____D C:\Users\Jinchi\Desktop\Snowpiercer (2013) [1080p]
2015-06-10 15:47 - 2015-06-10 15:47 - 00000000 ____D C:\a49ad93893034b721e8f33a6c8
2015-06-10 14:05 - 2015-05-25 09:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 14:05 - 2015-05-25 09:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 14:05 - 2015-04-16 02:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 14:05 - 2015-04-13 18:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 14:05 - 2015-04-13 18:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 14:05 - 2015-04-09 20:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 14:05 - 2015-04-09 20:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 14:05 - 2015-04-08 18:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 14:05 - 2015-04-01 18:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 14:05 - 2015-04-01 18:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 14:05 - 2015-04-01 00:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 14:05 - 2015-04-01 00:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 14:05 - 2015-04-01 00:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 14:05 - 2015-04-01 00:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 14:05 - 2015-03-31 23:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 14:05 - 2015-03-31 23:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 14:05 - 2015-03-31 23:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 14:05 - 2015-03-31 22:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 14:05 - 2015-03-31 22:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 14:05 - 2015-03-31 22:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 14:05 - 2015-03-31 22:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 14:05 - 2015-03-31 22:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 14:05 - 2015-03-31 22:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 10:19 - 2015-05-27 10:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 10:19 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 10:19 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 10:19 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 10:19 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 10:19 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 10:19 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 10:19 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 10:19 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 10:19 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 10:19 - 2015-05-22 22:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 10:19 - 2015-05-22 22:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 10:19 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 10:19 - 2015-05-22 22:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 10:19 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 10:19 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 10:19 - 2015-05-22 22:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 10:19 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 10:19 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 10:19 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 10:19 - 2015-05-22 15:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 10:19 - 2015-05-22 15:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 10:19 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 10:19 - 2015-05-22 14:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 10:19 - 2015-05-22 14:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 10:19 - 2015-05-22 14:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 10:19 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 10:19 - 2015-05-22 14:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 10:19 - 2015-05-22 14:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 10:19 - 2015-05-22 14:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 10:19 - 2015-05-22 14:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 10:19 - 2015-05-22 14:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 10:19 - 2015-05-22 14:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 10:19 - 2015-05-22 14:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 10:19 - 2015-05-22 14:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 10:19 - 2015-05-22 13:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 10:19 - 2015-05-22 13:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 10:19 - 2015-05-22 13:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 10:19 - 2015-05-22 13:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 10:19 - 2015-05-22 13:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 10:19 - 2015-04-24 22:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 10:19 - 2015-04-24 22:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 10:18 - 2015-05-21 12:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-09 17:40 - 2015-06-09 17:40 - 01141576 _____ C:\WINDOWS\Minidump\060915-3593-01.dmp
2015-06-09 16:37 - 2015-06-09 16:37 - 00000000 _____ C:\WINDOWS\Minidump\060915-3828-01.dmp
2015-06-09 13:55 - 2015-06-09 14:04 - 00000000 ____D C:\Users\Jinchi\Desktop\Argo (2012)
2015-06-09 12:50 - 2015-06-11 19:59 - 00000000 ____D C:\FRST
2015-06-09 12:33 - 2015-06-09 16:53 - 00000000 ____D C:\AdwCleaner
2015-06-05 06:12 - 2015-05-22 09:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-05 06:12 - 2015-05-21 09:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-05 06:12 - 2015-05-21 09:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-05 06:12 - 2015-05-21 09:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-05 06:12 - 2015-05-21 09:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-05 06:12 - 2015-05-21 09:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-05 06:12 - 2015-05-21 09:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-05 06:12 - 2015-04-16 18:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-04 18:09 - 2015-06-04 18:09 - 00000000 ____D C:\Users\Jinchi\AppData\Local\Studio_pomaranča_d.o.o__O
2015-06-04 17:25 - 2015-06-04 17:25 - 00002106 _____ C:\Users\Jinchi\AppData\Local\recently-used.xbel
2015-06-04 17:23 - 2015-06-09 22:02 - 00000000 ____D C:\Users\Jinchi\Documents\OmmWriter
2015-06-04 17:23 - 2015-06-04 17:23 - 00000000 ____D C:\Users\Jinchi\AppData\Local\HerraizSoto
2015-06-04 17:19 - 2015-06-04 17:19 - 00000000 ____D C:\Users\Jinchi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OmmWriter
2015-06-04 17:19 - 2015-06-04 17:19 - 00000000 ____D C:\Program Files (x86)\HerraizSoto
2015-06-04 12:59 - 2015-06-04 12:59 - 01210016 _____ C:\WINDOWS\Minidump\060415-4750-01.dmp
2015-06-03 12:41 - 2009-10-01 03:01 - 00088064 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_IBCBGJA.DLL
2015-06-03 12:41 - 2008-11-12 03:00 - 00118784 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMGJA.DLL
2015-06-02 15:44 - 2015-06-09 16:56 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-02 15:44 - 2015-06-02 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-02 15:43 - 2015-06-02 15:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-02 15:43 - 2015-06-02 15:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-02 15:43 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-02 15:43 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-02 15:43 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-02 15:24 - 2015-06-02 16:24 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-02 15:24 - 2015-06-02 15:24 - 00000000 ____D C:\Program Files (x86)\5701f708-b46a-4e42-a638-cefa20db8c5f
2015-06-02 15:18 - 2015-06-11 19:58 - 00000156 _____ C:\WINDOWS\SysWOW64\Drivers\adip58209xxc.sys
2015-06-02 15:18 - 2015-06-02 15:18 - 00003010 _____ C:\WINDOWS\System32\Tasks\propagation utility manager
2015-06-02 14:28 - 2015-06-02 14:28 - 01299784 _____ C:\WINDOWS\Minidump\060215-4234-01.dmp
2015-06-01 13:33 - 2015-06-01 13:33 - 00000000 ____D C:\Users\Jinchi\AppData\Local\GWX
2015-05-30 13:36 - 2015-05-30 13:36 - 00429136 _____ C:\WINDOWS\Minidump\053015-4718-01.dmp
2015-05-30 09:20 - 2015-06-09 13:21 - 00000000 ____D C:\Program Files (x86)\Project64 2.2
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ C:\WINDOWS\SysWOW64\Drivers\sysdriver32l.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ C:\WINDOWS\SysWOW64\Drivers\nvacyu3258b.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ C:\WINDOWS\SysWOW64\Drivers\msconfigvm.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ C:\WINDOWS\SysWOW64\Drivers\kvn398nryw.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00002962 _____ C:\WINDOWS\System32\Tasks\AlaMaintenance
2015-05-30 09:20 - 2015-05-30 09:20 - 00002960 _____ C:\WINDOWS\System32\Tasks\Media_System_Platform
2015-05-30 09:20 - 2015-05-30 09:20 - 00000029 _____ C:\WINDOWS\SysWOW64\Drivers\nkbyrnkdaklsys462.sys
2015-05-27 11:13 - 2015-05-27 11:13 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00626888 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-05-27 11:13 - 2015-05-27 11:13 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00267976 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00249032 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo27.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2015-05-20 10:27 - 2015-05-20 10:27 - 01268896 _____ C:\WINDOWS\Minidump\052015-4734-01.dmp
2015-05-15 17:10 - 2015-05-15 17:10 - 01235168 _____ C:\WINDOWS\Minidump\051515-4828-01.dmp
2015-05-13 17:56 - 2015-05-13 17:56 - 00280408 _____ C:\WINDOWS\Minidump\051315-4140-01.dmp
2015-05-13 12:43 - 2015-05-21 23:28 - 00000000 ___RD C:\Users\Jinchi\OneDrive
