Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can not connect to Internet as IP settings get reset


  • This topic is locked This topic is locked
25 replies to this topic

#1 troubledsoul

troubledsoul

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 14 April 2016 - 06:29 AM

Hi
 
1. I was mostly unable to connect to the internet for the last few days. Sometimes rolling back or updating the LAN driver worked, so I was using that as a stop gap. 
 
2. After 2-3 days that fix stopped working. Today when I called the local IT guru, he said that LAN IP settings had somehow gotten erased. He put the IP settings and the thing started working. After he left, I disabled the LAN adapter and switched it on. No connection. Called guru gain. He said malware. Again manually inserted the IP, Subnet Mask, Gateway, DNS values. Did not work. Kept repeating the process because each time some of the fields were going blank.  Somewhere it started working. But not without trouble. Almost every site says "DNS address could not be found.". For example, this is what I got with bleeping computer:
 
www.bleepingcomputer.com’s server DNS address could not be found.
ERR_NAME_NOT_RESOLVED
 
 
3. Somehow managed to register with BC and posting this message.
 
4. Just before this problem started, I had upgraded my Kaspersky 2013 to whatever is the latest version. 
 
5. Around the same time, I had also installed Malwarebytes Anti-exploit. Removed that once the problem started. That did not fix anything.
 
6. My comp has become slow off late. I have tried scanning with multiple AVs (Kaspersky, Malwarebyte's, ESET), none of them have ever found anything.
 
7. Any help would be greatly appreciated. 
 
Thanks a million!
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:13-04-2016
Ran by SD (administrator) on MINDBLOWER (14-04-2016 15:50:53)
Running from C:\Users\SD\Desktop
Loaded Profiles: SD (Available Profiles: SD)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
() D:\Programs on D\Everything\Everything.exe
(Google Inc) C:\Program Files\Google\Google Input Tools\GoogleInputService.exe
() D:\Programs on D\AtempoLiveNavigator\bin\HNagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Nitro PDF Software) D:\Programs on D\NitroPDF\NitroPDFReaderDriverService3.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Google Inc.) C:\Program Files\Google\Google Input Tools\GoogleInputHandler.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Old McDonald's Farm) D:\Programs on D\Autorun Eater\oldmcdonald.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() D:\Programs on D\Everything\Everything.exe
(Oracle Corporation) D:\Programs on D\AtempoLiveNavigator\jre\bin\javaw.exe
() C:\Windows\StartupMonitor.exe
(Old McDonald's Farm) D:\Programs on D\Autorun Eater\billy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() D:\Programs on D\Rainlendar2\Rainlendar2.exe
(Ruiware) D:\Programs on D\WinPatrol\WinPatrol.exe
() D:\Programs on D\Launchy\Launchy.exe
(Zhorn Software) D:\Programs on D\Stickies\stickies.exe
(Dropbox, Inc.) C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Autorun Eater] => D:\Programs on D\Autorun Eater\oldmcdonald.exe [522720 2012-02-17] (Old McDonald's Farm)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1183744 2007-02-21] (Analog Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [Everything] => D:\Programs on D\Everything\Everything.exe [1048576 2014-08-06] ()
HKLM\...\Run: [HNTray] => D:\Programs on D\AtempoLiveNavigator\japps\HNTray.jar [81155 2014-10-01] ()
HKLM\...\Run: [Run StartupMonitor] => C:\Windows\StartupMonitor.exe [86016 2000-05-20] ()
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [6154296 2016-03-25] (Box, Inc.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2601816 2015-11-05] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [2756672 2016-03-09] (Dominik Reichl)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Run: [Rainlendar2] => D:\Programs on D\Rainlendar2\Rainlendar2.exe [2598496 2013-03-10] ()
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Run: [Google Update] => C:\Users\SD\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Run: [Dropbox Update] => C:\Users\SD\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Run: [WinPatrol] => D:\Programs on D\WinPatrol\winpatrol.exe [1216648 2015-08-06] (Ruiware)
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\MountPoints2: {03099ae5-5717-11e3-bf9d-001a4b7a6ef6} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\MountPoints2: {04bc6363-f0ac-11e5-8ac0-001a4b7a6ef6} - H:\AutoRun.exe
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\MountPoints2: {30829f2a-4b36-11e5-8a87-001a4b7a6ef6} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\MountPoints2: {fbb5b0ea-35a0-11e5-97f0-e10cee659626} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncFileLocked] -> {2a607da5-abe8-358e-a881-c0f5faf2d3a5} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncFileLockedByOther] -> {f7d2951f-0b6b-346c-99ec-69cffc30a364} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncNotSynced] -> {5ea95e3d-3e46-3812-b03c-49785fa67d41} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncProblem] -> {a88b7184-bfa1-3d14-8efb-2225df9699bc} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncSynced] -> {c89f9943-8f58-3eca-bd55-a658f53b2f48} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [__HNOverlayProtStatus1] -> {450ACD9A-FF33-411A-AD17-94F72F47BA3A} => D:\Programs on D\AtempoLiveNavigator\bin\hnoverlay.dll [2014-10-01] (Atempo)
ShellIconOverlayIdentifiers: [__HNOverlayProtStatus2] -> {450ACD9A-FF33-411A-AD17-94F72F47BA3B} => D:\Programs on D\AtempoLiveNavigator\bin\hnoverlay.dll [2014-10-01] (Atempo)
ShellIconOverlayIdentifiers: [__HNOverlayProtStatus3] -> {450ACD9A-FF33-411A-AD17-94F72F47BA3C} => D:\Programs on D\AtempoLiveNavigator\bin\hnoverlay.dll [2014-10-01] (Atempo)
ShellIconOverlayIdentifiers: [__HNOverlayProtStatus4] -> {450ACD9A-FF33-411A-AD17-94F72F47BA3D} => D:\Programs on D\AtempoLiveNavigator\bin\hnoverlay.dll [2014-10-01] (Atempo)
ShellIconOverlayIdentifiers: [__HNOverlayProtStatus5] -> {450ACD9A-FF33-411A-AD17-94F72F47BA3E} => D:\Programs on D\AtempoLiveNavigator\bin\hnoverlay.dll [2014-10-01] (Atempo)
ShellIconOverlayIdentifiers: [__HNOverlayProtStatus6] -> {450ACD9A-FF33-411A-AD17-94F72F47BA3F} => D:\Programs on D\AtempoLiveNavigator\bin\hnoverlay.dll [2014-10-01] (Atempo)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk [2015-09-27]
ShortcutTarget: Launchy.lnk -> D:\Programs on D\Launchy\Launchy.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk [2015-09-27]
ShortcutTarget: Stickies.lnk -> D:\Programs on D\Stickies\stickies.exe (Zhorn Software)
Startup: C:\Users\SD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicyScripts: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: [S-1-5-21-1435187640-4071721805-2113652602-1000] => 192.168.1.51:3128
AutoConfigURL: [S-1-5-21-1435187640-4071721805-2113652602-1000] => 192.168.1.51:3128
Tcpip\Parameters: [DhcpNameServer] 192.168.1.130 218.248.241.3
Tcpip\..\Interfaces\{407CBC13-5C23-4C13-8B25-A1EEB57F2C0D}: [NameServer] 192.168.1.130,8.8.8.8
Tcpip\..\Interfaces\{407CBC13-5C23-4C13-8B25-A1EEB57F2C0D}: [DhcpNameServer] 192.168.1.130 218.248.241.3 8.8.8.8
Tcpip\..\Interfaces\{ED0663E9-8FFD-4059-A5A6-DAE40C78D32C}: [DhcpNameServer] 192.168.1.130 218.248.241.3
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Tensons.Application.DownloadAcceleratorManager.BHO -> {00000003-1118-11da-8cd6-0800200c9888} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-04] (AO Kaspersky Lab)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-04] (AO Kaspersky Lab)
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552
FF Homepage: C:\\Users\\SD\\Desktop\\My home page.html
FF NetworkProxy: "backup.ftp", "192.168.1.50"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "192.168.1.50"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "192.168.1.50"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "192.168.1.50"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "192.168.1.50"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "192.168.1.50"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "192.168.1.50"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_204.dll [2016-03-25] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @alternatiff.com/AlternaTIFF -> C:\Program Files\MIE\AlternaTIFF\npzzatif.dll [2015-05-22] (Medical Informatics Engineering, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> D:\Programs on D\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1435187640-4071721805-2113652602-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\SD\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1435187640-4071721805-2113652602-1000: @talk.google.com/O1DPlugin -> C:\Users\SD\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1435187640-4071721805-2113652602-1000: @tools.google.com/Google Update;version=3 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-1435187640-4071721805-2113652602-1000: @tools.google.com/Google Update;version=9 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\SD\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\SD\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: DownThemAll! - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-17]
FF Extension: WOT - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-17]
FF Extension: Flash and Video Download - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-03-23]
FF Extension: FlashGot - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-04-06]
FF Extension: NoScript - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-06]
FF Extension: Zotero - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\extensions\zotero@chnm.gmu.edu.xpi [2016-04-06]
FF Extension: Video DownloadHelper - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-07]
FF Extension: Adblock Plus - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-29]
FF HKLM\...\Firefox\Extensions: [wcapturex@deskperience.com] - D:\Programs on D\WordWeb\WCaptureMoz
FF Extension: WordWeb one-click lookup - D:\Programs on D\WordWeb\WCaptureMoz [2013-11-26] [not signed]
FF HKLM\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-04-08]
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxps://www.google.co.in/
CHR Profile: C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-21]
CHR Extension: (Kaspersky Protection) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-12-16]
CHR Extension: (YouTube) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-06]
CHR Extension: (Replace New Tab Page) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkhddihkmmiiclaipbaaelfojkmlkja [2015-01-15]
CHR Extension: (Google Search) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-05-15]
CHR Extension: (Zotero Connector) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2015-03-15]
CHR Extension: (Google Sheets) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (AdBlock) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-10]
CHR Extension: (Kindle Cloud Reader) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-07-26]
CHR Extension: (Speed Dial 2) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2015-11-12]
CHR Extension: (Google Scholar Button) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2015-12-18]
CHR Extension: (Video DownloadHelper) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2015-12-17]
CHR Extension: (Save to Pocket) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-10-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Bitdefender QuickScan) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-06-16]
CHR Extension: (Gmail) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
CHR Extension: (Anti-Banner) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-05-15]
CHR Profile: C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-15]
CHR Extension: (Google Drive) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-15]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-01-15]
CHR Extension: (YouTube) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-15]
CHR Extension: (Adblock Plus) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Replace New Tab Page) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnkhddihkmmiiclaipbaaelfojkmlkja [2016-01-15]
CHR Extension: (Google Search) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-15]
CHR Extension: (Kaspersky Protection) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-04-08]
CHR Extension: (Zotero Connector) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2016-03-17]
CHR Extension: (Google Docs Offline) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-18]
CHR Extension: (Kindle Cloud Reader) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2016-01-15]
CHR Extension: (Speed Dial 2) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-01-15]
CHR Extension: (Google Scholar Button) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2016-04-05]
CHR Extension: (Save to Pocket) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-04-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Bitdefender QuickScan) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2016-01-15]
CHR Extension: (Gmail) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-15]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - D:\Programs on D\WordWeb\wcxChrome.crx [2013-02-28]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - D:\Programs on D\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\SD\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-11-04]
 