2015-05-12 23:43 - 2015-04-30 16:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 23:43 - 2015-04-30 16:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 23:37 - 2015-05-12 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 23:36 - 2015-05-12 23:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-12 23:36 - 2015-05-12 23:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-12 23:31 - 2015-04-09 20:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-12 23:31 - 2015-04-09 20:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-12 23:31 - 2015-03-17 13:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-12 23:31 - 2015-03-08 22:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-12 23:30 - 2015-04-30 19:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-12 23:30 - 2015-04-30 18:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-12 23:30 - 2015-04-21 12:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-12 23:30 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 23:30 - 2015-04-21 11:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-12 23:30 - 2015-04-09 21:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-12 23:30 - 2015-04-09 20:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-12 23:30 - 2015-04-09 20:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-12 23:30 - 2015-04-08 18:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-12 23:30 - 2015-04-02 20:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-12 23:30 - 2015-04-02 20:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 23:30 - 2015-04-01 18:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-12 23:30 - 2015-04-01 18:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-12 23:30 - 2015-03-31 23:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-12 23:30 - 2015-03-31 22:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-12 23:30 - 2015-03-30 01:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-12 23:30 - 2015-03-26 23:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-12 23:30 - 2015-03-26 22:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-12 23:30 - 2015-03-26 22:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 23:30 - 2015-03-19 21:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-12 23:30 - 2015-03-13 00:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-12 23:30 - 2015-03-13 00:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-12 23:30 - 2015-03-12 22:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-12 23:30 - 2015-03-12 21:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-12 23:30 - 2015-03-12 20:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-12 23:30 - 2015-03-12 20:29 - 00410017 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-05-12 23:30 - 2015-03-10 21:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-12 23:30 - 2015-03-10 21:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-12 23:30 - 2015-03-05 23:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-12 23:30 - 2015-03-05 22:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-12 23:30 - 2015-03-05 22:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-12 23:30 - 2015-03-03 21:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-12 23:30 - 2015-03-03 21:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 23:30 - 2015-02-17 19:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-12 23:30 - 2015-01-29 20:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-11 20:00 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-11 19:58 - 2014-11-24 01:00 - 00000000 ____D C:\Users\Jinchi\AppData\Local\CrashDumps
2015-06-11 19:57 - 2014-08-11 13:00 - 00153624 _____ C:\WINDOWS\setupact.log
2015-06-11 19:57 - 2014-03-23 13:25 - 00000000 ___DO C:\Users\Jinchi\SkyDrive
2015-06-11 19:57 - 2014-02-21 14:07 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-11 19:57 - 2014-02-06 14:58 - 00005006 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for JDUBZ-VAIOPRO13-Jinchi jDubz-VaioPro13
2015-06-11 19:57 - 2014-01-31 11:41 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-11 19:57 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-11 19:57 - 2013-08-22 10:44 - 00470088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-11 19:56 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-11 19:56 - 2013-08-22 09:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-06-11 19:54 - 2013-11-30 07:30 - 01493494 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-11 19:54 - 2013-11-30 03:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-11 19:47 - 2013-11-30 03:34 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-11 19:46 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-11 19:28 - 2014-01-31 11:41 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-11 19:16 - 2014-01-31 11:57 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-11 19:10 - 2014-02-18 18:27 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001UA.job
2015-06-11 19:10 - 2014-02-18 18:27 - 00000892 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001Core.job
2015-06-11 18:35 - 2015-01-08 05:49 - 00000000 ____D C:\Users\Jinchi\AppData\Roaming\vlc
2015-06-11 18:06 - 2013-11-30 01:00 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3768847704-4038817097-2733713293-1001
2015-06-11 02:21 - 2014-03-19 16:15 - 00000000 ____D C:\Users\Jinchi\AppData\Roaming\Skype
2015-06-10 21:08 - 2014-03-16 12:53 - 00000000 ____D C:\Users\Jinchi\AppData\Roaming\BitTorrent
2015-06-10 19:05 - 2013-09-30 00:04 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-10 18:18 - 2013-12-05 18:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-10 10:05 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-10 02:27 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-10 00:13 - 2014-08-24 19:57 - 00000000 ____D C:\Users\Jinchi\AppData\Local\Spotify
2015-06-10 00:11 - 2014-08-24 19:56 - 00000000 ____D C:\Users\Jinchi\AppData\Roaming\Spotify
2015-06-09 21:33 - 2015-02-03 02:31 - 00000000 ___RD C:\Users\Jinchi\Desktop\ENR
2015-06-09 17:42 - 2013-11-30 07:26 - 00000000 ____D C:\Users\Jinchi
2015-06-09 17:40 - 2014-01-31 15:14 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-09 16:37 - 2013-09-29 23:55 - 00427734 _____ C:\WINDOWS\PFRO.log
2015-06-09 13:32 - 2013-11-30 08:35 - 00000000 ___RD C:\Users\Jinchi\Utilities
2015-06-09 13:16 - 2014-01-31 11:57 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-09 13:13 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\vpnplugins
2015-06-09 12:38 - 2013-11-30 17:24 - 00000000 ____D C:\Users\Jinchi\Downloads\Installations
2015-06-09 12:21 - 2014-06-21 15:55 - 00000000 ___RD C:\Users\Jinchi\Desktop\musidia
2015-06-09 11:40 - 2013-08-17 23:29 - 00001184 _____ C:\WINDOWS\Synaptics.log
2015-06-09 11:39 - 2013-11-30 00:58 - 00000000 ____D C:\Update
2015-06-08 11:52 - 2015-01-21 18:25 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-08 11:51 - 2015-04-21 07:57 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-05 20:04 - 2013-11-30 00:52 - 00000000 ____D C:\Users\Jinchi\AppData\Local\Packages
2015-06-04 17:25 - 2013-12-03 00:36 - 00000000 ____D C:\Users\Jinchi\AppData\Local\gtk-2.0
2015-06-04 17:25 - 2013-12-03 00:27 - 00000000 ____D C:\Users\Jinchi\.gimp-2.8
2015-06-04 13:41 - 2013-12-15 03:01 - 00000000 ____D C:\Users\Jinchi\Documents\Justin '4 0' Zhuo
2015-06-04 12:59 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-06-04 12:59 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-06-03 18:29 - 2014-03-19 16:15 - 00000000 ____D C:\ProgramData\Skype
2015-06-03 12:41 - 2015-03-30 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-06-03 12:41 - 2014-08-22 23:10 - 00000000 ____D C:\ProgramData\EPSON
2015-06-03 12:18 - 2013-08-22 11:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 12:18 - 2013-08-22 11:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-03 07:56 - 2015-01-20 22:45 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-06-02 16:25 - 2013-08-22 11:36 - 00000000 __RSD C:\WINDOWS\Media
2015-05-29 10:54 - 2013-11-30 15:13 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-27 20:16 - 2014-02-21 22:37 - 00000000 ____D C:\Users\Jinchi\AppData\Local\Battle.net
2015-05-27 20:16 - 2014-02-21 22:37 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-05-27 11:13 - 2013-10-21 23:54 - 00764104 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-05-27 10:51 - 2013-11-30 18:37 - 00000000 ____D C:\ProgramData\Synaptics
2015-05-27 10:51 - 2013-11-30 03:02 - 00002990 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-05-23 11:52 - 2013-08-17 23:44 - 00541749 _____ C:\WINDOWS\DirectX.log
2015-05-21 23:28 - 2014-02-21 04:01 - 00003112 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3768847704-4038817097-2733713293-1001
2015-05-19 11:11 - 2014-03-20 13:34 - 00000000 ____D C:\Users\Jinchi\AppData\Roaming\Audacity
2015-05-16 19:05 - 2014-02-18 18:27 - 00003892 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001UA
2015-05-16 19:05 - 2014-02-18 18:27 - 00003512 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001Core
2015-05-16 12:23 - 2014-01-31 11:41 - 00003910 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 12:23 - 2014-01-31 11:41 - 00003674 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 06:23 - 2013-08-17 23:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-15 01:28 - 2015-04-04 02:59 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-15 01:28 - 2015-04-04 02:59 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-13 23:23 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-13 12:35 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-13 12:35 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-05-12 23:35 - 2013-09-29 23:51 - 00000000 ____D C:\Program Files\Windows Journal
 