Opera: 
=======
OPR Extension: (Download YouTube Videos as MP4) - C:\Users\SD\AppData\Roaming\Opera Software\Opera Stable\Extensions\maeombkgfpjdnjkhohbjachnnmpbipol [2014-02-01]
StartMenuInternet: (HKLM) OperaStable - D:\Programs on D\Opera\Launcher.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVP16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-04] (Kaspersky Lab ZAO)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [36240 2016-02-26] (Box, Inc.)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
R2 Everything; D:\Programs on D\Everything\Everything.exe [1048576 2014-08-06] () [File not signed]
R2 GoogleInputService; C:\Program Files\Google\Google Input Tools\GoogleInputService.exe [164888 2016-01-26] (Google Inc)
R2 HNagent; D:\Programs on D\AtempoLiveNavigator\bin\HNagent.exe [6847824 2014-10-01] ()
S4 MBAMScheduler; D:\Programs on D\Malwarebytes' Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; D:\Programs on D\Malwarebytes' Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S4 msvsmon90; D:\Programs on D\VisualStudio9\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3004416 2007-11-07] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; D:\Programs on D\NitroPDF\NitroPDFReaderDriverService3.exe [196624 2013-07-26] (Nitro PDF Software)
R2 NVWMI; C:\Windows\system32\nvwmi.exe [2216136 2015-11-05] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [201912 2015-07-06] (Kaspersky Lab ZAO)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2010-03-23] (Cisco Systems, Inc.) [File not signed]
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [219352 2009-06-05] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [153784 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [46776 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [58224 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [66976 2016-04-08] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [147328 2015-12-04] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [44728 2015-12-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [776088 2016-04-08] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [33976 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [37048 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [38072 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [39304 2015-12-04] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [87736 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [156856 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-03-25] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
S3 RICOH SmartCard Reader; C:\Windows\System32\DRIVERS\rismc32.sys [49152 2009-07-20] (RICOH Company, Ltd.)
R3 rismc32; C:\Windows\System32\DRIVERS\rismc32.sys [49152 2009-07-20] (RICOH Company, Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-14 15:50 - 2016-04-14 15:52 - 00031669 _____ C:\Users\SD\Desktop\FRST.txt
2016-04-14 15:50 - 2016-04-14 15:50 - 01725952 _____ (Farbar) C:\Users\SD\Desktop\FRST.exe
2016-04-14 15:50 - 2016-04-14 15:50 - 00000000 ____D C:\FRST
2016-04-09 17:46 - 2016-04-09 17:48 - 00000000 ____D C:\drvrtmp
2016-04-09 14:21 - 2009-03-31 13:58 - 00252544 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2016-04-09 14:21 - 2006-01-12 14:52 - 00001904 ____N C:\Windows\system32\SetupBD.din
2016-04-08 15:45 - 2016-04-08 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-04-08 15:40 - 2016-04-08 15:51 - 00776088 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-04-08 15:40 - 2015-12-04 08:31 - 00147328 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-04-08 15:40 - 2015-12-04 08:31 - 00044728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-04-07 10:49 - 2016-04-07 10:49 - 00413777 _____ C:\Users\SD\Desktop\047480.full.pdf
2016-04-07 00:01 - 2016-04-07 00:01 - 00000000 ____D C:\Program Files\KeePass Password Safe 2
2016-04-06 23:59 - 2016-04-06 23:59 - 00000000 ___RD C:\Program Files\Skype
2016-04-06 23:59 - 2016-04-06 23:59 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-04-06 23:57 - 2016-04-06 23:57 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2016-04-06 23:56 - 2016-04-06 23:56 - 00000000 ____D C:\Program Files\Foxit Software
2016-04-06 23:52 - 2016-04-06 23:52 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2016-04-06 23:51 - 2016-04-06 23:51 - 00000847 _____ C:\Users\SD\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2016-04-06 23:48 - 2016-04-06 23:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-06 19:34 - 2016-04-06 19:35 - 00000000 ____D C:\Users\SD\Desktop\BS MS THESIS EVALS_Last Date_21Apr
2016-04-06 15:06 - 2016-04-06 15:06 - 04343964 _____ C:\Users\SD\Desktop\The Outsider_Albert Camus_Bangla Translation.pdf
2016-03-31 16:06 - 2016-03-31 16:06 - 00000000 ____D C:\Users\Public\Documents\sun
2016-03-28 11:20 - 2016-03-28 11:20 - 00182784 _____ C:\Windows\Minidump\032816-29250-01.dmp
2016-03-24 09:41 - 2016-03-24 09:41 - 00000000 ____D C:\Program Files\Common Files\Java
2016-03-21 21:15 - 2016-03-21 21:15 - 00213254 _____ C:\Users\SD\Documents\cc_20160321_211501.reg
2016-03-20 14:23 - 2016-03-20 14:23 - 00000000 ____D C:\Users\SD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-18 16:05 - 2016-04-09 15:09 - 00000000 ____D C:\Users\SD\Desktop\Techno Babble_Download Mantra
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-14 15:48 - 2013-11-26 18:30 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-04-14 15:43 - 2014-10-29 20:43 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000UA.job
2016-04-14 15:42 - 2013-11-26 17:41 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-14 15:34 - 2009-07-14 08:07 - 00000000 ____D C:\Windows\system32\NDF
2016-04-14 15:22 - 2013-11-27 21:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-14 15:19 - 2009-07-14 10:04 - 00032224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-14 15:19 - 2009-07-14 10:04 - 00032224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-14 15:07 - 2015-06-16 14:56 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000UA.job
2016-04-14 14:53 - 2015-08-29 15:32 - 00000000 ____D C:\Users\SD\AppData\Local\Box Sync
2016-04-14 14:52 - 2010-11-21 02:31 - 00847598 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-14 14:52 - 2009-07-14 08:07 - 00000000 ____D C:\Windows\inf
2016-04-14 14:46 - 2015-09-23 16:17 - 00000540 _____ C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job
2016-04-14 14:45 - 2013-11-26 19:34 - 00000000 ____D C:\Users\SD\AppData\Roaming\Dropbox
2016-04-14 14:41 - 2014-08-03 21:11 - 00000000 ____D C:\Users\SD\AppData\Roaming\stickies
2016-04-14 14:41 - 2013-11-26 18:33 - 00000000 ____D C:\Users\SD\.rainlendar2
2016-04-14 14:39 - 2013-11-26 17:41 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-14 14:39 - 2009-07-14 10:23 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-14 14:30 - 2015-03-24 12:53 - 00482552 _____ C:\Windows\ntbtlog.txt
2016-04-09 14:20 - 2014-04-24 10:04 - 00000000 ____D C:\SWSETUP
2016-04-09 13:59 - 2014-10-29 20:43 - 00000844 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000Core.job
2016-04-09 10:07 - 2015-06-16 14:56 - 00000854 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000Core.job
2016-04-09 10:06 - 2015-03-18 21:24 - 00000000 ____D C:\Users\SD\AppData\Local\CrashDumps
2016-04-09 09:56 - 2013-11-27 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M_Security Related
2016-04-08 17:24 - 2013-11-26 18:19 - 00000000 ____D C:\Users\SD\Desktop\All Shortcuts
2016-04-08 16:38 - 2013-11-26 17:28 - 00000000 ____D C:\Users\SD\AppData\Local\ElevatedDiagnostics
2016-04-08 15:51 - 2015-06-06 08:48 - 00066976 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2016-04-08 15:44 - 2013-11-26 18:30 - 00000000 ____D C:\Program Files\Kaspersky Lab
2016-04-08 14:58 - 2013-11-26 18:10 - 00000000 ____D C:\Users\SD\AppData\Roaming\WinPatrol
2016-04-07 14:19 - 2013-11-26 19:28 - 00000000 ____D C:\Users\SD\AppData\Roaming\Foxit Software
2016-04-07 10:30 - 2013-11-26 18:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-07 00:18 - 2014-05-26 15:45 - 00000000 ____D C:\Program Files\Secunia
2016-04-07 00:10 - 2013-11-27 11:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M_Browsers
2016-04-07 00:09 - 2013-11-27 11:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M_Readers
2016-04-07 00:06 - 2013-11-26 18:10 - 00000000 ____D C:\ProgramData\InstallMate
2016-04-07 00:05 - 2014-11-15 11:28 - 00000000 ____D C:\Users\SD\AppData\Roaming\Skype
2016-04-07 00:00 - 2014-11-15 11:28 - 00000000 ____D C:\ProgramData\Skype
2016-04-06 23:59 - 2014-11-15 11:28 - 00000000 ____D C:\Users\SD\AppData\Local\Skype
2016-04-06 23:48 - 2013-11-27 21:46 - 00000000 ____D C:\Windows\system32\Macromed
2016-04-06 23:40 - 2013-11-27 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M_Scientific
2016-04-06 23:39 - 2013-11-27 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M_Office Suites
2016-04-06 23:35 - 2013-11-27 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M_Utilities
2016-04-06 10:19 - 2013-11-26 17:41 - 00118168 _____ C:\Users\SD\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-06 09:50 - 2009-07-14 10:03 - 00436952 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-02 19:43 - 2013-11-27 10:44 - 00000000 ____D C:\Users\SD\AppData\Roaming\vlc
2016-03-28 17:22 - 2015-04-17 00:39 - 00020122 _____ C:\Users\SD\Desktop\disc_24-03-2014.txt
2016-03-28 11:20 - 2015-03-23 15:10 - 00000000 ____D C:\Windows\Minidump
2016-03-28 11:19 - 2015-03-23 15:10 - 340010627 _____ C:\Windows\MEMORY.DMP
2016-03-25 15:32 - 2015-03-11 10:07 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-25 12:22 - 2013-11-27 21:46 - 00801984 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-03-25 12:22 - 2013-11-27 21:46 - 00143040 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-03-24 18:02 - 2015-04-10 13:34 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-24 10:29 - 2013-11-26 22:47 - 00000000 ____D C:\Users\SD\AppData\Roaming\RStudio
2016-03-24 10:29 - 2013-11-26 22:21 - 00000000 ____D C:\Users\SD\AppData\Local\RStudio-Desktop
2016-03-24 09:43 - 2013-11-26 19:22 - 00000000 ____D C:\ProgramData\Oracle
2016-03-24 09:40 - 2015-09-11 16:01 - 00000000 ____D C:\Users\SD\.oracle_jre_usage
2016-03-24 09:38 - 2014-10-17 01:23 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-03-24 09:37 - 2014-10-17 01:23 - 00000000 ____D C:\Program Files\Java
2016-03-16 11:11 - 2013-11-26 14:38 - 00000000 ____D C:\Users\SD
2016-03-15 10:43 - 2009-07-14 10:23 - 00032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT
 
==================== Files in the root of some directories =======
 
2014-12-06 20:43 - 2014-12-06 20:43 - 1330121 _____ () C:\Users\SD\AppData\Local\53E9472D_stp.CIS
2014-12-06 20:43 - 2014-12-06 20:43 - 0000125 _____ () C:\Users\SD\AppData\Local\53E9472D_stp.CIS.part
2014-08-16 14:28 - 2014-08-16 14:28 - 0188748 _____ () C:\Users\SD\AppData\Local\ars.cache
2014-08-16 14:28 - 2014-08-16 14:28 - 0346459 _____ () C:\Users\SD\AppData\Local\census.cache
2014-08-16 13:37 - 2014-08-16 13:37 - 0000036 _____ () C:\Users\SD\AppData\Local\housecall.guid.cache
2014-05-11 20:52 - 2014-05-11 20:52 - 0000350 _____ () C:\Users\SD\AppData\Local\psppirerc
2015-07-19 15:14 - 2015-07-19 15:14 - 0000907 _____ () C:\Users\SD\AppData\Local\recently-used.xbel
2014-08-16 14:16 - 2014-08-16 14:16 - 0000010 _____ () C:\Users\SD\AppData\Local\sponge.last.runtime.cache
2015-03-30 09:33 - 2015-03-30 09:37 - 0000000 _____ () C:\Users\SD\AppData\Local\{FE477C15-EB29-4FB4-B656-DD5B899261CF}
 
Some files in TEMP:
====================
C:\Users\SD\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\SD\AppData\Local\Temp\HitmanPro.exe
C:\Users\SD\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\SD\AppData\Local\Temp\{6A681B80-38A5-4211-9626-AB7F710B1F8C}-50.0.2661.75_49.0.2623.110_chrome_updater.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-03-29 13:24
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:13-04-2016
Ran by SD (2016-04-14 15:52:36)
Running from C:\Users\SD\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-11-26 09:08:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1435187640-4071721805-2113652602-500 - Administrator - Disabled)
Guest (S-1-5-21-1435187640-4071721805-2113652602-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1435187640-4071721805-2113652602-1005 - Limited - Enabled)
SD (S-1-5-21-1435187640-4071721805-2113652602-1000 - Administrator - Enabled) => C:\Users\SD