==================== Files in the root of some directories =======
 
2013-11-30 18:39 - 2013-11-30 18:39 - 0000600 _____ () C:\Users\Jinchi\AppData\Roaming\winscp.rnd
2012-05-03 07:12 - 2012-05-03 07:12 - 0000532 _____ () C:\Users\Jinchi\AppData\Local\datos.txt
2015-06-04 17:25 - 2015-06-04 17:25 - 0002106 _____ () C:\Users\Jinchi\AppData\Local\recently-used.xbel
 
Some files in TEMP:
====================
C:\Users\Jinchi\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnbwq7p.dll
C:\Users\Jinchi\AppData\Local\Temp\Gw2.exe
C:\Users\Jinchi\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Jinchi\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Jinchi\AppData\Local\Temp\mytmpinstaller.exe
C:\Users\Jinchi\AppData\Local\Temp\NGM.exe
C:\Users\Jinchi\AppData\Local\Temp\NGMDll.dll
C:\Users\Jinchi\AppData\Local\Temp\NGMResource.dll
C:\Users\Jinchi\AppData\Local\Temp\Quarantine.exe
C:\Users\Jinchi\AppData\Local\Temp\setup.exe
C:\Users\Jinchi\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jinchi\AppData\Local\Temp\sqlite3.dll
C:\Users\Jinchi\AppData\Local\Temp\unicows.dll
C:\Users\Jinchi\AppData\Local\Temp\vlc-2.2.1-win32.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-11 18:06
 