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.204 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM\...\{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
Amazon Kindle (HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Amazon Kindle) (Version: - Amazon)
Any Video Converter 5.5.9 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Areca (HKLM\...\Areca) (Version: - )
Atempo Live Navigator (HKLM\...\{332942D4-D972-48E8-AAF3-6A93F0C35706}) (Version: 3.2.15268 - Atempo)
Autorun Eater v2.6 (HKLM\...\Autorun Eater_is1) (Version: 2.6 - Old McDonald's Farm)
Avro Keyboard 5.5.0 (HKLM\...\Avro Keyboard_is1) (Version: 5.5.0 - OmicronLab)
Box Sync (HKLM\...\{C23C4679-DCB8-40E8-86BD-DB990A3599AD}) (Version: 4.0.7318.0 - Box, Inc.)
Box Sync (Version: 4.0.6567.0 - Box Inc.) Hidden
BRB-ArrayTools (HKLM\...\{1CA1C22B-358A-42CA-A1E0-B63D9132A0F8}) (Version: 4.4.0.0 - National Cancer Institute Biometric Research Branch)
BRB-CGHTools (HKLM\...\{3F217A19-4BCB-47F6-9AF7-CC0576C9B055}) (Version: 1.3.2 - National Cancer Institute Biometric Research Branch)
Bullzip PDF Printer 10.2.0.2141 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.2.0.2141 - Bullzip)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC) (Version: 8.8.0.17 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}) (Version: 5.0.6 - Cisco Systems, Inc.)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Crystal Reports Basic for Visual Studio 2008 (HKLM\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
DjVu Solo 3.1 (HKLM\...\DjVu Solo 3.1) (Version: - )
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
Download Accelerator Manager (HKLM\...\Download Accelerator Manager) (Version: 4.5.47 - )
Dropbox (HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Effect Size Generator 2.3 (HKLM\...\Effect_Size_Generator_2.2) (Version: - )
EndNote X3 (HKLM\...\{86B3F2D6-AC2B-4E88-8AE1-F2F77F781B0C}) (Version: 13.0.0.4094 - Thomson Reuters)
Enthought Canopy (32-bit) (HKLM\...\{7C13AA42-1B81-4C70-963D-D2772F8D7F33}) (Version: 1.2.0.123 - Enthought, Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Everything 1.3.4.686 (x86) (HKLM\...\Everything) (Version: - )
Exact Audio Copy 1.0beta3 (HKLM\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
FastStone Image Viewer 4.9 (HKLM\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)
FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Flashnote 4.6 (HKLM\...\Flashnote) (Version: 4.6 - Tiushkov Nikolay)
foobar2000 v1.3.7 (HKLM\...\foobar2000) (Version: 1.3.7 - Peter Pawlowski)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
FreeFileSync 6.12 (HKLM\...\FreeFileSync_is1) (Version: 6.12 - www.FreeFileSync.org)
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
GOM Player (HKLM\...\GOM Player) (Version: 2.2.77.5240 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.)
Google Drive (HKLM\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Input Bengali (HKLM\...\GoogleInputBengali) (Version: - Google Inc.)
Google Input Tools (HKLM\...\GoogleInputFramework) (Version: - Google Inc.)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
HandBrake 0.9.9.1 (HKLM\...\HandBrake) (Version: 0.9.9.1 - )
HP Deskjet 3540 series Basic Device Software (HKLM\...\{4BD528D2-7E50-4FE4-BBB2-D8E66F970991}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
IBM SPSS Statistics 21 (HKLM\...\{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}) (Version: 21.0.0.0 - IBM Corp)
iDailyDiary 3.85 (HKLM\...\iDailyDiary_is1) (Version: - Splinterware Software Solutions)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 14.2 - Intel)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
JAGS 3.4.0 (HKLM\...\JAGS-3.4.0) (Version: 3.4.0 - JAGS)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Kaspersky Internet Security (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (Version: 16.0.0.614 - Kaspersky Lab) Hidden
KeePass Password Safe 1.30 (HKLM\...\KeePass Password Safe_is1) (Version: 1.30 - Dominik Reichl)
KeePass Password Safe 2.32 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.32 - Dominik Reichl)
KeepNote 0.7.8 (HKLM\...\KeepNote_is1) (Version: - Matt Rasmussen)
K-Lite Mega Codec Pack 12.0.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.0.5 - KLCP)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MATLAB R2010a (HKLM\...\MatlabR2010a) (Version: 7.10 - The MathWorks, Inc.)
MATLAB R2015b (HKLM\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Microsoft .NET Compact Framework 2.0 SP2 (HKLM\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Application Compatibility Toolkit 5.6 (HKLM\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft Device Emulator version 3.0 - ENU (HKLM\...\{B32E7732-B2FB-3FD0-81AC-6025B1104C66}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM\...\Microsoft Document Explorer 2008) (Version: - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 for Devices ENU (HKLM\...\{241F2BF7-69EB-42A4-9156-96B2426C7504}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Professional Edition - ENU (HKLM\...\Microsoft Visual Studio 2008 Professional Edition - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{05EC21B8-4593-3037-A781-A6B5AFFCB19D}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{842FAF7C-50EF-4463-9B8F-6222E1384D7D}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{64c5b887-b5ee-42b8-8596-78905a6b5f1f}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{B268E9A1-04A9-40D0-9866-846BE2B74BA7}) (Version: 6.1.5288.17011 - Microsoft Corporation)
MiPony 2.2.2 (HKLM\...\MiPony) (Version: 2.2.2 - )
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Firefox 44.0.2 (x86 en-US) (HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Firefox 45.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 45.0.1 (x86 en-US)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
NetLogo 5.0.4 (HKLM\...\5730-6571-9917-5170) (Version: 5.0.4 - )
Nitro Reader 3 (HKLM\...\{F5451D00-B448-4E9A-82DC-1929F4F1910D}) (Version: 3.5.6.5 - Nitro)
Notepad++ (HKLM\...\Notepad++) (Version: 6.9 - Notepad++ Team)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.6128 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation)
NVIDIA WMI 2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.18.0 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
OpenStat version 2.0 (HKLM\...\{1C6D7856-B7F4-4483-8B47-20199F1CF224}_is1) (Version: 2.0 - WGM Consulting)
Opera Stable 36.0.2130.46 (HKLM\...\Opera 36.0.2130.46) (Version: 36.0.2130.46 - Opera Software)
Oracle VM VirtualBox 4.3.4 (HKLM\...\{867E903E-9EB4-4B3A-A7C8-E556E5C996ED}) (Version: 4.3.4 - Oracle Corporation)
Origin 8.5.1 (Version: 8.51.00 - OriginLab) Hidden
OriginPro 8.5.1 (HKLM\...\{E1294D19-6193-4EC2-A077-6571012BDE5B}) (Version: 8.5.1 - OriginLab Corporation)
PopGene.S2 (HKLM\...\{462EEFCF-11A5-49E7-A5AC-C1871CDC2F09}) (Version: 1.0.0 - PopGene)
PSPP (HKLM\...\PSPP) (Version: 0.8.3 - Free Software Foundation, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
PyQt4 - PyQwt5 5.2.1-5 (HKLM\...\PyQt4 - PyQwt5 5.2.1-5) (Version: 5.2.1-5 - pythonxy.com)
PyQt4 - QtHelp 4.8.4-2 (HKLM\...\PyQt4 - QtHelp 4.8.4-2) (Version: 4.8.4-2 - pythonxy.com)
Python 2.7 - astropy 0.2.4-1 (HKLM\...\Python 2.7 - astropy 0.2.4-1) (Version: 0.2.4-1 - pythonxy)
Python 2.7 - babel 1.3-2 (HKLM\...\Python 2.7 - babel 1.3-2) (Version: 1.3-2 - pythonxy)
Python 2.7 - base_libraries 1.4.0-9 (HKLM\...\Python 2.7 - base_libraries 1.4.0-9) (Version: 1.4.0-9 - pythonxy)
Python 2.7 - base_python 1.7.1-14 (HKLM\...\Python 2.7 - base_python 1.7.1-14) (Version: 1.7.1-14 - pythonxy)
Python 2.7 - BeautifulSoup4 4.3.1-1 (HKLM\...\Python 2.7 - BeautifulSoup4 4.3.1-1) (Version: 4.3.1-1 - pythonxy)
Python 2.7 - bottleneck 0.7.0-2 (HKLM\...\Python 2.7 - bottleneck 0.7.0-2) (Version: 0.7.0-2 - pythonxy)
Python 2.7 - cffi 0.7.2-3 (HKLM\...\Python 2.7 - cffi 0.7.2-3) (Version: 0.7.2-3 - pythonxy)
Python 2.7 - cvxopt 1.1.6-1 (HKLM\...\Python 2.7 - cvxopt 1.1.6-1) (Version: 1.1.6-1 - pythonxy)
Python 2.7 - cx_Freeze 4.3.1-1 (HKLM\...\Python 2.7 - cx_Freeze 4.3.1-1) (Version: 4.3.1-1 - pythonxy.com)
Python 2.7 - Cython 0.19.1-7 (HKLM\...\Python 2.7 - Cython 0.19.1-7) (Version: 0.19.1-7 - pythonxy)
Python 2.7 - docutils 0.11-2 (HKLM\...\Python 2.7 - docutils 0.11-2) (Version: 0.11-2 - pythonxy)
Python 2.7 - EnthoughtToolSuite 4.3.0-3 (HKLM\...\Python 2.7 - EnthoughtToolSuite 4.3.0-3) (Version: 4.3.0-3 - pythonxy)
Python 2.7 - fabric 1.8.0-1 (HKLM\...\Python 2.7 - fabric 1.8.0-1) (Version: 1.8.0-1 - pythonxy)
Python 2.7 - formlayout 1.0.15-3 (HKLM\...\Python 2.7 - formlayout 1.0.15-3) (Version: 1.0.15-3 - pythonxy)
Python 2.7 - freeimage 3.6.0-3 (HKLM\...\Python 2.7 - freeimage 3.6.0-3) (Version: 3.6.0-3 - pythonxy)
Python 2.7 - gdal 1.9.2-2 (HKLM\...\Python 2.7 - gdal 1.9.2-2) (Version: 1.9.2-2 - pythonxy.com)
Python 2.7 - gevent 1.0.0-2 (HKLM\...\Python 2.7 - gevent 1.0.0-2) (Version: 1.0.0-2 - pythonxy)
Python 2.7 - Gnuplot 1.8.0.3 (HKLM\...\Python 2.7 - Gnuplot 1.8.0.3) (Version: 1.8.0.3 - pythonxy.com)
Python 2.7 - guidata 1.6.1-2 (HKLM\...\Python 2.7 - guidata 1.6.1-2) (Version: 1.6.1-2 - pythonxy)
Python 2.7 - guiqwt 2.3.1-4 (HKLM\...\Python 2.7 - guiqwt 2.3.1-4) (Version: 2.3.1-4 - pythonxy)
Python 2.7 - h5py 2.2.0-4 (HKLM\...\Python 2.7 - h5py 2.2.0-4) (Version: 2.2.0-4 - pythonxy)
Python 2.7 - html5lib 0.99-1 (HKLM\...\Python 2.7 - html5lib 0.99-1) (Version: 0.99-1 - pythonxy)
Python 2.7 - IPython 1.1.0-3 (HKLM\...\Python 2.7 - IPython 1.1.0-3) (Version: 1.1.0-3 - pythonxy)
Python 2.7 - itk 4.4.1-3 (HKLM\...\Python 2.7 - itk 4.4.1-3) (Version: 4.4.1-3 - pythonxy)
Python 2.7 - jinja2 2.7.1-2 (HKLM\...\Python 2.7 - jinja2 2.7.1-2) (Version: 2.7.1-2 - pythonxy)
Python 2.7 - lxml 3.2.3-7 (HKLM\...\Python 2.7 - lxml 3.2.3-7) (Version: 3.2.3-7 - pythonxy)
Python 2.7 - mahotas 1.0.2-6 (HKLM\...\Python 2.7 - mahotas 1.0.2-6) (Version: 1.0.2-6 - pythonxy)
Python 2.7 - matplotlib 1.3.0-2 (HKLM\...\Python 2.7 - matplotlib 1.3.0-2) (Version: 1.3.0-2 - pythonxy)
Python 2.7 - mdp 3.3.0.1 (HKLM\...\Python 2.7 - mdp 3.3.0.1) (Version: 3.3.0.1 - pythonxy.com)
Python 2.7 - mx 3.2.6-2 (HKLM\...\Python 2.7 - mx 3.2.6-2) (Version: 3.2.6-2 - pythonxy)
Python 2.7 - netcdf4 1.0.5-2 (HKLM\...\Python 2.7 - netcdf4 1.0.5-2) (Version: 1.0.5-2 - pythonxy)
Python 2.7 - networkx 1.8.1-1 (HKLM\...\Python 2.7 - networkx 1.8.1-1) (Version: 1.8.1-1 - pythonxy)
Python 2.7 - nose 1.3.0-2 (HKLM\...\Python 2.7 - nose 1.3.0-2) (Version: 1.3.0-2 - pythonxy)
Python 2.7 - numexpr 2.2.2-4 (HKLM\...\Python 2.7 - numexpr 2.2.2-4) (Version: 2.2.2-4 - pythonxy)
Python 2.7 - numpy 1.7.1-3 (HKLM\...\Python 2.7 - numpy 1.7.1-3) (Version: 1.7.1-3 - pythonxy)
Python 2.7 - OpenCV 2.4.6.1-3 (HKLM\...\Python 2.7 - OpenCV 2.4.6.1-3) (Version: 2.4.6.1-3 - pythonxy)
Python 2.7 - openpyxl 1.6.2-2 (HKLM\...\Python 2.7 - openpyxl 1.6.2-2) (Version: 1.6.2-2 - pythonxy)
Python 2.7 - pandas 0.12.0-7 (HKLM\...\Python 2.7 - pandas 0.12.0-7) (Version: 0.12.0-7 - pythonxy)
Python 2.7 - paramiko 1.12.0-4 (HKLM\...\Python 2.7 - paramiko 1.12.0-4) (Version: 1.12.0-4 - pythonxy)
Python 2.7 - patsy 0.2.1-1 (HKLM\...\Python 2.7 - patsy 0.2.1-1) (Version: 0.2.1-1 - pythonxy)
Python 2.7 - PIL 2.2.1-4 (HKLM\...\Python 2.7 - PIL 2.2.1-4) (Version: 2.2.1-4 - pythonxy)
Python 2.7 - pip 1.4.1-4 (HKLM\...\Python 2.7 - pip 1.4.1-4) (Version: 1.4.1-4 - pythonxy)
Python 2.7 - ply 3.4 (HKLM\...\Python 2.7 - ply 3.4) (Version: 3.4 - pythonxy.com)
Python 2.7 - pp 1.6.4-3 (HKLM\...\Python 2.7 - pp 1.6.4-3) (Version: 1.6.4-3 - pythonxy.com)
Python 2.7 - psutil 1.1.0-4 (HKLM\...\Python 2.7 - psutil 1.1.0-4) (Version: 1.1.0-4 - pythonxy)
Python 2.7 - py2exe 0.6.9 (HKLM\...\Python 2.7 - py2exe 0.6.9) (Version: 0.6.9 - pythonxy.com)
Python 2.7 - pycparser 2.10-2 (HKLM\...\Python 2.7 - pycparser 2.10-2) (Version: 2.10-2 - pythonxy)
Python 2.7 - pycrypto 2.6-1 (HKLM\...\Python 2.7 - pycrypto 2.6-1) (Version: 2.6-1 - pythonxy)
Python 2.7 - PycURL 7.19.0-2 (HKLM\...\Python 2.7 - PycURL 7.19.0-2) (Version: 7.19.0-2 - pythonxy)
Python 2.7 - pydicom 0.9.8-2 (HKLM\...\Python 2.7 - pydicom 0.9.8-2) (Version: 0.9.8-2 - pythonxy.com)
Python 2.7 - pygame 1.9.2-2 (HKLM\...\Python 2.7 - pygame 1.9.2-2) (Version: 1.9.2-2 - pythonxy)
Python 2.7 - pygments 1.6-1 (HKLM\...\Python 2.7 - pygments 1.6-1) (Version: 1.6-1 - pythonxy.com)
Python 2.7 - pygraphviz 1.3-2 (HKLM\...\Python 2.7 - pygraphviz 1.3-2) (Version: 1.3-2 - pythonxy)
Python 2.7 - pyhdf 0.8.3-2 (HKLM\...\Python 2.7 - pyhdf 0.8.3-2) (Version: 0.8.3-2 - pythonxy)
Python 2.7 - PyICU 1.5-1 (HKLM\...\Python 2.7 - PyICU 1.5-1) (Version: 1.5-1 - pythonxy.com)
Python 2.7 - pylint 1.0.0-6 (HKLM\...\Python 2.7 - pylint 1.0.0-6) (Version: 1.0.0-6 - pythonxy)
Python 2.7 - pyodbc 3.0.7-1 (HKLM\...\Python 2.7 - pyodbc 3.0.7-1) (Version: 3.0.7-1 - pythonxy)
Python 2.7 - PyOpenGL 3.0.2-3 (HKLM\...\Python 2.7 - PyOpenGL 3.0.2-3) (Version: 3.0.2-3 - pythonxy)
Python 2.7 - pyparallel 0.2.0.1 (HKLM\...\Python 2.7 - pyparallel 0.2.0.1) (Version: 0.2.0.1 - pythonxy.com)
Python 2.7 - pyparsing 2.0.1-2 (HKLM\...\Python 2.7 - pyparsing 2.0.1-2) (Version: 2.0.1-2 - pythonxy)
Python 2.7 - PyQt4 4.9.6-3 (HKLM\...\Python 2.7 - PyQt4 4.9.6-3) (Version: 4.9.6-3 - pythonxy.com)
Python 2.7 - pyreadline 2.0-1 (HKLM\...\Python 2.7 - pyreadline 2.0-1) (Version: 2.0-1 - pythonxy)
Python 2.7 - pyserial 2.6.0.1 (HKLM\...\Python 2.7 - pyserial 2.6.0.1) (Version: 2.6.0.1 - pythonxy.com)
Python 2.7 - pytables 3.0.0-2 (HKLM\...\Python 2.7 - pytables 3.0.0-2) (Version: 3.0.0-2 - pythonxy)
Python 2.7 - pytest 2.4.2-2 (HKLM\...\Python 2.7 - pytest 2.4.2-2) (Version: 2.4.2-2 - pythonxy)
Python 2.7 - pyvisa 1.4 (HKLM\...\Python 2.7 - pyvisa 1.4) (Version: 1.4 - pythonxy.com)
Python 2.7 - PyWavelets 0.2.2 (HKLM\...\Python 2.7 - PyWavelets 0.2.2) (Version: 0.2.2 - pythonxy.com)
Python 2.7 - pywin32 218-1 (HKLM\...\Python 2.7 - pywin32 218-1) (Version: 218-1 - pythonxy.com)
Python 2.7 - pywinauto 0.4.0 (HKLM\...\Python 2.7 - pywinauto 0.4.0) (Version: 0.4.0 - pythonxy.com)
Python 2.7 - pyyaml 3.10-1 (HKLM\...\Python 2.7 - pyyaml 3.10-1) (Version: 3.10-1 - pythonxy)
Python 2.7 - pyzmq 13.1.0-5 (HKLM\...\Python 2.7 - pyzmq 13.1.0-5) (Version: 13.1.0-5 - pythonxy)
Python 2.7 - reportlab 2.7-1 (HKLM\...\Python 2.7 - reportlab 2.7-1) (Version: 2.7-1 - pythonxy)
Python 2.7 - rst2pdf 0.93-3 (HKLM\...\Python 2.7 - rst2pdf 0.93-3) (Version: 0.93-3 - pythonxy)
Python 2.7 - scikits.image 0.8.2-2 (HKLM\...\Python 2.7 - scikits.image 0.8.2-2) (Version: 0.8.2-2 - pythonxy.com)
Python 2.7 - scikits-learn 0.14.1-4 (HKLM\...\Python 2.7 - scikits-learn 0.14.1-4) (Version: 0.14.1-4 - pythonxy)
Python 2.7 - scipy 0.12.0-2 (HKLM\...\Python 2.7 - scipy 0.12.0-2) (Version: 0.12.0-2 - pythonxy)
Python 2.7 - SendKeys 0.3 (HKLM\...\Python 2.7 - SendKeys 0.3) (Version: 0.3 - pythonxy)
Python 2.7 - setuptools 1.1.6-3 (HKLM\...\Python 2.7 - setuptools 1.1.6-3) (Version: 1.1.6-3 - pythonxy)
Python 2.7 - simplejson 3.3.0-5 (HKLM\...\Python 2.7 - simplejson 3.3.0-5) (Version: 3.3.0-5 - pythonxy)
Python 2.7 - sphinx 1.2-1 (HKLM\...\Python 2.7 - sphinx 1.2-1) (Version: 1.2-1 - pythonxy)
Python 2.7 - spyder 2.2.4-8 (HKLM\...\Python 2.7 - spyder 2.2.4-8) (Version: 2.2.4-8 - pythonxy)
Python 2.7 - sqlalchemy 0.8.2-7 (HKLM\...\Python 2.7 - sqlalchemy 0.8.2-7) (Version: 0.8.2-7 - pythonxy)
Python 2.7 - statsmodels 0.5.0-1 (HKLM\...\Python 2.7 - statsmodels 0.5.0-1) (Version: 0.5.0-1 - pythonxy)
Python 2.7 - sympy 0.7.3-2 (HKLM\...\Python 2.7 - sympy 0.7.3-2) (Version: 0.7.3-2 - pythonxy)
Python 2.7 - tornado 3.1.1-4 (HKLM\...\Python 2.7 - tornado 3.1.1-4) (Version: 3.1.1-4 - pythonxy)
Python 2.7 - uncertainties 2.4.1-7 (HKLM\...\Python 2.7 - uncertainties 2.4.1-7) (Version: 2.4.1-7 - pythonxy)
Python 2.7 - veusz 1.18-5 (HKLM\...\Python 2.7 - veusz 1.18-5) (Version: 1.18-5 - pythonxy)
Python 2.7 - virtualenv 1.10.1-5 (HKLM\...\Python 2.7 - virtualenv 1.10.1-5) (Version: 1.10.1-5 - pythonxy)
Python 2.7 - vitables 2.1.0.3 (HKLM\...\Python 2.7 - vitables 2.1.0.3) (Version: 2.1.0.3 - pythonxy.com)
Python 2.7 - vpython 5.74-1 (HKLM\...\Python 2.7 - vpython 5.74-1) (Version: 5.74-1 - pythonxy.com)
Python 2.7 - vtk 5.10.1-3 (HKLM\...\Python 2.7 - vtk 5.10.1-3) (Version: 5.10.1-3 - pythonxy)
Python 2.7 - winpdb 1.4.8.3 (HKLM\...\Python 2.7 - winpdb 1.4.8.3) (Version: 1.4.8.3 - pythonxy.com)
Python 2.7 - wxPython 2.8.12.1-1 (HKLM\...\Python 2.7 - wxPython 2.8.12.1-1) (Version: 2.8.12.1-1 - pythonxy)
Python 2.7 - xlrd 0.9.2-3 (HKLM\...\Python 2.7 - xlrd 0.9.2-3) (Version: 0.9.2-3 - pythonxy)
Python 2.7 - xlwt 0.7.5-1 (HKLM\...\Python 2.7 - xlwt 0.7.5-1) (Version: 0.7.5-1 - pythonxy)
Python 2.7 - xy 1.3.2-4 (HKLM\...\Python 2.7 - xy 1.3.2-4) (Version: 1.3.2-4 - pythonxy)
Python 2.7.5 (Version: 2.7.5150 - Python Software Foundation) Hidden
Python(x,y) - console 2.0.148-8 (HKLM\...\Python(x,y) - console 2.0.148-8) (Version: 2.0.148-8 - pythonxy.com)
Python(x,y) - gettext 0.14.4.3 (HKLM\...\Python(x,y) - gettext 0.14.4.3) (Version: 0.14.4.3 - pythonxy.com)
Python(x,y) - mingw 4.5.2.3 (HKLM\...\Python(x,y) - mingw 4.5.2.3) (Version: 4.5.2.3 - pythonxy.com)
Python(x,y) - SciTE 3.3.2-3 (HKLM\...\Python(x,y) - SciTE 3.3.2-3) (Version: 3.3.2-3 - pythonxy)
Python(x,y) - swig 2.0.10-2 (HKLM\...\Python(x,y) - swig 2.0.10-2) (Version: 2.0.10-2 - pythonxy)
Python(x,y) - WinMerge 2.12.4.2 (HKLM\...\Python(x,y) - WinMerge 2.12.4.2) (Version: 2.12.4.2 - pythonxy.com)
Python(x,y) - xydoc 1.0.5.1 (HKLM\...\Python(x,y) - xydoc 1.0.5.1) (Version: 1.0.5.1 - pythonxy.com)
Python(x,y) (HKLM\...\Python(x,y)) (Version: 2.7.5.1 - Python(x,y))
Q-Dir (HKLM\...\Q-Dir) (Version: - )
Qiqqa (HKLM\...\{99AF0582-482B-4E5E-BB11-675354BF5E77}_is1) (Version: 77 - Quantisle Ltd.)
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
R for Windows 3.1.0 (HKLM\...\R for Windows 3.1.0_is1) (Version: 3.1.0 - R Core Team)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
R for Windows 3.2.4 Revised (HKLM\...\R for Windows 3.2.4 Revised_is1) (Version: 3.2.4 Revised - R Core Team)
Rainlendar2 (remove only) (HKLM\...\Rainlendar2) (Version: - )
ResearchSoft Direct Export Helper (HKLM\...\ResearchSoft Direct Export Helper) (Version: - )
RICOH Media Driver (HKLM\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.10.00.04 - RICOH)
RStudio (HKLM\...\RStudio) (Version: 0.99.484 - RStudio)
SciDAVis 1.D5 (HKLM\...\SciDAVis) (Version: 1.D5 - )
SigmaPlot 11.0 (HKLM\...\{B1A88375-BAB9-4081-B58F-A137FC6ED2A4}) (Version: 11.0 - Systat Software, Inc.)
Skype™ 7.22 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.108 - Skype Technologies S.A.)
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2C06_hpZ1379z) (Version: - )
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
StartupMonitor (HKLM\...\{76EFAC4F-1712-401F-B2AE-590B170C9BCE}) (Version: 1.0.2.0 - Mike Lin)
STATISTICA 9.1.210.0 (HKLM\...\{93ac258b-48e2-75fc-8d9c-e8496769386d}) (Version: 9.1.210.0 - StatSoft, Inc.)
Stickies 8.0a (HKLM\...\ZhornStickies) (Version: - Zhorn Software)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
TableCurve 2D v5.01 (HKLM\...\TableCurve 2D v5.01) (Version: - )
TableCurve 3D v4.0 (HKLM\...\TableCurve 3D v4.0) (Version: - )
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
TreeDBNotes 4 (HKLM\...\TreeDBNotes 4) (Version: - )
UBitMenu UK (HKLM\...\{C8748FFB-1713-4e95-B3DF-4F1622D96F93}_is1) (Version: 01.04 - UBit Schweiz AG)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC Runtimes MSI (Version: 9.0.21022 - Microsoft) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VirtuaWin v4.4 (HKLM\...\VirtuaWin_is1) (Version: - )
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
wePresent WiPG-1000 (HKLM\...\wePresent WiPG-1000_is1) (Version: 1.2.4.5 - AWIND Inc)
Winamp (HKLM\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM\...\{6C9F6D23-E9AD-43C9-B43A-011562AAF876}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM\...\{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
WinMerge 2.14.0 (HKLM\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.6.2015.18 - Ruiware)
WinRAR 5.01 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
WinX DVD Ripper 5.6.0 (HKLM\...\WinX DVD Ripper_is1) (Version: - Digiarty Software, Inc.)
WordWeb (HKLM\...\WordWeb) (Version: 7 - WordWeb Software)
XLSTAT 2010 (HKLM\...\{68B36FA5-E276-4C03-A56C-EC25717E1668}) (Version: 12.2.03 - Addinsoft)
XMind 2013 (v3.4.0) (HKLM\...\XMind_is1) (Version: 3.4.0.201311050558 - XMind Ltd.)
Zim Desktop Wiki (HKLM\...\Zim Desktop Wiki) (Version: - )
Zotero Standalone 4.0.20 (x86 en-US) (HKLM\...\Zotero Standalone 4.0.20 (x86 en-US)) (Version: 4.0.20 - Zotero)
Zotero Standalone 4.0.28 (x86 en-US) (HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Zotero Standalone 4.0.28 (x86 en-US)) (Version: 4.0.28 - Zotero)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\SD\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{05187161-5C36-4324-A734-22BF37509F2D}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfTheoraDecoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{05A1D945-A794-44EF-B41A-2F851A117155}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfVorbisDecoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\SD\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{121EA765-6D3F-4519-9686-A0BA6E5281A2}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfTheoraEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{1F3EFFE4-0E70-47C7-9C48-05EB99E20011}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfOggMux.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{2F234A01-A4EB-4EAB-A130-A13C97953F0B}\localserver32 -> D:\Programs on D\OriginLab\Origin851\Origin85.exe (OriginLab Corporation)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\SD\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{3376086C-D6F9-4CE4-8B89-33CD570106B5}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfFLACDecoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\SD\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{5C769985-C3E1-4F95-BEE7-1101C465F5FC}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfTheoraEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{5C94FE86-B93B-467F-BFC3-BD6C91416F9B}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfVorbisEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{61F6D8A0-2863-11D0-BBB6-00409512C43D}\localserver32 -> D:\Programs on D\OriginLab\Origin851\Origin85.exe (OriginLab Corporation)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfNativeFLACSource.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{7036C2FE-A209-464C-97AB-95B9260EDBF7}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfSpeexEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{7605E26C-DE38-4B82-ADD8-FE2568CC0B25}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfSpeexDecoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{77E3A6A3-2A24-43FA-B929-00747E4B560B}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfFLACEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{7CC95AE6-C1FA-40CC-AB17-3E91DA2F77CA}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\AxPlayer.dll (Xiph.Org)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\SD\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\SD\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{9FE89513-7A1C-4229-8DF1-AB272A668E52}\localserver32 -> D:\Programs on D\OriginLab\Origin851\Origin85.exe (OriginLab Corporation)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{A538F05F-DC08-4BF9-994F-18A86CCA6CC4}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfVorbisEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\SD\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{B0F21977-8AAB-4632-A73D-528B909C5663}\localserver32 -> D:\Programs on D\OriginLab\Origin851\Origin85.exe (OriginLab Corporation)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\SD\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\SD\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{C9361F5A-3282-4944-9899-6D99CDC5370B}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfOggDemux2.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ED3110F0-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\webmmux.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ED3110F3-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\vp8decoder.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ED3110F5-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\vp8encoder.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ED3110F8-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\webmsplit.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ED311102-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\vp8encoder.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ED79AEC0-68AD-4BE6-B06E-B4D3C8101624}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfSpeexEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{EE66A998-4E5C-4E23-A0F3-97C40D87EC48}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfFLACEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\SD\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0057E525-0505-4EA9-9B38-6E14A6DB1E37} - System32\Tasks\Opera scheduled Autoupdate 1391229852 => D:\Programs on D\Opera\launcher.exe [2016-03-24] (Opera Software)
Task: {04387A8A-B1AD-4F21-9545-D5EB916AD134} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-25] (Adobe Systems Incorporated)
Task: {04B53A1A-C12E-4FF5-8D60-184ABE28487B} - System32\Tasks\{608BE89A-5B9D-40C0-A925-76B242B507AE} => C:\STAT\STA_WIN.EXE [1995-12-14] ()
Task: {08AD8929-9E7A-4382-8D24-E622CE758ED3} - System32\Tasks\{A6CE1F8C-EB2A-4320-AD1E-27CD6D0EC567} => pcalua.exe -a "D:\Programs on D\DLIDownloader\Uninstall.exe" -d "D:\Programs on D\DLIDownloader"
Task: {17FE5E7B-74FF-402F-94D0-A0CBBB4FC669} - System32\Tasks\{6BEDB762-CBF9-4E77-98F1-CAF58AEDC73C} => C:\STAT\STA_WIN.EXE [1995-12-14] ()
Task: {2426AF32-AD8E-4E19-A36A-C6601E3E40B8} - System32\Tasks\{A1A3F479-C159-4D9F-9045-7BB9C1EC9B73} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {2431F5E8-0B12-4205-ADDD-06DE4A0BEED1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {2E3324AF-D6F0-463E-92FA-3573A83C9B17} - System32\Tasks\{F5BC9529-58D4-4FBE-AC12-BC96C49EAAD0} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {358A1515-76B7-4029-B542-7325DEA04A4E} - System32\Tasks\{D1C665D2-AE1D-4FC6-9DD2-5EB523401A17} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {3B622486-BCE3-4B0A-8DF1-745F972893FC} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2015-11-11] (AO Kaspersky Lab)
Task: {4961C2E6-67C8-4AD3-B45B-640A6E6B7C65} - System32\Tasks\MATLAB R2015b Startup Accelerator => D:\Programs on D\MATLAB_R2015b\bin\win32\MATLABStartupAccelerator.exe [2015-07-30] ()
Task: {50D4F229-5BEC-401B-BF5C-5D799BDF4C9A} - System32\Tasks\{7811F6EC-FE1C-4B83-BE46-422CC076F413} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {52CC46EE-ADB3-40F5-BD22-208CEE972AF9} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000Core => C:\Users\SD\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {53FB695C-720C-471B-AD5D-44014B0ABDEB} - System32\Tasks\{AD0876B4-D39A-4DD8-86B0-BCD69F7EAF0D} => pcalua.exe -a C:\Users\SD\Desktop\vpnclient-win-msi-5.0.07.0290-k9.exe -d C:\Users\SD\Desktop
Task: {5872593A-3CD0-47D7-AFF3-E3327857612C} - System32\Tasks\{92FCA738-36EB-42AD-A7D9-B666A87BAC0E} => E:\DeyAtPune\ResearchRelated\qbasic\QB.EXE [1988-09-28] ()
Task: {5EF67412-CD9C-48C7-BED4-AB6731B2E244} - System32\Tasks\{42D78DDF-602A-407C-BB51-D178536D8748} => msiexec.exe /package "H:\PuneSoftwares_5\Softwares_Scientific\ENDNOTE_official\ENX3Inst.msi"
Task: {6035E747-3828-4C10-8446-174F72704E87} - System32\Tasks\{9BA6AC18-4F97-485F-A275-4E2A5CF99FE2} => C:\STAT\STA_WIN.EXE [1995-12-14] ()
Task: {68AC9B48-149D-4E19-A2C8-7D1C0722F51E} - System32\Tasks\{D39EA1C0-5FE8-49CA-8940-E06AF176B574} => pcalua.exe -a F:\install.exe -d F:\
Task: {6C66C042-D363-42F8-89DE-86D199907E52} - System32\Tasks\{8FE17DE7-D42E-4A8C-866C-AC7D02AC15C4} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {6D19562B-A068-4AA6-9894-CF5CFAD2810C} - System32\Tasks\CCleanerSkipUAC => D:\Programs on D\CCleaner\CCleaner.exe [2016-03-12] (Piriform Ltd)
Task: {7C42C550-9C79-4A2E-81A0-FE8C7CA3F077} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-03-22] ()
Task: {8D4CC7F0-55CD-4124-9071-1939FD999AD8} - System32\Tasks\{72D0F312-E5F1-4D3A-8F18-2FDF97C330C6} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {95C24F6F-4353-41C2-B534-D22335DC48FF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000UA => C:\Users\SD\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {A53A59EF-5F65-4A06-BFEA-83DFF6A8D62A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000Core => C:\Users\SD\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A553968D-B7CA-4FC6-97C1-7ABF9897748E} - System32\Tasks\{8543325E-768C-40AF-B55B-6728574574E3} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {AC69D728-0C06-4D97-86EF-34FA329959BB} - System32\Tasks\{BA0262CE-9EB3-4AA6-91EB-F6B849961DDB} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {B59B09A1-737D-4345-9534-E08E1DED510F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000UA => C:\Users\SD\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B6F99914-A54B-49A6-B7D7-2D4B5D57A617} - System32\Tasks\{F32FD8CA-02C4-42CD-AC14-91CDAD479151} => pcalua.exe -a F:\Softwares\sp45191.exe -d F:\Softwares
Task: {BA0D22DD-914F-4616-A80D-421C39F82F20} - System32\Tasks\{04ECD668-8639-4961-B04E-60B035295D39} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {DA7AEB82-8347-49D2-83E4-70AF76416706} - System32\Tasks\{AC6497A7-358E-4F83-95C1-621210D972E1} => E:\DeyAtPune\ResearchRelated\qbasic\QB.EXE [1988-09-28] ()
Task: {DC135B8B-280E-4F88-93A2-5C234C0FF809} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {E53B4C8C-3F60-468A-9842-A20C161E4257} - System32\Tasks\{07C7D1A3-37A5-4918-90A3-917679C83D7C} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {EBDD3284-2B27-4038-98AE-E4D9B133A36D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {F569A633-3378-4C3B-BCC3-07D62A26370B} - System32\Tasks\{598F0CC9-8002-43CE-9AAD-F0F4C50CFA5F} => pcalua.exe -a C:\Users\SD\Desktop\Merge7zInstaller0028-465-920.exe -d C:\Users\SD\Desktop
Task: {F8E67D14-5BBC-4ACB-8CAB-E3AB9C1AF71A} - System32\Tasks\{41FDA522-DA87-491F-ABB8-2BD58F2A2EC4} => C:\STAT\STA_BAS.EXE [1995-12-14] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000Core.job => C:\Users\SD\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000UA.job => C:\Users\SD\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000Core.job => C:\Users\SD\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000UA.job => C:\Users\SD\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job => D:\Programs on D\MATLAB_R2015b\bin\win32\MATLABStartupAccelerator.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-12-17 09:58 - 2015-11-05 21:36 - 02216136 _____ () C:\Windows\system32\nvwmi.exe
2014-02-02 21:23 - 2013-10-23 15:23 - 00089136 _____ () C:\Windows\System32\cpwmon2k.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Windows\system32\vpnapi.dll
2009-03-13 06:48 - 2014-08-06 06:31 - 01048576 _____ () D:\Programs on D\Everything\Everything.exe
2014-10-01 18:05 - 2014-10-01 18:05 - 06847824 _____ () D:\Programs on D\AtempoLiveNavigator\bin\HNagent.exe
2013-12-17 09:57 - 2015-10-13 22:17 - 00113840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-08-08 00:55 - 2013-08-08 00:55 - 00093696 _____ () D:\Programs on D\FileZilla FTP Client\fzshellext.dll
2000-05-20 17:23 - 2000-05-20 17:23 - 00086016 _____ () C:\Windows\StartupMonitor.exe
2014-12-10 12:25 - 2014-12-10 12:25 - 00774656 _____ () C:\Program Files\Box\Box Sync\_hashlib.pyd
2014-11-18 15:04 - 2014-11-18 15:04 - 00098816 _____ () C:\Program Files\Box\Box Sync\win32api.pyd
2014-11-18 15:04 - 2014-11-18 15:04 - 00110080 _____ () C:\Program Files\Box\Box Sync\pywintypes27.dll
2014-11-18 15:04 - 2014-11-18 15:04 - 00364544 _____ () C:\Program Files\Box\Box Sync\pythoncom27.dll
2014-12-10 12:25 - 2014-12-10 12:25 - 00087552 _____ () C:\Program Files\Box\Box Sync\_ctypes.pyd
2014-12-10 12:25 - 2014-12-10 12:25 - 00046080 _____ () C:\Program Files\Box\Box Sync\_socket.pyd
2014-12-10 12:25 - 2014-12-10 12:25 - 01201152 _____ () C:\Program Files\Box\Box Sync\_ssl.pyd
2015-05-28 15:16 - 2015-05-28 15:16 - 00036352 _____ () C:\Program Files\Box\Box Sync\_psutil_windows.pyd
2014-12-10 12:25 - 2014-12-10 12:25 - 00686080 _____ () C:\Program Files\Box\Box Sync\unicodedata.pyd
2015-05-28 16:37 - 2015-05-28 16:37 - 00003584 _____ () C:\Program Files\Box\Box Sync\clr.pyd
2015-05-28 15:17 - 2015-05-28 15:17 - 00024576 _____ () C:\Program Files\Box\Box Sync\ujson.pyd
2014-12-10 12:25 - 2014-12-10 12:25 - 00010240 _____ () C:\Program Files\Box\Box Sync\select.pyd
2014-12-10 12:25 - 2014-12-10 12:25 - 00128512 _____ () C:\Program Files\Box\Box Sync\_elementtree.pyd
2014-12-10 12:25 - 2014-12-10 12:25 - 00127488 _____ () C:\Program Files\Box\Box Sync\pyexpat.pyd
2014-11-18 15:04 - 2014-11-18 15:04 - 00320512 _____ () C:\Program Files\Box\Box Sync\win32com.shell.shell.pyd
2014-11-18 15:04 - 2014-11-18 15:04 - 00018432 _____ () C:\Program Files\Box\Box Sync\win32event.pyd
2015-08-11 22:39 - 2015-08-11 22:39 - 00048128 _____ () C:\Program Files\Box\Box Sync\_sqlite3.pyd
2014-11-18 15:04 - 2014-11-18 15:04 - 00119808 _____ () C:\Program Files\Box\Box Sync\win32file.pyd
2014-11-18 15:04 - 2014-11-18 15:04 - 00108544 _____ () C:\Program Files\Box\Box Sync\win32security.pyd
2014-11-18 15:04 - 2014-11-18 15:04 - 00035840 _____ () C:\Program Files\Box\Box Sync\win32process.pyd
2014-11-18 15:04 - 2014-11-18 15:04 - 00025600 _____ () C:\Program Files\Box\Box Sync\win32cred.pyd
2015-05-28 15:16 - 2015-05-28 15:16 - 00029184 _____ () C:\Program Files\Box\Box Sync\Crypto.Cipher._AES.pyd
2015-05-28 15:16 - 2015-05-28 15:16 - 00007168 _____ () C:\Program Files\Box\Box Sync\Crypto.Util.strxor.pyd
2015-05-28 15:16 - 2015-05-28 15:16 - 00009728 _____ () C:\Program Files\Box\Box Sync\Crypto.Random.OSRNG.winrandom.pyd
2015-05-28 15:16 - 2015-05-28 15:16 - 00010240 _____ () C:\Program Files\Box\Box Sync\Crypto.Util._counter.pyd
2014-11-18 15:04 - 2014-11-18 15:04 - 00042496 _____ () C:\Program Files\Box\Box Sync\win32service.pyd
2015-05-28 15:17 - 2015-05-28 15:17 - 00020480 _____ () C:\Program Files\Box\Box Sync\_yappi.pyd
2014-12-10 12:25 - 2014-12-10 12:25 - 00027136 _____ () C:\Program Files\Box\Box Sync\_multiprocessing.pyd
2014-11-18 15:04 - 2014-11-18 15:04 - 00017920 _____ () C:\Program Files\Box\Box Sync\win32clipboard.pyd
2014-11-18 15:04 - 2014-11-18 15:04 - 00167936 _____ () C:\Program Files\Box\Box Sync\win32gui.pyd
2013-03-10 23:28 - 2013-03-10 23:28 - 02598496 _____ () D:\Programs on D\Rainlendar2\Rainlendar2.exe
2012-05-17 00:31 - 2012-05-17 00:31 - 00140800 _____ () D:\Programs on D\Rainlendar2\lua52.dll
2013-03-10 23:29 - 2013-03-10 23:29 - 00215648 _____ () D:\Programs on D\Rainlendar2\plugins\iCalendarPlugin.dll
2012-06-17 18:52 - 2012-06-17 18:52 - 00012800 _____ () D:\Programs on D\Rainlendar2\lfs.dll
2013-11-30 22:37 - 2010-04-03 14:05 - 00380928 _____ () D:\Programs on D\Launchy\Launchy.exe
2013-11-30 22:37 - 2009-12-16 23:13 - 08314880 _____ () D:\Programs on D\Launchy\QtGui4.dll
2013-11-30 22:37 - 2009-12-16 22:54 - 02236416 _____ () D:\Programs on D\Launchy\QtCore4.dll
2013-11-30 22:37 - 2009-12-16 22:56 - 00712704 _____ () D:\Programs on D\Launchy\QtNetwork4.dll
2013-11-30 22:37 - 2009-12-17 01:18 - 00233472 _____ () D:\Programs on D\Launchy\imageformats\qmng4.dll
2013-11-30 22:37 - 2010-04-03 14:06 - 00081920 _____ () D:\Programs on D\Launchy\plugins\calcy.dll
2013-11-30 22:37 - 2010-04-03 14:05 - 00090112 _____ () D:\Programs on D\Launchy\plugins\controly.dll
2013-11-30 22:37 - 2010-04-03 14:06 - 00024064 _____ () D:\Programs on D\Launchy\plugins\gcalc.dll
2013-11-30 22:37 - 2010-04-03 14:06 - 00094208 _____ () D:\Programs on D\Launchy\plugins\runner.dll
2013-11-30 22:37 - 2010-04-03 14:05 - 00057344 _____ () D:\Programs on D\Launchy\plugins\verby.dll
2013-11-30 22:37 - 2010-04-03 14:05 - 00122880 _____ () D:\Programs on D\Launchy\plugins\weby.dll
2016-03-20 14:23 - 2016-02-23 23:49 - 00034768 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-03-20 14:22 - 2016-02-23 23:50 - 00019408 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-03-20 14:22 - 2016-02-23 23:49 - 00116688 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-03-20 14:23 - 2016-02-23 23:49 - 00093640 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-03-20 14:23 - 2016-02-23 23:49 - 00018376 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\select.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00019760 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00105928 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-03-20 14:22 - 2016-02-23 23:49 - 00392144 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-03-20 14:23 - 2016-03-12 05:48 - 00381752 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-03-20 14:23 - 2016-02-23 23:49 - 00692688 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00020816 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-03-20 14:23 - 2016-02-23 23:50 - 00112592 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 01682760 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00020808 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00020800 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00021840 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00038696 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-03-20 14:22 - 2016-02-23 23:51 - 00020936 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00024528 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00114640 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00124880 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00021832 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00024016 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00175560 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00030160 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00043472 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00028616 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00048592 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00026456 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00057808 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00024016 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00117056 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00024392 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-03-20 14:22 - 2016-02-23 23:51 - 00036296 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\librsync.dll
2016-03-20 14:23 - 2016-03-12 05:48 - 00023376 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-03-20 14:23 - 2016-02-23 23:49 - 00134608 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-03-20 14:22 - 2016-02-23 23:49 - 00134088 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-03-20 14:22 - 2016-02-23 23:50 - 00240584 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00052024 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00020800 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00021824 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00019776 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00020800 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00020280 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00350152 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00022352 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00084792 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-03-20 14:22 - 2016-03-12 05:48 - 01826096 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-03-20 14:23 - 2016-02-23 23:50 - 00083912 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\sip.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 03928880 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 01971504 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00531248 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00132912 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00223544 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00207672 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00158008 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00042808 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-03-20 14:22 - 2016-02-23 23:53 - 00017864 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-03-20 14:22 - 2016-02-23 23:53 - 01631184 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-03-20 14:22 - 2016-03-12 05:48 - 00546096 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00357680 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-03-20 14:22 - 2016-02-23 23:55 - 00697304 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-03-25 15:22 - 2016-03-25 15:22 - 00022528 _____ () C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
2016-03-31 09:53 - 2016-03-27 13:28 - 01675928 _____ () C:\Program Files\Google\Chrome\Application\49.0.2623.110\libglesv2.dll
2016-03-31 09:53 - 2016-03-27 13:28 - 00086168 _____ () C:\Program Files\Google\Chrome\Application\49.0.2623.110\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 07:34 - 2009-06-11 03:09 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.130 - 218.248.241.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Search Everything.lnk => C:\Windows\pss\Search Everything.lnk.CommonStartup