==================== End of log ============================
 
Addition:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Jinchi at 2015-06-11 20:00:46
Running from C:\Users\Jinchi\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3768847704-4038817097-2733713293-500 - Administrator - Disabled)
Guest (S-1-5-21-3768847704-4038817097-2733713293-501 - Limited - Disabled)
Jinchi (S-1-5-21-3768847704-4038817097-2733713293-1001 - Administrator - Enabled) => C:\Users\Jinchi
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Amazon Amazon Music) (Version: 3.9.4.807 - Amazon Services LLC)
ArtRage Studio (HKLM-x32\...\{C017CDD4-CDC7-4D08-8622-E89CF2D36304}) (Version: 3.5.11 - Ambient Design)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Auto Clicker v1.6 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 1.6 - MurGee.com)
BitTorrent (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
calibre 64bit (HKLM\...\{03CC8BD2-B994-4DBC-B10C-FDB2F6DEAAA0}) (Version: 1.35.0 - Kovid Goyal)
Canon MX420 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX420_series) (Version:  - )
CDisplayEx 1.10.25 (HKLM\...\CDisplayEx_is1) (Version:  - cdisplayex.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
EPSON NX330 Series Printer Uninstall (HKLM\...\EPSON NX330 Series) (Version:  - SEIKO EPSON Corporation)
EPSON WorkForce 320 Series Printer Uninstall (HKLM\...\EPSON WorkForce 320 Series) (Version:  - SEIKO EPSON Corporation)
EPSON XP-410 Series Printer Uninstall (HKLM\...\EPSON XP-410 Series) (Version:  - SEIKO EPSON Corporation)
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
Intel AT Service (HKLM\...\McAfee Anti-Theft) (Version: 1.0 - McAfee, Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{978B5476-EAF9-4EB0-AD34-92689249A016}) (Version: 4.2.41.2499 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® WiDi (HKLM\...\{28B4FCD3-1E17-411F-B56A-769DCF9169E0}) (Version: 4.1.14.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c78a13fd-4324-4ddb-a613-746d2461441d}) (Version: 17.13.1 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Jamestown (HKLM-x32\...\Steam App 94200) (Version:  - Final Form Games)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Juniper Networks Setup Client (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Juniper_Setup_Client) (Version: 8.0.3.44983 - Juniper Networks)
Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junos Pulse 5.0 (HKLM-x32\...\Junos Pulse 5.0) (Version: 5.0.44983 - Juniper Networks, Inc.)
Junos Pulse Core Components (x32 Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse Drivers Add-On (Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse Host Checker Plugin Add-On (x32 Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse Tunnel Manager Add-On (x32 Version: 5.0.44983 - Juniper Networks) Hidden
Junos Pulse UAC/NC Components (x32 Version: 5.0.44983 - Juniper Networks) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MATLAB R2014a (HKLM\...\Matlab R2014a) (Version: 8.3 - The MathWorks, Inc.)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\MusicManager) (Version:  - Google, Inc.)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.3.1.57 - NETGEAR Inc.)
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
NFC Connection Utility (HKLM\...\{F3FC1B12-45AA-4ACE-AD9F-DFD87BE9457E}) (Version: 1.0.0.14100 - Sony Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.3.1.0 - NXP Semiconductors)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
OmmWriter (HKLM-x32\...\{804002A3-ACF2-4DF4-9BD2-092A4F738C73}) (Version: 0.1.0.15 - Herraiz & Soto)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.2 - Tracker Software Products Ltd)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Pharos (HKLM-x32\...\Pharos) (Version:  - )
PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Reader for PC (HKLM-x32\...\{25340F94-F74E-4CCF-ABDF-ECBCF03911BE}) (Version: 2.0.00.07121 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6895 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (Version: 1.0.1.11110 - Sony Corporation) Hidden
Spotify (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
The Jackbox Party Pack (HKLM-x32\...\Steam App 331670) (Version:  - Jackbox Games, Inc.)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Update for CHS Microsoft IME HAP Dictionary (Version: 16.0.1522.1 - Microsoft Corporation) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote Keyboard with PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.1.05220 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.3.11280 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.12.13060 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Touch Search (HKLM\...\{F792DDDD-71C8-419E-AE05-46B0CDB1BEC8}) (Version: 1.1.0.1511 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VanDyke Software SecureCRT 6.1 (HKLM-x32\...\{FB9AFA81-FC64-452A-AC30-C992745CC18D}) (Version: 6.1.0 - VanDyke Software, Inc.)
VC8 CRT (Version: 8.0.50727.762 - Juniper Networks) Hidden
VCCMMx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\WinDirStat) (Version:  - )
WinSCP 4.1.6 (HKLM-x32\...\winscp3_is1) (Version: 4.1.6 - Martin Prikryl)
Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jinchi\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3768847704-4038817097-2733713293-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jinchi\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
11-06-2015 12:14:44 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2014-11-11 01:44 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {030423F4-6AE5-423C-A071-5F5F24D4DA86} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {0808CAD4-811B-4C62-902F-CD72F04F43B8} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-11-28] (Sony Corporation)
Task: {12F6D2B1-ACBA-4A46-8F05-7CF39301ACB2} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {152888AE-3924-4319-85E8-6E42EE068406} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {171C27B2-9EB5-4A1D-9093-C3C7EE7F4F41} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {1C5A2E66-E565-49A0-AA4C-D7ACAC4F4560} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {1DAED29A-8AF5-4088-8D98-01C0F96F197A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {29794DC0-3754-4410-ADE1-57DE032AD25A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-31] (Google Inc.)
Task: {2A5F3D65-001C-489F-9B7D-A3DED3846A76} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {2B9EF640-8B62-4E27-AA01-EBA2F4E98569} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-02-28] (Sony Corporation)
Task: {2FD3118B-5CF0-4325-9E9B-7C533D4E6B91} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-11] (Microsoft Corporation)
Task: {31B9760D-C907-4434-AFE8-FE766B6E1AAE} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {323321B2-04B8-4829-BB47-5047687C4097} - System32\Tasks\AlaMaintenance => C:\WINDOWS\SysWOW64\drivers\NVACYU~1.EXE [2015-05-30] ()
Task: {34B0E4B7-CB55-4779-8131-EBBA3E29702A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)
Task: {49C58B60-3AE4-4612-9F8F-151ABEAFA504} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {4D147FA4-0860-4416-95DA-6F94D4E8906B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {4E108295-0B9B-4D0D-97F3-62A1885E3817} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {58A61337-9F57-4273-AB55-13F3FB0273B4} - System32\Tasks\Media_System_Platform => C:\WINDOWS\SysWOW64\drivers\KVN398~1.EXE [2015-05-30] ()
Task: {6BD8553D-D29E-4B0E-B715-D77543F3FE28} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2013-11-07] (Sony Corporation)
Task: {7083F386-39DA-418A-AC8E-1FAB3D9B031B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JDUBZ-VAIOPRO13-Jinchi jDubz-VaioPro13 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-03-10] (Microsoft Corporation)
Task: {71546852-4512-4C88-A869-E690B944DCA3} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {7687A3B2-7E7C-4091-88D5-FD4F4EA3AA96} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {78871205-75A7-4518-ABBC-C8D2D894A770} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {7982BC1E-3759-4437-B410-3F9712C6C313} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-12-09] (Sony Corporation)
Task: {7C1CF5CA-8655-426C-815D-A767366EEBA1} - System32\Tasks\Sony Corporation\VAIO Control Center\NightTimeEnd => C:\Program Files (x86)\Sony\VAIO Control Center\VESSmartConnectTime.exe [2013-03-15] (Sony Corporation)
Task: {7D20217F-BC39-45B4-AC8C-E46A7E695429} - System32\Tasks\propagation utility manager => C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\syscomplus80.exe [2015-06-02] ()
Task: {842642D9-35FD-4FCC-987C-F5DB2FD2603E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {84FE5F63-27E7-4FF8-A706-2870636ADE65} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)
Task: {889E7D7E-A64E-4961-9C47-099AFF877C47} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001UA => C:\Users\Jinchi\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)
Task: {88D4E4B0-00D8-419C-8648-923E8186F53A} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-15] (Microsoft Corporation)
Task: {90BC7B78-F782-445C-BC2E-1F8092B9A9C5} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {923F640F-D7B1-4A47-A158-B315DE0A9E0B} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {9787CF4F-1123-4826-8B30-F06CF6BEE638} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {97D7BDD9-D054-43D7-882B-AD249B77244E} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3768847704-4038817097-2733713293-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {9AE6CBF1-00F0-4F50-AE80-1497C9C858E0} - System32\Tasks\Sony Corporation\VAIO Control Center\NightTimeStart => C:\Program Files (x86)\Sony\VAIO Control Center\VESSmartConnectTime.exe [2013-03-15] (Sony Corporation)
Task: {9B57288A-3AAE-421B-B4FE-6FE8C053B0D5} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {9B80C144-628B-47E1-BFD0-11B344818EF2} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {9C387779-0F66-45B0-859A-1F03F28785BA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {9FFABB92-E02B-4EA5-9F85-0058AC3244F3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {A03FCDC4-2E71-4976-8218-4F2A3AAF9D86} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {AC369F06-22DA-4D4F-A61D-3FC072FEF06C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-31] (Google Inc.)