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{B6659186-6C94-4CB2-854F-958A976ACC16}] => (Allow) D:\Programs on D\Winamp\winamp.exe
FirewallRules: [{2CD3833F-4C8E-48D8-8E07-1B6844111769}] => (Allow) D:\Programs on D\Winamp\winamp.exe
FirewallRules: [{C1DEBC08-BE1C-4DD9-9EBE-AAE53C8B436A}] => (Allow) C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6AFF1CEF-3553-4520-8AE1-F93A6EB1E58A}] => (Allow) C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D8F7AE10-DB7B-4954-9593-B3B35D8A1F43}] => (Allow) C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4C7891F2-C306-4CF5-8AAA-B6E9E968E937}] => (Allow) C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0ABEA87C-6B65-4929-B1D8-E26E611F9533}] => (Allow) D:\Programs on D\Microsoft Office\Office12\outlook.exe
FirewallRules: [{1074D3BB-E492-4CD1-9B4D-27F844F093DF}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{BC1F194F-1962-4BF7-B7CD-8694B458D60F}] => (Allow) D:\Programs on D\SPSS21\stats.exe
FirewallRules: [{F85081D3-74C3-4EA8-B1C3-8C4214EB9AFD}] => (Allow) D:\Programs on D\SPSS21\WinWrapIDE.exe
FirewallRules: [{864FA32B-9550-4E25-BB8F-0574DF41A0B0}] => (Allow) D:\Programs on D\SPSS21\stats.com
FirewallRules: [{52C962DC-8FD8-4302-9DBC-1DC2B196A618}] => (Allow) D:\Programs on D\SPSS21\stats.exe
FirewallRules: [{79577281-6AAF-47A6-9573-129CEC656642}] => (Allow) D:\Programs on D\SPSS21\WinWrapIDE.exe
FirewallRules: [{D5F06E88-E1C5-430F-801B-46C57F8F1DA2}] => (Allow) D:\Programs on D\SPSS21\stats.com
FirewallRules: [{75B3E1DD-CECF-42B7-A917-FE2F06170094}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe
FirewallRules: [{5691296A-AE61-4B93-91EA-D199C6F0DDEF}] => (Allow) LPort=5357
FirewallRules: [{744847DD-E3DB-4482-888E-A48F7C970EF0}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{57EFCC4B-398C-44A4-A7B6-AF5D7E26376C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{250A7654-4F78-4231-9208-FD27B1B21BEC}] => (Allow) D:\Programs on D\Mozilla Firefox\firefox.exe
FirewallRules: [{74E4C8BB-18A2-4654-A63E-BB8AB4909CAE}] => (Allow) D:\Programs on D\Mozilla Firefox\firefox.exe
FirewallRules: [{DB857B1A-9548-4358-9667-B37D2FAE281E}] => (Allow) C:\Program Files\wePresent WiPG-1000\wePresent WiPG-1000.exe
FirewallRules: [{1A5EC10C-34D6-4FCF-899C-21DCC83A597E}] => (Allow) C:\Program Files\wePresent WiPG-1000\wePresent WiPG-1000.exe
FirewallRules: [{14ADEF72-3769-4FF3-A9D0-1825679E3420}] => (Allow) C:\Program Files\wePresent WiPG-1000\SidePadLite.exe
FirewallRules: [{8E4C6877-98B8-459F-AC33-241B5AFCB9F6}] => (Allow) C:\Program Files\wePresent WiPG-1000\SidePadLite.exe
FirewallRules: [{24FF300B-46FB-4856-9EEF-519027AB1180}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{76B69942-E506-4CAE-B870-77B900517D96}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{58C857A4-F05B-4C62-B4C3-8AE686623A2D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Broadcom 802.11 Multiband Network Adapter
Description: Broadcom 802.11 Multiband Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2016 02:41:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 01:13:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 01:01:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 11:13:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2016 07:07:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2016 06:53:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2016 06:39:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2016 05:54:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2016 03:38:08 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: LockedIconOverlay: Cannot create the overlay icon path.

Error: (04/09/2016 03:38:08 PM) (Source: SharpShell) (EventID: 0) (User: )
Description: System.IO.IOException: The process cannot access the file 'C:\Users\SD\AppData\Local\Temp\LockedIconOverlay.ico' because it is being used by another process.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.File.InternalDelete(String path, Boolean checkHost)
at System.IO.File.Delete(String path)
at SharpShell.SharpIconOverlayHandler.SharpIconOverlayHandler.CreateTemporaryIconFilePath()
at SharpShell.SharpIconOverlayHandler.SharpIconOverlayHandler.GetIconFilePath()


System errors:
=============
Error: (04/14/2016 02:37:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/14/2016 02:37:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/14/2016 02:37:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/14/2016 02:32:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/14/2016 02:32:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/14/2016 02:32:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/14/2016 02:29:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/14/2016 02:29:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/14/2016 02:29:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/14/2016 02:24:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


CodeIntegrity:
===================================
Date: 2014-10-14 12:38:33.151
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-14 12:38:33.151
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-14 12:38:33.151
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-14 12:38:33.135
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-14 12:38:33.135
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-14 12:38:33.135
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-14 12:38:33.120
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-14 12:38:33.120
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-14 12:38:33.120
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-10-14 12:38:33.120
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T7800 @ 2.60GHz
Percentage of memory in use: 72%
Total physical RAM: 3071.3 MB
Available physical RAM: 835.8 MB
Total Virtual: 6140.93 MB
Available Virtual: 2962.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:52.62 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:97.66 GB) (Free:66.79 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:97.66 GB) (Free:55.21 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:172.79 GB) (Free:67.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EE1E1188)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=270.4 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

Attached Files


Edited by Oh My!, 14 April 2016 - 08:45 AM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:18 AM

Posted 14 April 2016 - 08:55 AM

Greetings troubledsoul and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Does this India Internet Service Provider look familiar?

India Bangalore Broadband Multiplay Project

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Click Format and check Word Wrap
  • Please copy and paste the contents of the below code box into the open notepad and save it to your Desktop as fixlist.txt. If FRST.exe is not on your Deskptop please move it to that location. (<<<Important)
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
ProxyServer: [S-1-5-21-1435187640-4071721805-2113652602-1000] => 192.168.1.51:3128
AutoConfigURL: [S-1-5-21-1435187640-4071721805-2113652602-1000] => 192.168.1.51:3128
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - D:\Programs on D\Internet Download Manager\IDMGCExt.crx <not found>
2014-12-06 20:43 - 2014-12-06 20:43 - 0000125 _____ () C:\Users\SD\AppData\Local\53E9472D_stp.CIS.part
Folder: C:\drvrtmp
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed youi will see Pending. Please check elements you don't want to remove above the progress bar
  • Click on Clean
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can also find the logfile at C:\AdwCleaner\AdwCleaner.txt
===================================================

Farbar's MiniToolBox

--------------------
  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure only the following options are checked:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries

  • Click Go and once the scan is completed a MTB.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Recognize Internet Service Provider?
  • Fixlog
  • AdwCleaner log
  • MTB report
  • System Summary Information
  • Update on computer behavior

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 troubledsoul

troubledsoul
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 14 April 2016 - 12:34 PM

Dear Gary
 
1. Many thanks for your help! I agree to abide by the ground rules that you have mentioned.
 
2. Please call me Dey. 
 
3. I have a request. Although I am not very technically proficient, I would be grateful if you could keep me in loop in terms of what you are thinking regarding the various logs + the direction you are taking. I know that this substantially increases the time that you spend on this. I will completely understand if you say no to this request, but will love it if you say yes!
 
4. Quick update: In my last post, I had written that I had somehow been able to connect to the net. However, my luck had run out after making that post (which means that the TCP/IPv4 on LAN settings were probably blank when I ran all those tests that you said). 
So I am accessing this forum on another computer and carrying out all your instructions by moving the files between this comp and mine one on a USB. While MTB was running, the infected computer was not connected to the internet (you will see that on the log).
5. However, once I figured out that MTB was probably trying to ping the internet, I did connect my comp to the net and tried accessing the net (did not run MTB again). No luck. I still can not access the internet.
 
Now to go to your specific questions:
 
  • Recognize Internet Service Provider:

This is BSNL. This is the service provider that I use here. Should not be any issue there.

  • Fixlog
Fix result of Farbar Recovery Scan Tool (x86) Version:13-04-2016
Ran by SD (2016-04-14 22:04:45) Run:1
Running from C:\Users\SD\Desktop
Loaded Profiles: SD (Available Profiles: SD)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
ProxyServer: [S-1-5-21-1435187640-4071721805-2113652602-1000] => 192.168.1.51:3128
AutoConfigURL: [S-1-5-21-1435187640-4071721805-2113652602-1000] => 192.168.1.51:3128
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - D:\Programs on D\Internet Download Manager\IDMGCExt.crx <not found>
2014-12-06 20:43 - 2014-12-06 20:43 - 0000125 _____ () C:\Users\SD\AppData\Local\53E9472D_stp.CIS.part
Folder: C:\drvrtmp
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp" => key removed successfully.
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully.
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
"HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek" => key removed successfully.
C:\Users\SD\AppData\Local\53E9472D_stp.CIS.part => moved successfully
 
========================= Folder: C:\drvrtmp ========================
 
2016-04-09 17:48 - 2007-12-14 13:06 - 0121440 _____ (Intel Corporation) C:\drvrtmp\E1000MSG.DLL
2016-04-09 17:48 - 2007-10-30 15:46 - 0002893 _____ () C:\drvrtmp\E1E5032.DIN
2016-04-09 17:48 - 2009-06-18 00:58 - 0217600 _____ (Intel Corporation) C:\drvrtmp\E1E5032.SYS
2016-04-09 17:48 - 2009-08-07 07:29 - 0020284 _____ () C:\drvrtmp\E1E5132.CAT
2016-04-09 17:48 - 2007-10-30 15:46 - 0002905 _____ () C:\drvrtmp\E1E5132.DIN
2016-04-09 17:48 - 2009-07-23 10:54 - 0193955 _____ () C:\drvrtmp\E1E5132.INF
2016-04-09 17:48 - 2009-06-18 00:59 - 0234496 _____ (Intel Corporation) C:\drvrtmp\E1E5132.SYS
2016-04-09 17:48 - 2009-08-07 07:39 - 0011362 _____ () C:\drvrtmp\E1Y5132.CAT
2016-04-09 17:48 - 2008-11-07 16:43 - 0002936 _____ () C:\drvrtmp\E1Y5132.DIN
2016-04-09 17:48 - 2009-07-23 11:00 - 0124045 _____ () C:\drvrtmp\E1Y5132.INF
2016-04-09 17:48 - 2009-07-23 10:18 - 0239832 _____ (Intel Corporation) C:\drvrtmp\E1Y5132.SYS
2016-04-09 17:48 - 2009-06-08 12:07 - 0101080 _____ () C:\drvrtmp\NetInst.dll
2016-04-09 17:48 - 2007-08-07 01:28 - 0028272 _____ (Intel Corporation) C:\drvrtmp\NicCo2.dll
2016-04-09 17:48 - 2009-01-26 17:38 - 0060024 _____ (Intel Corporation) C:\drvrtmp\NicInste.dll
2016-04-09 17:48 - 2009-03-24 18:47 - 0061048 _____ (Intel Corporation) C:\drvrtmp\NicInstY.dll
2016-04-09 17:48 - 2009-03-31 13:58 - 0252544 _____ (Intel Corporation) C:\drvrtmp\PROUnstl.exe
2016-04-09 17:48 - 2009-06-08 12:07 - 0053976 _____ (Intel® Corporation) C:\drvrtmp\SetBDRes.dll
2016-04-09 17:48 - 2006-01-12 14:52 - 0001904 _____ () C:\drvrtmp\SetupBD.din
2016-04-09 17:48 - 2009-06-08 12:07 - 0269016 _____ (Intel® Corporation) C:\drvrtmp\SetupBD.exe
2016-04-09 17:48 - 2009-08-14 05:09 - 0002538 _____ () C:\drvrtmp\SetupBD.ini
 
====== End of Folder: ======
 
 
 
The system needed a reboot.
 

 

==== End of Fixlog 22:05:21 ====
 
==================================================================
  • AdwCleaner log
# AdwCleaner v5.111 - Logfile created 14/04/2016 at 22:16:04
# Updated 14/04/2016 by Xplode
# Database : 2016-04-10.2 [Local]
# Operating system : Windows 7 Professional Service Pack 1 (X86)
# Username : SD - MINDBLOWER
# Running from : C:\Users\SD\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files\mipony
[-] Folder Deleted : C:\Users\SD\AppData\Roaming\mipony
[-] Folder Deleted : C:\Users\SD\AppData\Roaming\updaterservice
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\SD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
[-] File Deleted : C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\invalidprefs.js
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : RunAsStdUser Task
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MiPony.exe
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf
[-] Key Deleted : HKLM\SOFTWARE\Classes\mipony
[-] Key Deleted : HKLM\SOFTWARE\Classes\mipony-ext
[-] Key Deleted : HKLM\SOFTWARE\Classes\mpybrowser
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{90C7D10E-CE9A-479B-A238-1A0F2396DE43}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93A22E7A-5091-45EF-BA61-6DA26156A5D0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0606860-51BE-4CF6-99C0-7CE5F78AC2D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A28F324B-DDC5-4999-AA25-D3A7E25EF7A8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A8B25C0E-0894-4531-B668-AB1599FAF7F6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B86F6BEE-E7C0-4D03-8D52-5B4430CF6C88}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BD4FB4BE-809D-487b-ADD6-F7D164247E52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C2D6D98F-09CA-4524-AF64-1049B5665C9C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D6A9B8CC-192D-4F00-8BF8-AD8774011B07}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DBF9000E-F08C-4858-B769-C914A0FBB1D7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F13D3732-96BD-4108-AFEB-E85F68FF64DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6E8FC04-8B05-48B1-9399-848229502A06}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFFCC670-5CD4-4C09-952C-F53F46C2B1A7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0180E49C-13BF-46DB-9AFD-9F52292E1C22}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0512B874-44F6-48F1-AFB5-6DE808DDE230}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05F983EC-637F-4133-B489-5E03914929D7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B390488-D80F-4A68-8408-48DC199F0E97}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1F71651E-65D2-40BF-AC44-275D11927D99}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E3ECA90-4D6A-4344-98C3-1BB95BF24038}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{49590BC9-6DD5-4E44-AD4C-E8FCB7131EC4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4DB2B5D9-4556-4340-B189-AD20110D953F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53D9DE0B-FC61-4650-9773-74D13CC7E582}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5711D95F-0984-4A22-8FF8-90A954958D0C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60765CF5-01C2-4EE7-A44B-C791CF25FEA0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64F2005C-6CF5-4652-B94F-600360B15B27}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{650DE05E-5CD3-44F8-BA20-A5BB91FC61E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B63A013-DC2C-462E-9292-CAF8C867100F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CA71B1E-A67D-4D54-A200-FA47605483A7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{87271B4E-1726-4CED-AF0D-BE675621FD29}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895322C5-84A1-450C-8478-C57793CAE86F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8E9922F0-B775-45B8-B650-941BEA790EEB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F43B7D9-9D6B-4F48-BE18-4D787C795EEA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiPony
 
***** [ Web browsers ] *****
 
[-] [C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\prefs.js] Deleted : user_pref("browser.search.searchengine.alias", "mystartsearch");
[-] [C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\prefs.js] Deleted : user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
[-] [C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\prefs.js] Deleted : user_pref("browser.search.searchengine.name", "mystartsearch");
[-] [C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\prefs.js] Deleted : user_pref("browser.search.searchengine.ptid", "amt");
[-] [C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\prefs.js] Deleted : user_pref("browser.search.searchengine.uid", "TOSHIBAXMQ01ABD050_531QTJR3TXX531QTJR3T");
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
:: Chrome preferences reset : C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default
:: Chrome preferences reset : C:\Users\SD\AppData\Roaming\Opera Software\Opera Stable
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [5374 bytes] - [14/04/2016 22:16:04]
C:\AdwCleaner\AdwCleaner[R0].txt - [1746 bytes] - [24/07/2014 21:42:50]
C:\AdwCleaner\AdwCleaner[R1].txt - [1806 bytes] - [24/07/2014 21:45:40]
C:\AdwCleaner\AdwCleaner[S0].txt - [2039 bytes] - [24/07/2014 21:46:57]
C:\AdwCleaner\AdwCleaner[S1].txt - [5186 bytes] - [14/04/2016 22:13:34]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5739 bytes] ##########

 

 
 
 
  • MTB report
MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by SD (administrator) on 14-04-2016 at 22:22:07
Running from "C:\Users\SD\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Model: HP Compaq 8510w Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.backup.ftp", "192.168.1.50"
"network.proxy.backup.ftp_port", 3128
"network.proxy.backup.socks", "192.168.1.50"
"network.proxy.backup.socks_port", 3128
"network.proxy.backup.ssl", "192.168.1.50"
"network.proxy.backup.ssl_port", 3128
"network.proxy.ftp", "192.168.1.50"
"network.proxy.ftp_port", 3128
"network.proxy.http", "192.168.1.50"
"network.proxy.http_port", 3128
"network.proxy.share_proxy_settings", true
"network.proxy.socks", "192.168.1.50"
"network.proxy.socks_port", 3128
"network.proxy.ssl", "192.168.1.50"
"network.proxy.ssl_port", 3128
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Broadcom 802.11 Multiband Network Adapter = Wireless Network Connection (Hardware not present)
Cisco Systems VPN Adapter = Local Area Connection 2 (Hardware not present)
Intel® 82566MM Gigabit Network Connection = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Wireless Network Connection" nexthop=192.168.13.1 publish=Yes
add address name="Wireless Network Connection" address=192.168.13.222 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Mindblower
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter VirtualBox Host-Only Network:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
   Physical Address. . . . . . . . . : 08-00-27-00-B8-08
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::253f:6aab:e25f:b7d4%14(Preferred) 
   Autoconfiguration IPv4 Address. . : 169.254.183.212(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 755499047
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-26-D9-1A-00-1A-4B-7A-6E-F6
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{EE5610C3-F446-4036-9673-4D346D8FCB56}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  fec0:0:0:ffff::1
 
Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  fec0:0:0:ffff::1
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...08 00 27 00 b8 08 ......VirtualBox Host-Only Ethernet Adapter
  1...........................Software Loopback Interface 1
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link   169.254.183.212    276
  169.254.183.212  255.255.255.255         On-link   169.254.183.212    276
  169.254.255.255  255.255.255.255         On-link   169.254.183.212    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link   169.254.183.212    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link   169.254.183.212    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0     192.168.13.1  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 14    276 fe80::/64                On-link
 14    276 fe80::253f:6aab:e25f:b7d4/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\napinsp.dll"
 
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
 
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
 
Catalog5 05 C:\Windows\System32\mswsock.dll [231424] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
 
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\winrnr.dll"
 
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
**** End of log ****
 
 
  • System Summary Information

Added as zip file.