Task: {ACBF82C2-C2BF-4DCC-AEAA-BD6F5BF22037} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {AD1BED37-66C9-433E-B3C1-F2F861E2C024} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {B4591711-5698-442B-85D4-ED3EDA0CF916} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-05-27] (Synaptics Incorporated)
Task: {BA08B23A-6573-40F1-A308-5D74E46D4835} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001Core => C:\Users\Jinchi\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)
Task: {CA7F3AD7-DE2E-470F-91F9-731925D976D7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {D55F3AC8-6713-4933-B76D-388BABEBA2C2} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {D692D7FB-BCD0-4A73-93A0-9F560AD6CC9B} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {DC709749-C42D-4481-B6F0-75CAD1BFADE2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {E52ED8F9-3D81-48B2-93E6-068DD430ABAC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {EDF1E628-FD13-4FF9-B134-AA386E3A915F} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {F11CB3CD-421B-4EAB-9334-1F4DA7160E40} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {F2A02852-C346-4014-8619-221C284D27A9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {F2BE108D-C1CE-45DB-A829-EB34ECBBDD17} - System32\Tasks\Sony Corporation\NFC Connection Utility\NFC Logon Start => C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe [2014-02-11] (Sony Corporation)
Task: {F60B3402-006E-4F29-AA24-F70C7059EDF1} - System32\Tasks\Sony Corporation\VAIO Care\UpdateConfig => %ProgramData%\Sony Corporation\VCM Data\UpdateConfig.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001Core.job => C:\Users\Jinchi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3768847704-4038817097-2733713293-1001UA.job => C:\Users\Jinchi\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-03-20 13:56 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-06 18:06 - 2013-09-06 18:06 - 00198120 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-09-06 18:06 - 2013-09-06 18:06 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-09-06 18:05 - 2013-09-06 18:05 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-02-04 20:24 - 2015-02-04 20:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-02-25 02:52 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-05-09 01:15 - 2015-05-09 01:15 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-10-28 09:11 - 2015-04-24 21:53 - 05886784 _____ () C:\Users\Jinchi\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-03-14 01:49 - 2015-03-14 01:49 - 00291840 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2013-11-19 11:21 - 2013-11-19 11:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-11-30 02:59 - 2013-05-22 02:25 - 00127464 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\iSCTConnect.dll
2015-05-29 16:04 - 2015-05-29 16:04 - 00117248 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-05-29 16:04 - 2015-05-29 16:04 - 00234496 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-05-29 16:04 - 2015-05-29 16:04 - 00253440 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-05-29 16:04 - 2015-05-29 16:04 - 00344064 _____ () C:\Users\Jinchi\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2014-02-21 14:07 - 2015-04-16 13:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 17:59 - 2015-04-22 22:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-22 01:04 - 2015-06-04 14:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-19 17:59 - 2015-04-22 22:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 17:59 - 2015-04-22 22:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-28 16:13 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 16:13 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 16:13 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-28 16:13 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 16:13 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-02-21 14:07 - 2015-06-04 14:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-05-19 22:29 - 2015-05-19 22:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2014-02-21 14:07 - 2015-05-11 15:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-11-13 10:20 - 2014-11-25 22:12 - 40622592 _____ () C:\Users\Jinchi\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2014-11-13 10:20 - 2014-11-25 22:12 - 00911360 _____ () C:\Users\Jinchi\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2014-11-13 10:20 - 2014-11-25 22:12 - 00134144 _____ () C:\Users\Jinchi\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2013-11-30 03:20 - 2013-05-08 00:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-06-09 23:30 - 2015-06-05 14:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-09 23:30 - 2015-06-05 14:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-09 23:30 - 2015-06-05 14:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll
2015-05-13 21:26 - 2015-05-11 15:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Jinchi\SkyDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jinchi\Pictures\water_forest_2560x1440.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\StartupApproved\Run: => "MurGee.com Auto Clicker"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8AAA2962-98BF-4561-8446-070D15AFF0BD}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{F6FD1D1E-7BCD-494C-AE18-F5E10EC4BD00}] => (Allow) C:\Users\Jinchi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EB1D6051-6DC5-4E4E-99A0-76F0997DD1A2}] => (Allow) C:\Users\Jinchi\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{791B8DC4-488F-4CCC-97B6-A48CD117FF0E}] => (Allow) C:\Users\Jinchi\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{97518567-F6EE-43A5-9220-3A71C3092833}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2A6FCFCE-1889-470C-91B7-6B3C586F5B42}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E120CEE3-FB95-4685-AF4C-581D697283DE}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{09C65444-9E49-4016-AFD4-2C46D8EF8B03}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{1C6D2338-58F6-41B7-9C60-0C8047D158DD}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{55412196-4B43-43EC-A082-5DEDB04C4BF7}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{E353C792-C677-48C7-B015-914EFA660B2D}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{63CAE482-DDB5-4187-AE7C-39C0809ED0C8}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{E3F1E628-78C7-43C7-B500-5B49FF7E0FF5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BD493E0D-100F-4882-BC6E-7AD0357C7FE9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{251B91E5-585F-427C-AFBA-9E5810A40D95}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C897F144-EB0C-4122-87F6-856760C9D5D4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AF322307-A300-4E27-80C1-EA374A4D0B6B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{87843785-23D4-49CF-9761-677FC305096A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5BD520C5-FAA1-4168-A2C2-0345ABDA612B}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{205AA04E-E323-4943-BA78-A144C44151E4}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{31F0FEA3-CC25-4FC3-839F-2C1A010901CA}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{8B8371EC-4A0D-40DE-8018-BB13A1B14CFE}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{08C88937-DA82-4D89-AA5C-915911D66CC2}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [TCP Query User{12302747-C7E1-4B23-B720-756D7CEC8B58}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{62F4D8AC-28A5-4295-985F-BCDA5EE2B46C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{25ADA3AE-6C5C-4EB9-9037-4770A4472BC4}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{502C5361-ED40-4CF6-B109-FD0FFAF68CC4}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{7AD297A5-9A53-428C-9BD9-7B692F86C7DF}] => (Allow) C:\Users\Jinchi\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{6C04DF68-1EF8-47DF-9B12-553B827A4927}] => (Allow) C:\Users\Jinchi\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{6453304B-1C45-46DE-96E9-BC500401CBF1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{75721F3D-024D-4471-BEF1-1AA2D7721F16}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{E5CBBA80-AE60-406A-A474-B5BAC3FB9705}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{E317F802-C9AB-4BD3-B085-356CEC5FF10D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{BE7E2239-2362-4AA3-A03B-ACE80FFB1F9E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{E82670D9-49E4-4AAA-8424-60E2BFA3DD65}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{A80FAE7F-E488-4060-8EED-68088003691C}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0495F14C-548F-40E0-A535-A6E8987C61DA}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5845DD02-4469-4A05-A346-D4A7F4F77759}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{F44BBD2E-ABEC-42CB-B621-03623EF1F56E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{CE20CBB9-AC0F-4E44-BA11-E1F8027D7342}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{3365CD26-78F5-4B7E-9573-91AAC52872BD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{36A01BAE-2D0D-4041-88F4-987A3006EE3B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{D23E44CC-C04F-459C-86E5-CD64AFD0503C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{E98A7E2E-E3DC-42E6-BE9B-B0A4D6D2272D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{50DE9A46-6BF5-4CD8-933A-8A762550054B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{DC0BB4CF-F7E0-4C47-8885-5761E964BC88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{00A069BC-CFD1-4C64-9EC0-A6C66B954B22}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{BB93A3D9-3CBA-49FC-87C5-F1FC28D9279E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{1E4C0F28-F197-4F02-A22A-DEC30B741F20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{8D3F088D-BBF1-42FB-8185-455B060E2283}] => (Allow) F:\Program Files (jDubz-VaioPro13)\StarCraft II\StarCraft II.exe
FirewallRules: [{46E34459-B59A-4FF8-80C3-A9FFA570DA95}] => (Allow) F:\Program Files (jDubz-VaioPro13)\StarCraft II\StarCraft II.exe