  • Update on computer behavior

No luck. Still can not connect. As stated above, the TCP/IPv4 settings are blank. Do you want me to fill in all the IP settings and try? 

 

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:18 AM

Posted 14 April 2016 - 04:39 PM

Greetings Dey.

Sure, I will attempt to provide a basic explanation of what we are doing.

As you may have seen in the report, your Winsock catalog has been corrupted. Basically the network related software on your computer needs to be provided with instructions about how to access the network. You will see instances of The LibraryPath should be..... What that is indicating is some of the instructions are not there or are incorrect. There is also protocol (TCP/IP) that provides instructions on how the computer is to communicate with the outside world. We are going to reset your TCP/IP.

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
winsock: Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" 
winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\napinsp.dll" 
winsock: Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
winsock: Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
winsock: Catalog5 05 C:\Windows\System32\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
winsock: Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\winrnr.dll"
reboot:
  • Right click on FRST.exe, select Run as administrator then press the Fix button
  • Your computer will automatically reboot
  • When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Test your Internet
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Internet access?

Edited by Oh My!, 15 April 2016 - 09:55 AM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 troubledsoul

troubledsoul
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 14 April 2016 - 11:45 PM

Dear Gary

 

1. Thanks for the instructions.

2. The fixlog is pasted below.

3. Net connection not yet restored.

 

Regards

Dey

 

Fix result of Farbar Recovery Scan Tool (x86) Version:13-04-2016
Ran by SD (2016-04-15 10:03:01) Run:2
Running from C:\Users\SD\Desktop
Loaded Profiles: SD (Available Profiles: SD)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" 
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\napinsp.dll" 
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Catalog5 05 C:\Windows\System32\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\winrnr.dll"
cmd: netsh int ip reset c:\resetlog.txt
CMD: type "C:\resetlog.txt"
reboot:
*****************
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" => Error: No automatic fix found for this entry.
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\napinsp.dll" => Error: No automatic fix found for this entry.
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll" => Error: No automatic fix found for this entry.
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll" => Error: No automatic fix found for this entry.
Catalog5 05 C:\Windows\System32\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" => Error: No automatic fix found for this entry.
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\winrnr.dll" => Error: No automatic fix found for this entry.
 
=========  netsh int ip reset c:\resetlog.txt =========
 
Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  type "C:\resetlog.txt" =========
 
The system cannot find the file specified.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 10:03:03 ====


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:18 AM

Posted 15 April 2016 - 09:58 AM

Greetings,

I modified the script in Post #4. Please run the FRST fix again and post the results.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 troubledsoul

troubledsoul
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 15 April 2016 - 10:15 AM

Hi

No luck, still can not connect. Here is the log:

 

Fix result of Farbar Recovery Scan Tool (x86) Version:13-04-2016
Ran by SD (2016-04-15 20:37:00) Run:3
Running from C:\Users\SD\Desktop
Loaded Profiles: SD (Available Profiles: SD)
Boot Mode: Normal

==============================================

fixlist content:
*****************
winsock: Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\napinsp.dll"
winsock: Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
winsock: Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
winsock: Catalog5 05 C:\Windows\System32\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
winsock: Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\winrnr.dll"
reboot:
*****************

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\winsock: Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" => key not found.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\napinsp.dll" => key not found.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\winsock: Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll" => key not found.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\winsock: Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll" => key not found.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\winsock: Catalog5 05 C:\Windows\System32\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" => key not found.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\winsock: Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\winrnr.dll" => key not found.


The system needed a reboot.

==== End of Fixlog 20:37:00 ====

 

Thanks

Regards

Dey



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:18 AM

Posted 15 April 2016 - 11:22 AM

Thanks for hanging in there. Please do this.

===================================================

Manually Importing a Registry Key (.reg) File

-------------------
  • Download WinSock2.reg to your desktop
  • Right click on the file and select Merge
  • Once you receive confirmation the information was successfully merged reboot your computer
  • Check your Internet
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Results?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 troubledsoul

troubledsoul
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 15 April 2016 - 11:35 AM

Did that. No luck again.

 

Regards

Dey



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:18 AM

Posted 15 April 2016 - 12:11 PM

Thanks,

What is the error message you are receiving now?

Open a web browser type 216.58.216.14 and press Enter. Tell me what happens

Rerun FRST making sure to check Addition.txt and post both logs.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 troubledsoul

troubledsoul
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 15 April 2016 - 12:27 PM

This site can't be reached

http://216.58.216.14/ is unreachable

ERR_ADDRESS_UNREACHABLE

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:13-04-2016
Ran by SD (administrator) on MINDBLOWER (15-04-2016 22:50:53)
Running from C:\Users\SD\Desktop
Loaded Profiles: SD (Available Profiles: SD)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
() D:\Programs on D\Everything\Everything.exe
(Google Inc) C:\Program Files\Google\Google Input Tools\GoogleInputService.exe
() D:\Programs on D\AtempoLiveNavigator\bin\HNagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Google Inc.) C:\Program Files\Google\Google Input Tools\GoogleInputHandler.exe
(Nitro PDF Software) D:\Programs on D\NitroPDF\NitroPDFReaderDriverService3.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Old McDonald's Farm) D:\Programs on D\Autorun Eater\oldmcdonald.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() D:\Programs on D\Everything\Everything.exe
(Oracle Corporation) D:\Programs on D\AtempoLiveNavigator\jre\bin\javaw.exe
(Old McDonald's Farm) D:\Programs on D\Autorun Eater\billy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Windows\StartupMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() D:\Programs on D\Rainlendar2\Rainlendar2.exe
(Ruiware) D:\Programs on D\WinPatrol\WinPatrol.exe
() D:\Programs on D\Launchy\Launchy.exe
(Zhorn Software) D:\Programs on D\Stickies\stickies.exe
(Dropbox, Inc.) C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Autorun Eater] => D:\Programs on D\Autorun Eater\oldmcdonald.exe [522720 2012-02-17] (Old McDonald's Farm)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1183744 2007-02-21] (Analog Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [Everything] => D:\Programs on D\Everything\Everything.exe [1048576 2014-08-06] ()
HKLM\...\Run: [HNTray] => D:\Programs on D\AtempoLiveNavigator\japps\HNTray.jar [81155 2014-10-01] ()
HKLM\...\Run: [Run StartupMonitor] => C:\Windows\StartupMonitor.exe [86016 2000-05-20] ()
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [6154296 2016-03-25] (Box, Inc.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2601816 2015-11-05] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [2756672 2016-03-09] (Dominik Reichl)
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Run: [Rainlendar2] => D:\Programs on D\Rainlendar2\Rainlendar2.exe [2598496 2013-03-10] ()
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Run: [Google Update] => C:\Users\SD\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Run: [Dropbox Update] => C:\Users\SD\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Run: [WinPatrol] => D:\Programs on D\WinPatrol\winpatrol.exe [1216648 2015-08-06] (Ruiware)
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\MountPoints2: {03099ae5-5717-11e3-bf9d-001a4b7a6ef6} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\MountPoints2: {04bc6363-f0ac-11e5-8ac0-001a4b7a6ef6} - H:\AutoRun.exe
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\MountPoints2: {30829f2a-4b36-11e5-8a87-001a4b7a6ef6} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\MountPoints2: {fbb5b0ea-35a0-11e5-97f0-e10cee659626} - "H:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncFileLocked] -> {2a607da5-abe8-358e-a881-c0f5faf2d3a5} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncFileLockedByOther] -> {f7d2951f-0b6b-346c-99ec-69cffc30a364} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncNotSynced] -> {5ea95e3d-3e46-3812-b03c-49785fa67d41} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncProblem] -> {a88b7184-bfa1-3d14-8efb-2225df9699bc} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncSynced] -> {c89f9943-8f58-3eca-bd55-a658f53b2f48} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [__HNOverlayProtStatus1] -> {450ACD9A-FF33-411A-AD17-94F72F47BA3A} => D:\Programs on D\AtempoLiveNavigator\bin\hnoverlay.dll [2014-10-01] (Atempo)
ShellIconOverlayIdentifiers: [__HNOverlayProtStatus2] -> {450ACD9A-FF33-411A-AD17-94F72F47BA3B} => D:\Programs on D\AtempoLiveNavigator\bin\hnoverlay.dll [2014-10-01] (Atempo)
ShellIconOverlayIdentifiers: [__HNOverlayProtStatus3] -> {450ACD9A-FF33-411A-AD17-94F72F47BA3C} => D:\Programs on D\AtempoLiveNavigator\bin\hnoverlay.dll [2014-10-01] (Atempo)
ShellIconOverlayIdentifiers: [__HNOverlayProtStatus4] -> {450ACD9A-FF33-411A-AD17-94F72F47BA3D} => D:\Programs on D\AtempoLiveNavigator\bin\hnoverlay.dll [2014-10-01] (Atempo)
ShellIconOverlayIdentifiers: [__HNOverlayProtStatus5] -> {450ACD9A-FF33-411A-AD17-94F72F47BA3E} => D:\Programs on D\AtempoLiveNavigator\bin\hnoverlay.dll [2014-10-01] (Atempo)
ShellIconOverlayIdentifiers: [__HNOverlayProtStatus6] -> {450ACD9A-FF33-411A-AD17-94F72F47BA3F} => D:\Programs on D\AtempoLiveNavigator\bin\hnoverlay.dll [2014-10-01] (Atempo)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk [2015-09-27]
ShortcutTarget: Launchy.lnk -> D:\Programs on D\Launchy\Launchy.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk [2015-09-27]
ShortcutTarget: Stickies.lnk -> D:\Programs on D\Stickies\stickies.exe (Zhorn Software)
Startup: C:\Users\SD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{407CBC13-5C23-4C13-8B25-A1EEB57F2C0D}: [NameServer] 192.168.1.130,8.8.8.8
Tcpip\..\Interfaces\{407CBC13-5C23-4C13-8B25-A1EEB57F2C0D}: [DhcpNameServer] 192.168.1.130 218.248.241.3 8.8.8.8
Tcpip\..\Interfaces\{ED0663E9-8FFD-4059-A5A6-DAE40C78D32C}: [DhcpNameServer] 192.168.1.130 218.248.241.3

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
BHO: Tensons.Application.DownloadAcceleratorManager.BHO -> {00000003-1118-11da-8cd6-0800200c9888} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-04] (AO Kaspersky Lab)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-04] (AO Kaspersky Lab)
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552
FF Homepage: C:\\Users\\SD\\Desktop\\My home page.html
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_204.dll [2016-03-25] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @alternatiff.com/AlternaTIFF -> C:\Program Files\MIE\AlternaTIFF\npzzatif.dll [2015-05-22] (Medical Informatics Engineering, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> D:\Programs on D\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> D:\Programs on D\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1435187640-4071721805-2113652602-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\SD\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1435187640-4071721805-2113652602-1000: @talk.google.com/O1DPlugin -> C:\Users\SD\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1435187640-4071721805-2113652602-1000: @tools.google.com/Google Update;version=3 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-1435187640-4071721805-2113652602-1000: @tools.google.com/Google Update;version=9 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\SD\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\SD\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: DownThemAll! - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-17]
FF Extension: WOT - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-17]
FF Extension: Flash and Video Download - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-03-23]
FF Extension: FlashGot - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-04-06]
FF Extension: NoScript - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-06]
FF Extension: Zotero - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\extensions\zotero@chnm.gmu.edu.xpi [2016-04-06]
FF Extension: Video DownloadHelper - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-07]
FF Extension: Adblock Plus - C:\Users\SD\AppData\Roaming\Mozilla\Firefox\Profiles\s7j5cgli.default-1391063854552\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-29]
FF HKLM\...\Firefox\Extensions: [wcapturex@deskperience.com] - D:\Programs on D\WordWeb\WCaptureMoz
FF Extension: WordWeb one-click lookup - D:\Programs on D\WordWeb\WCaptureMoz [2013-11-26] [not signed]
FF HKLM\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-04-08]