FirewallRules: [{DC1935B2-387A-49E7-B25C-77E58AA5707D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{C10F3F30-F05D-4CBE-AECD-3A99BEA66363}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{23EB8DF5-B400-4FAB-8FE7-571CD9370779}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B59228DD-F389-4134-BF0F-2C7BEB701252}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C4103880-1F3A-4E4B-968C-2107B1CADB45}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{80EA95F6-F360-4D14-B103-C746258503A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{058DF99D-CDAA-48B9-B738-087CBD74BAA6}] => (Allow) F:\Program Files (jDubz-VaioPro13)\StarCraft II\StarCraft II\StarCraft II.exe
FirewallRules: [{C1A98549-3BCA-491C-8A44-7A522A3C8465}] => (Allow) F:\Program Files (jDubz-VaioPro13)\StarCraft II\StarCraft II\StarCraft II.exe
FirewallRules: [{AE5F9B45-9630-4A60-8B5F-93F51E917B20}] => (Allow) F:\Program Files (jDubz-VaioPro13)\StarCraft II\Diablo III\Diablo III.exe
FirewallRules: [{6B301B05-7D3E-4470-A560-F2D82CB7D48D}] => (Allow) F:\Program Files (jDubz-VaioPro13)\StarCraft II\Diablo III\Diablo III.exe
FirewallRules: [{AD195C8E-94DC-40B5-8689-70C284D7B09B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{67888B5E-3F5D-408E-A62A-EACC128E0842}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{B3A5162E-4122-40A6-AF5C-64FDB850D89D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{8D7F49B6-CDE4-46D1-88F4-613F2D45ECF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{110DAD28-A1BC-436A-8A7D-99DAEAC915E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{C4531F6C-FA1B-4A53-A96F-0492F098245F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{E3DA1792-8785-4318-9BB7-C02E00BB98DE}] => (Allow) F:\Program Files (jDubz-VaioPro13)\Diablo III\Diablo III\Diablo III.exe
FirewallRules: [{5FB06E85-344C-4321-9DCE-13EB1D407D18}] => (Allow) F:\Program Files (jDubz-VaioPro13)\Diablo III\Diablo III\Diablo III.exe
FirewallRules: [{E094F486-9C85-43E6-BA60-6A925B80983D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{BF7FB06E-24FB-4077-BA34-AEAB42A5A60B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{E0B0069C-4B1D-41B5-A6D0-A7FA4628D080}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{81860655-B976-4103-837E-05D6E4AFAD52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{9AC2C5C2-E121-4729-BF53-49F9565AAFB8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{B6DA9A04-E806-47D2-9C07-B31861AE2FA0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{6957DDEE-47CF-4180-A4BC-4C293426B957}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{9E8204E6-FBEC-466F-AC48-A83E8E03D770}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{F3916993-E489-40F6-8AFF-64BF6FC70662}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{2599BCD5-04FE-4D1B-A5A5-45DF0E5803BC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{AA548EB3-BF98-47B8-B69D-CFED1BCACC6E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{5483B2BF-AF1A-4D24-B7EB-5CCCA5AAA801}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{A8DE2EA6-5260-4A21-BDBD-F3985B297AA2}] => (Allow) E:\Program Files (jDubz-VaioPro13)\Diablo III\Diablo III.exe
FirewallRules: [{767D1032-0535-4BDB-BADA-3229D7A4A395}] => (Allow) E:\Program Files (jDubz-VaioPro13)\Diablo III\Diablo III.exe
FirewallRules: [{DE63C0AA-5ED3-4E79-8B2B-CAF1B0AE8F13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{EC7C7221-D843-4FB5-B3F5-0B625F2A6134}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{524E045D-356E-417F-98F4-F009032628FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{DD7D1823-B827-433E-A657-59925B565513}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{EC9AE200-890A-4E41-BBA1-A6D5EB3FE67B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{D4E514FD-00FF-46E4-9B09-CD7FA0F7F093}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{15E353EC-3481-4F8D-80F3-092603B6FD83}C:\users\jinchi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jinchi\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8FEDE70E-E603-4216-A7A3-844697DFB902}C:\users\jinchi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jinchi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E94EEF82-89B4-468C-9B58-A770361CFA9B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{3500FF7E-4DF6-47E7-ABF3-409999AF9A86}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{1C3EB99F-F0EC-47BB-8EA5-63D5D0D8A6F6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D2ABEE00-5913-4E4A-9B38-6FFC4D2F96C5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{D3646E6C-A650-4643-9ACC-DEA744641FC9}C:\users\jinchi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jinchi\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3D1D352B-3303-4DA2-B1D0-730B81784C67}C:\users\jinchi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jinchi\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2A3A219A-CE17-4D00-85B7-BA674F889C70}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{9369B298-C6DD-4688-A476-C5954505C3A6}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{906A536B-6264-48D8-BB26-68AE21610CE2}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{632C8043-55FD-47A6-BC3F-AC3625C640CE}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{59DFAD8F-7AB1-4307-A1BC-51108ADD3B77}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{57BEC37C-EBA5-4920-8259-9068A85A6CA7}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{9839765B-9955-42C0-868A-9B475B601613}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{E432DCE2-9770-4311-B633-917753449E56}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [TCP Query User{8DB4EB37-0ABC-4945-80F0-51EBC4730AA1}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{6B0B1C33-683E-4583-9E1A-0309E54BBB09}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [TCP Query User{8FBF3A64-26D1-468A-81F1-708D0AD865E9}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{8CF18467-B70F-407C-BB22-0B86857EECD0}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{933CD28C-77EC-423E-8304-A1050E969941}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{D89BDACC-CEF6-4A48-A593-2A6910425019}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AACDE79C-510C-4BD9-B23D-AFA8ADC97F94}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{57210441-E915-49AE-BD82-C6C7A0A04908}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{922A446F-DF52-4EEF-892E-1D77A09F5AB9}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{B48CC07B-F2E0-4D64-98D8-9DE92D4C955E}] => (Allow) F:\Program Files (jDubz-VaioPro13)\Hearthstone\Hearthstone.exe
FirewallRules: [{D89DD20F-8D07-4090-AB69-8F352F7A4099}] => (Allow) F:\Program Files (jDubz-VaioPro13)\Hearthstone\Hearthstone.exe
FirewallRules: [{54D13F0E-D893-4BCF-8C41-919E881022F2}] => (Allow) F:\Program Files (jDubz-VaioPro13)\Diablo III\Diablo III.exe
FirewallRules: [{9F206291-A2D3-48DF-A772-E87735EC1156}] => (Allow) F:\Program Files (jDubz-VaioPro13)\Diablo III\Diablo III.exe
FirewallRules: [{DD25789B-F44E-41FF-869E-ADB5CF5E2377}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{FE112EFF-C326-4577-B14C-49B37A374411}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{52D65AAD-3D82-49D0-B406-08D8FA767171}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{E1C3C5C0-1E9F-47E6-A4BC-AB6A05FF9EB8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{5A16C813-2406-4FF1-B34B-2068AFDC5C5A}F:\program files (jdubz-vaiopro13)\starcraft ii\versions\base32283\sc2.exe] => (Allow) F:\program files (jdubz-vaiopro13)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{2800DE1B-F1C0-4286-9978-92F65D533DAD}F:\program files (jdubz-vaiopro13)\starcraft ii\versions\base32283\sc2.exe] => (Allow) F:\program files (jdubz-vaiopro13)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{C3A354D5-5113-47FB-8E4D-FA8B2D23C4E9}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{4AB904BE-EE39-4DFD-A3EB-59BEFF38F2FC}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{440E5F9B-FE9A-4044-8B25-2E8DE56673D7}C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe
FirewallRules: [UDP Query User{A9C15CB1-5532-45DB-B7BB-158052C6487E}C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\jp2launcher.exe
FirewallRules: [{8E41BCA7-502D-4486-B527-CF0FAFEC1156}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{2B3793F2-9266-486A-BE21-18EFD96B43B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{65D31D05-BB72-4F36-AB4E-4C2B66493A3D}C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{5087FF18-52D3-4AF3-844D-4B5E1CAC3076}C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [{7EC1864E-0560-4E3C-AF07-57296475FEBA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack\TJPP.exe
FirewallRules: [{163A303D-BE69-4C35-8FC6-06AF21190EB4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack\TJPP.exe
FirewallRules: [{5C4E911C-D967-4A68-8D86-0B988078FF84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jamestown\Jamestown.exe
FirewallRules: [{B0DEC9C8-AD97-4016-8F7D-D76FB822C988}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jamestown\Jamestown.exe
FirewallRules: [{369CB4F6-A3A4-4721-8809-84C7E5C30AE3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9336C1A8-6B53-4240-ABDB-52E288D99240}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1B12E98C-D977-4551-9436-33A9D4D707BC}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BC7EC7E0-B477-4B1A-A261-6B1588562412}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{2BA78191-0034-4865-9CF4-60856E57EE5A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8B4EF6F8-AAC4-45EA-9E97-7959C4E75AC9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BECAC9FC-4F12-41E6-8FCA-59DBFBFC4F30}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{84B627E3-7BFA-44FE-B149-885484EA04F5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{729B1B06-A3C1-42AC-AD3E-B3DB789888C1}] => (Allow) F:\Program Files (jDubz-VaioPro13)\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{65730D45-7D8F-4AAF-9858-3EEDD89C4FF7}] => (Allow) F:\Program Files (jDubz-VaioPro13)\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4B8E93A6-C791-4D84-B66A-A87B9C3FA913}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/11/2015 07:58:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: oxofpodr.exe, version: 3.21.0.162, time stamp: 0x5578454d
Faulting module name: USER32.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000142
Fault offset: 0x0009d4f2
Faulting process id: 0x22d0
Faulting application start time: 0xoxofpodr.exe0
Faulting application path: oxofpodr.exe1
Faulting module path: oxofpodr.exe2
Report Id: oxofpodr.exe3
Faulting package full name: oxofpodr.exe4
Faulting package-relative application ID: oxofpodr.exe5
 
Error: (06/11/2015 07:56:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ffcc34cb501
Faulting process id: 0x1c4c
Faulting application start time: 0xVCAgent.exe0
Faulting application path: VCAgent.exe1
Faulting module path: VCAgent.exe2
Report Id: VCAgent.exe3
Faulting package full name: VCAgent.exe4
Faulting package-relative application ID: VCAgent.exe5
 
Error: (06/11/2015 07:56:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCAgent.App.Main()
 
Error: (06/11/2015 11:42:08 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80045205\n
 
Error: (06/11/2015 07:48:16 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::ClearNetDetectConfig   Net Detect:  Error disabling net detect adapter Error=0x80045202\n
 
Error: (06/11/2015 07:32:54 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::ClearNetDetectConfig   Net Detect:  Error disabling net detect adapter Error=0x80045202\n
 
Error: (06/11/2015 07:02:26 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::ClearNetDetectConfig   Net Detect:  Error disabling net detect adapter Error=0x80045202\n
 
Error: (06/11/2015 06:01:09 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::ClearNetDetectConfig   Net Detect:  Error disabling net detect adapter Error=0x80045202\n
 
Error: (06/10/2015 06:33:50 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::ClearNetDetectConfig   Net Detect:  Error disabling net detect adapter Error=0x80045202\n
 
Error: (06/10/2015 10:04:26 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80045205\n
 
 
System errors:
=============
Error: (06/11/2015 07:58:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The AlaPerformance service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (06/11/2015 07:57:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/11/2015 07:56:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
%%1062
 
Error: (06/11/2015 07:56:48 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
 
Error: (06/11/2015 07:56:48 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
 
Error: (06/11/2015 07:54:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Update for Windows 8.1 for x64-based Systems (KB3055999).
 
Error: (06/11/2015 07:54:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Update for Windows 8.1 for x64-based Systems (KB3034348).
 
Error: (06/11/2015 07:54:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007045b: Update for Windows 8.1 for x64-based Systems (KB3045634).
 
Error: (06/09/2015 10:20:38 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (06/09/2015 05:42:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office:
=========================
Error: (06/11/2015 07:58:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: oxofpodr.exe3.21.0.1625578454dUSER32.dll6.3.9600.17736550f42c2c00001420009d4f222d001d0a4a27f9c41f3C:\Users\Jinchi\AppData\Local\Temp\tmp_uf0\oxofpodr.exeUSER32.dllbd879f00-1095-11e5-bf57-5c514f2e2696
 
Error: (06/11/2015 07:56:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c000000500007ffcc34cb5011c4c01d0a2fde5fb427bC:\Program Files\Sony\VAIO Care\VCAgent.exeunknown82cbf372-1095-11e5-bf56-5c514f2e2696
 
Error: (06/11/2015 07:56:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at VCAgent.App.Main()
 
Error: (06/11/2015 11:42:08 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80045205\n
 
Error: (06/11/2015 07:48:16 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::ClearNetDetectConfig   Net Detect:  Error disabling net detect adapter Error=0x80045202\n
 
Error: (06/11/2015 07:32:54 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::ClearNetDetectConfig   Net Detect:  Error disabling net detect adapter Error=0x80045202\n
 
Error: (06/11/2015 07:02:26 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::ClearNetDetectConfig   Net Detect:  Error disabling net detect adapter Error=0x80045202\n
 
Error: (06/11/2015 06:01:09 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::ClearNetDetectConfig   Net Detect:  Error disabling net detect adapter Error=0x80045202\n
 
Error: (06/10/2015 06:33:50 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::ClearNetDetectConfig   Net Detect:  Error disabling net detect adapter Error=0x80045202\n
 
Error: (06/10/2015 10:04:26 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80045205\n
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-06-06 05:35:32.563
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:32.388
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:32.205
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:32.027
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:31.852
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:31.675
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:21.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-06 05:35:21.018
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-05 04:43:36.108
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-06-05 04:43:35.929
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 75%
Total physical RAM: 4002.88 MB
Available physical RAM: 984.55 MB
Total Pagefile: 8085.82 MB
Available Pagefile: 4188.37 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:104.57 GB) (Free:12 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: C75D96EC)
 
Partition: GPT Partition Type.
 
==================== End of log ============================

 

Attached Files



#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:05:53 PM

Posted 11 June 2015 - 07:37 PM

Hi,

 

Thank you for the logs. I'll post back later today since we have different timezone and here it is 03.40 A.M. and I need my sleep now. :)

 

Thank you for your patience and understanding.

 

 

 

Regards,

Georgi


cXfZ4wS.png


#5 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:05:53 PM

Posted 12 June 2015 - 12:49 PM

Hi,
 
 
Please download the following file => and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Let me know how are things after the fix above.
 
 
Regards,
Georgi
 


cXfZ4wS.png


#6 mrJinch

mrJinch
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:53 AM

Posted 15 June 2015 - 02:17 PM

Seems like it's all removed. Thank you so much!

 

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Jinchi at 2015-06-15 14:03:23 Run:2
Running from C:\Users\Jinchi\Desktop
Loaded Profiles: Jinchi (Available Profiles: Jinchi)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\...\Run: [UM] => C:\Users\Jinchi\AppData\Roaming\Update Manager\UM.EXE
C:\Users\Jinchi\AppData\Roaming\Update Manager
S2 AlaPerformance; C:\WINDOWS\SysWOW64\drivers\svchost.exe [114688 2015-06-11] (ServiceEx) [File not signed]
2015-06-11 19:57 - 2015-06-11 19:57 - 00114688 _____ (ServiceEx) C:\WINDOWS\SysWOW64\Drivers\svchost.exe
Folder: C:\a49ad93893034b721e8f33a6c8
2015-06-02 15:24 - 2015-06-02 16:24 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-02 15:24 - 2015-06-02 15:24 - 00000000 ____D C:\Program Files (x86)\5701f708-b46a-4e42-a638-cefa20db8c5f
2015-06-02 15:18 - 2015-06-11 19:58 - 00000156 _____ C:\WINDOWS\SysWOW64\Drivers\adip58209xxc.sys
2015-06-02 15:18 - 2015-06-02 15:18 - 00003010 _____ C:\WINDOWS\System32\Tasks\propagation utility manager
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ C:\WINDOWS\SysWOW64\Drivers\sysdriver32l.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ C:\WINDOWS\SysWOW64\Drivers\nvacyu3258b.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ C:\WINDOWS\SysWOW64\Drivers\msconfigvm.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00989696 _____ C:\WINDOWS\SysWOW64\Drivers\kvn398nryw.exe
2015-05-30 09:20 - 2015-05-30 09:20 - 00002962 _____ C:\WINDOWS\System32\Tasks\AlaMaintenance
2015-05-30 09:20 - 2015-05-30 09:20 - 00002960 _____ C:\WINDOWS\System32\Tasks\Media_System_Platform
2015-05-30 09:20 - 2015-05-30 09:20 - 00000029 _____ C:\WINDOWS\SysWOW64\Drivers\nkbyrnkdaklsys462.sys
Task: {323321B2-04B8-4829-BB47-5047687C4097} - System32\Tasks\AlaMaintenance => C:\WINDOWS\SysWOW64\drivers\NVACYU~1.EXE [2015-05-30] ()
Task: {58A61337-9F57-4273-AB55-13F3FB0273B4} - System32\Tasks\Media_System_Platform => C:\WINDOWS\SysWOW64\drivers\KVN398~1.EXE [2015-05-30] ()
Task: {7D20217F-BC39-45B4-AC8C-E46A7E695429} - System32\Tasks\propagation utility manager => C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\syscomplus80.exe [2015-06-02] ()
cmd: bitsadmin /reset /allusers
cmd: netsh winsock reset catalog
cmd: ipconfig /flushdns
Hosts:
RemoveProxy:
EmptyTemp:
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\Software\Microsoft\Windows\CurrentVersion\Run\\UM => value removed successfully
"C:\Users\Jinchi\AppData\Roaming\Update Manager" => File/Folder not found.
AlaPerformance => Service not found.
"C:\WINDOWS\SysWOW64\Drivers\svchost.exe" => File/Folder not found.
 
========================= Folder: C:\a49ad93893034b721e8f33a6c8 ========================
 
 
====== End of Folder: ======
 
C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
C:\Program Files (x86)\5701f708-b46a-4e42-a638-cefa20db8c5f => moved successfully.
C:\WINDOWS\SysWOW64\Drivers\adip58209xxc.sys => moved successfully.
C:\WINDOWS\System32\Tasks\propagation utility manager => moved successfully.
C:\WINDOWS\SysWOW64\Drivers\sysdriver32l.exe => moved successfully.
C:\WINDOWS\SysWOW64\Drivers\nvacyu3258b.exe => moved successfully.
C:\WINDOWS\SysWOW64\Drivers\msconfigvm.exe => moved successfully.
C:\WINDOWS\SysWOW64\Drivers\kvn398nryw.exe => moved successfully.
C:\WINDOWS\System32\Tasks\AlaMaintenance => moved successfully.
C:\WINDOWS\System32\Tasks\Media_System_Platform => moved successfully.
C:\WINDOWS\SysWOW64\Drivers\nkbyrnkdaklsys462.sys => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{323321B2-04B8-4829-BB47-5047687C4097}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{323321B2-04B8-4829-BB47-5047687C4097}" => key removed successfully
C:\Windows\System32\Tasks\AlaMaintenance not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AlaMaintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{58A61337-9F57-4273-AB55-13F3FB0273B4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58A61337-9F57-4273-AB55-13F3FB0273B4}" => key removed successfully
C:\Windows\System32\Tasks\Media_System_Platform not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Media_System_Platform" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7D20217F-BC39-45B4-AC8C-E46A7E695429}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D20217F-BC39-45B4-AC8C-E46A7E695429}" => key removed successfully
C:\Windows\System32\Tasks\propagation utility manager not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\propagation utility manager" => key removed successfully
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
{06129911-D8C2-435D-A5AD-3E4E9751DFDF} canceled.
1 out of 1 jobs canceled.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3768847704-4038817097-2733713293-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
EmptyTemp: => 3.7 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 14:04:36 ====

Attached Files



#7 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:05:53 PM

Posted 15 June 2015 - 03:15 PM

Hi,

 

 

Here are the last set of steps just to make sure nothing is lurking in the dark corners. smile.png

 

 

 

STEP 1

 

 

Please download Malwarebytes Anti-Malware 2.1.6.1022 Final to your desktop.
 

  • Double-click mbam-setup-2.1.6.1022.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Settings tab > Detection and Protection subtab, Detection Options, tick the box 'Scan for rootkits'.
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may see this message box.
    • 'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

 

STEP 2

 

 

 

1.Please download HitmanPro.

  • For 32-bit Operating System - dEMD6.gif.
  • This is the mirror - dEMD6.gif
  • For 64-bit Operating System - dEMD6.gif
  • This is the mirror - dEMD6.gif

2.Launch the program by double clicking on the 5vo5F.jpg icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).

Note: If the program won't run please then open the program while holding down the left CTRL key until the program is loaded.

3.Click on the next button. You must agree with the terms of EULA. (if asked)

4.Check the box beside "No, I only want to perform a one-time scan to check this computer".

5.Click on the next button.

6.The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.

7.When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!

 

6-scanfin-choose.jpg
 
8.Click on the next button.

9.Click on the "Save Log" button.

10.Save that file to your desktop and post the content of that file in your next reply.
 
Note: if there isn't a dropdown menu when the scan is done then please don't delete anything and close HitmanPro

Navigate to C:\ProgramData\HitmanPro\Logs open the report and copy and paste it to your next reply.

 

Note: Programdata is hidden by default. Please make sure that you can view all hidden files. Instructions on how to do this can be found here:
How to see hidden files in Windows

 

 

 

STEP 3

 

 

emsisoft_emergency_kit.pnglogo.png

  • Download EmsisoftEmergencyKit, run the exe and extract the content in a folder of your choice like (C:\EEK) by clicking the Extract button.
  • Double-click the desktop-shortcut called Start Emsisoft Emergency Kit to start the tool.
  • Click on the "Yes" button when asked to obtain the latest malware definitions.
  • Once the update is complete click "Scan".
  • Click on the "Yes" button when asked to enable the scan for Potentially Unwanted Applications.
  • Next click on the Full Scan. When the scan complete, click on the View Report button (don't delete or quarantine anything).
  • Please copy and paste the content of the report in your next reply.

 

 

 

Regards,

Georgi


cXfZ4wS.png


#8 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:05:53 PM

Posted 18 June 2015 - 03:08 AM

Hi,

It's been several days. Do you still need help on this?
This thread will be closed if you don't respond within 72 hours.
Thank you for your understanding! :)


Regards,
Georgi


cXfZ4wS.png


#9 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,310 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:05:53 PM

Posted 21 June 2015 - 12:57 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

cXfZ4wS.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users