Chrome:
=======
CHR HomePage: Profile 1 -> hxxps://www.google.co.in/
CHR Profile: C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-21]
CHR Extension: (Kaspersky Protection) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-12-16]
CHR Extension: (YouTube) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-06]
CHR Extension: (Replace New Tab Page) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkhddihkmmiiclaipbaaelfojkmlkja [2015-01-15]
CHR Extension: (Google Search) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-05-15]
CHR Extension: (Zotero Connector) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2015-03-15]
CHR Extension: (Google Sheets) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (AdBlock) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-10]
CHR Extension: (Kindle Cloud Reader) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-07-26]
CHR Extension: (Speed Dial 2) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2015-11-12]
CHR Extension: (Google Scholar Button) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2015-12-18]
CHR Extension: (Video DownloadHelper) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2015-12-17]
CHR Extension: (Save to Pocket) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-10-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Bitdefender QuickScan) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-06-16]
CHR Extension: (Gmail) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
CHR Extension: (Anti-Banner) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-05-15]
CHR Profile: C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-15]
CHR Extension: (Google Drive) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-15]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-01-15]
CHR Extension: (YouTube) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-15]
CHR Extension: (Adblock Plus) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (Replace New Tab Page) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnkhddihkmmiiclaipbaaelfojkmlkja [2016-01-15]
CHR Extension: (Google Search) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-15]
CHR Extension: (Kaspersky Protection) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-04-08]
CHR Extension: (Zotero Connector) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2016-03-17]
CHR Extension: (Google Docs Offline) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-18]
CHR Extension: (Kindle Cloud Reader) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2016-01-15]
CHR Extension: (Speed Dial 2) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-01-15]
CHR Extension: (Google Scholar Button) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2016-04-05]
CHR Extension: (Save to Pocket) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-04-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Bitdefender QuickScan) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2016-01-15]
CHR Extension: (Gmail) - C:\Users\SD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-15]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\SD\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-11-04]

Opera:
=======
OPR Extension: (Gantt) - C:\Users\SD\AppData\Roaming\Opera Software\Opera Stable\Extensions\maeombkgfpjdnjkhohbjachnnmpbipol [2014-02-01]
StartMenuInternet: (HKLM) OperaStable - D:\Programs on D\Opera\Launcher.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-04] (Kaspersky Lab ZAO)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [36240 2016-02-26] (Box, Inc.)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
R2 Everything; D:\Programs on D\Everything\Everything.exe [1048576 2014-08-06] () [File not signed]
R2 GoogleInputService; C:\Program Files\Google\Google Input Tools\GoogleInputService.exe [164888 2016-01-26] (Google Inc)
R2 HNagent; D:\Programs on D\AtempoLiveNavigator\bin\HNagent.exe [6847824 2014-10-01] ()
S4 MBAMScheduler; D:\Programs on D\Malwarebytes' Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; D:\Programs on D\Malwarebytes' Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S4 msvsmon90; D:\Programs on D\VisualStudio9\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3004416 2007-11-07] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; D:\Programs on D\NitroPDF\NitroPDFReaderDriverService3.exe [196624 2013-07-26] (Nitro PDF Software)
R2 NVWMI; C:\Windows\system32\nvwmi.exe [2216136 2015-11-05] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [201912 2015-07-06] (Kaspersky Lab ZAO)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2010-03-23] (Cisco Systems, Inc.) [File not signed]
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [219352 2009-06-05] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [153784 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [46776 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [58224 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [66976 2016-04-08] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [147328 2015-12-04] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [44728 2015-12-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [776088 2016-04-08] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [33976 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [37048 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [38072 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [39304 2015-12-04] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [87736 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [156856 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-03-25] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
S3 RICOH SmartCard Reader; C:\Windows\System32\DRIVERS\rismc32.sys [49152 2009-07-20] (RICOH Company, Ltd.)
R3 rismc32; C:\Windows\System32\DRIVERS\rismc32.sys [49152 2009-07-20] (RICOH Company, Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-15 22:50 - 2016-04-15 22:51 - 00028841 _____ C:\Users\SD\Desktop\FRST.txt
2016-04-14 22:12 - 2016-04-14 22:08 - 00891392 _____ (Farbar) C:\Users\SD\Desktop\MiniToolBox.exe
2016-04-14 22:12 - 2016-04-14 22:07 - 03670016 _____ C:\Users\SD\Desktop\AdwCleaner.exe
2016-04-14 22:11 - 2016-04-15 22:09 - 00000000 ____D C:\Users\SD\Desktop\Bleeping Computer Logs
2016-04-14 15:50 - 2016-04-15 22:50 - 00000000 ____D C:\FRST
2016-04-14 15:50 - 2016-04-14 15:50 - 01725952 _____ (Farbar) C:\Users\SD\Desktop\FRST.exe
2016-04-09 17:46 - 2016-04-09 17:48 - 00000000 ____D C:\drvrtmp
2016-04-09 14:21 - 2009-03-31 13:58 - 00252544 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2016-04-09 14:21 - 2006-01-12 14:52 - 00001904 ____N C:\Windows\system32\SetupBD.din
2016-04-08 15:45 - 2016-04-08 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-04-08 15:40 - 2016-04-08 15:51 - 00776088 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-04-08 15:40 - 2015-12-04 08:31 - 00147328 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-04-08 15:40 - 2015-12-04 08:31 - 00044728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-04-07 10:49 - 2016-04-07 10:49 - 00413777 _____ C:\Users\SD\Desktop\047480.full.pdf
2016-04-07 00:01 - 2016-04-07 00:01 - 00000000 ____D C:\Program Files\KeePass Password Safe 2
2016-04-06 23:59 - 2016-04-06 23:59 - 00000000 ___RD C:\Program Files\Skype
2016-04-06 23:59 - 2016-04-06 23:59 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-04-06 23:57 - 2016-04-06 23:57 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2016-04-06 23:56 - 2016-04-06 23:56 - 00000000 ____D C:\Program Files\Foxit Software
2016-04-06 23:52 - 2016-04-06 23:52 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2016-04-06 23:51 - 2016-04-06 23:51 - 00000847 _____ C:\Users\SD\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2016-04-06 23:48 - 2016-04-06 23:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-06 19:34 - 2016-04-06 19:35 - 00000000 ____D C:\Users\SD\Desktop\BS MS THESIS EVALS_Last Date_21Apr
2016-04-06 15:06 - 2016-04-06 15:06 - 04343964 _____ C:\Users\SD\Desktop\The Outsider_Albert Camus_Bangla Translation.pdf
2016-03-31 16:06 - 2016-03-31 16:06 - 00000000 ____D C:\Users\Public\Documents\sun
2016-03-28 11:20 - 2016-03-28 11:20 - 00182784 _____ C:\Windows\Minidump\032816-29250-01.dmp
2016-03-24 09:41 - 2016-03-24 09:41 - 00000000 ____D C:\Program Files\Common Files\Java
2016-03-21 21:15 - 2016-03-21 21:15 - 00213254 _____ C:\Users\SD\Documents\cc_20160321_211501.reg
2016-03-20 14:23 - 2016-03-20 14:23 - 00000000 ____D C:\Users\SD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-18 16:05 - 2016-04-09 15:09 - 00000000 ____D C:\Users\SD\Desktop\Techno Babble_Download Mantra

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-15 22:48 - 2014-10-29 20:43 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000UA.job
2016-04-15 22:48 - 2013-11-26 17:41 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-15 22:30 - 2013-11-26 18:30 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-04-15 22:29 - 2009-07-14 10:04 - 00032224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-15 22:29 - 2009-07-14 10:04 - 00032224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-15 22:22 - 2013-11-27 21:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-15 22:07 - 2015-06-16 14:56 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000UA.job
2016-04-15 22:04 - 2015-09-23 16:17 - 00000540 _____ C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job
2016-04-15 22:02 - 2014-08-03 21:11 - 00000000 ____D C:\Users\SD\AppData\Roaming\stickies
2016-04-15 22:02 - 2013-11-26 18:33 - 00000000 ____D C:\Users\SD\.rainlendar2
2016-04-15 22:02 - 2013-11-26 17:41 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-15 22:02 - 2009-07-14 10:23 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-15 10:43 - 2014-10-29 20:43 - 00000844 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000Core.job
2016-04-15 10:07 - 2015-06-16 14:56 - 00000854 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000Core.job
2016-04-14 22:34 - 2013-12-10 20:43 - 00000000 ____D C:\Users\SD\AppData\Roaming\Nitro PDF
2016-04-14 22:16 - 2014-07-24 21:42 - 00000000 ____D C:\AdwCleaner
2016-04-14 22:13 - 2010-11-21 02:31 - 00847598 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-14 22:13 - 2009-07-14 08:07 - 00000000 ____D C:\Windows\inf
2016-04-14 15:34 - 2009-07-14 08:07 - 00000000 ____D C:\Windows\system32\NDF
2016-04-14 14:53 - 2015-08-29 15:32 - 00000000 ____D C:\Users\SD\AppData\Local\Box Sync
2016-04-14 14:45 - 2013-11-26 19:34 - 00000000 ____D C:\Users\SD\AppData\Roaming\Dropbox
2016-04-14 14:30 - 2015-03-24 12:53 - 00482552 _____ C:\Windows\ntbtlog.txt
2016-04-09 14:20 - 2014-04-24 10:04 - 00000000 ____D C:\SWSETUP
2016-04-09 10:06 - 2015-03-18 21:24 - 00000000 ____D C:\Users\SD\AppData\Local\CrashDumps
2016-04-09 09:56 - 2013-11-27 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M_Security Related
2016-04-08 17:24 - 2013-11-26 18:19 - 00000000 ____D C:\Users\SD\Desktop\All Shortcuts
2016-04-08 16:38 - 2013-11-26 17:28 - 00000000 ____D C:\Users\SD\AppData\Local\ElevatedDiagnostics
2016-04-08 15:51 - 2015-06-06 08:48 - 00066976 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2016-04-08 15:44 - 2013-11-26 18:30 - 00000000 ____D C:\Program Files\Kaspersky Lab
2016-04-08 14:58 - 2013-11-26 18:10 - 00000000 ____D C:\Users\SD\AppData\Roaming\WinPatrol
2016-04-07 14:19 - 2013-11-26 19:28 - 00000000 ____D C:\Users\SD\AppData\Roaming\Foxit Software
2016-04-07 10:30 - 2013-11-26 18:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-07 00:18 - 2014-05-26 15:45 - 00000000 ____D C:\Program Files\Secunia
2016-04-07 00:10 - 2013-11-27 11:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M_Browsers
2016-04-07 00:09 - 2013-11-27 11:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M_Readers
2016-04-07 00:06 - 2013-11-26 18:10 - 00000000 ____D C:\ProgramData\InstallMate
2016-04-07 00:05 - 2014-11-15 11:28 - 00000000 ____D C:\Users\SD\AppData\Roaming\Skype
2016-04-07 00:00 - 2014-11-15 11:28 - 00000000 ____D C:\ProgramData\Skype
2016-04-06 23:59 - 2014-11-15 11:28 - 00000000 ____D C:\Users\SD\AppData\Local\Skype
2016-04-06 23:48 - 2013-11-27 21:46 - 00000000 ____D C:\Windows\system32\Macromed
2016-04-06 23:40 - 2013-11-27 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M_Scientific
2016-04-06 23:39 - 2013-11-27 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M_Office Suites
2016-04-06 23:35 - 2013-11-27 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M_Utilities
2016-04-06 10:19 - 2013-11-26 17:41 - 00118168 _____ C:\Users\SD\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-06 09:50 - 2009-07-14 10:03 - 00436952 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-02 19:43 - 2013-11-27 10:44 - 00000000 ____D C:\Users\SD\AppData\Roaming\vlc
2016-03-28 17:22 - 2015-04-17 00:39 - 00020122 _____ C:\Users\SD\Desktop\disc_24-03-2014.txt
2016-03-28 11:20 - 2015-03-23 15:10 - 00000000 ____D C:\Windows\Minidump
2016-03-28 11:19 - 2015-03-23 15:10 - 340010627 _____ C:\Windows\MEMORY.DMP
2016-03-25 15:32 - 2015-03-11 10:07 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-25 12:22 - 2013-11-27 21:46 - 00801984 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-03-25 12:22 - 2013-11-27 21:46 - 00143040 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-03-24 18:02 - 2015-04-10 13:34 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-24 10:29 - 2013-11-26 22:47 - 00000000 ____D C:\Users\SD\AppData\Roaming\RStudio
2016-03-24 10:29 - 2013-11-26 22:21 - 00000000 ____D C:\Users\SD\AppData\Local\RStudio-Desktop
2016-03-24 09:43 - 2013-11-26 19:22 - 00000000 ____D C:\ProgramData\Oracle
2016-03-24 09:40 - 2015-09-11 16:01 - 00000000 ____D C:\Users\SD\.oracle_jre_usage
2016-03-24 09:38 - 2014-10-17 01:23 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-03-24 09:37 - 2014-10-17 01:23 - 00000000 ____D C:\Program Files\Java
2016-03-16 11:11 - 2013-11-26 14:38 - 00000000 ____D C:\Users\SD

==================== Files in the root of some directories =======

2014-12-06 20:43 - 2014-12-06 20:43 - 1330121 _____ () C:\Users\SD\AppData\Local\53E9472D_stp.CIS
2014-08-16 14:28 - 2014-08-16 14:28 - 0188748 _____ () C:\Users\SD\AppData\Local\ars.cache
2014-08-16 14:28 - 2014-08-16 14:28 - 0346459 _____ () C:\Users\SD\AppData\Local\census.cache
2014-08-16 13:37 - 2014-08-16 13:37 - 0000036 _____ () C:\Users\SD\AppData\Local\housecall.guid.cache
2014-05-11 20:52 - 2014-05-11 20:52 - 0000350 _____ () C:\Users\SD\AppData\Local\psppirerc
2015-07-19 15:14 - 2015-07-19 15:14 - 0000907 _____ () C:\Users\SD\AppData\Local\recently-used.xbel
2014-08-16 14:16 - 2014-08-16 14:16 - 0000010 _____ () C:\Users\SD\AppData\Local\sponge.last.runtime.cache
2015-03-30 09:33 - 2015-03-30 09:37 - 0000000 _____ () C:\Users\SD\AppData\Local\{FE477C15-EB29-4FB4-B656-DD5B899261CF}

Some files in TEMP:
====================
C:\Users\SD\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\SD\AppData\Local\Temp\HitmanPro.exe
C:\Users\SD\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\SD\AppData\Local\Temp\libeay32.dll
C:\Users\SD\AppData\Local\Temp\msvcr120.dll
C:\Users\SD\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-15 09:34

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:13-04-2016
Ran by SD (2016-04-15 22:51:39)
Running from C:\Users\SD\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2013-11-26 09:08:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1435187640-4071721805-2113652602-500 - Administrator - Disabled)
Guest (S-1-5-21-1435187640-4071721805-2113652602-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1435187640-4071721805-2113652602-1005 - Limited - Enabled)
SD (S-1-5-21-1435187640-4071721805-2113652602-1000 - Administrator - Enabled) => C:\Users\SD

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.204 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM\...\{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
Amazon Kindle (HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Amazon Kindle) (Version:  - Amazon)
Any Video Converter 5.5.9 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Areca (HKLM\...\Areca) (Version:  - )
Atempo Live Navigator (HKLM\...\{332942D4-D972-48E8-AAF3-6A93F0C35706}) (Version: 3.2.15268 - Atempo)
Autorun Eater v2.6 (HKLM\...\Autorun Eater_is1) (Version: 2.6 - Old McDonald's Farm)
Avro Keyboard 5.5.0 (HKLM\...\Avro Keyboard_is1) (Version: 5.5.0 - OmicronLab)
Box Sync (HKLM\...\{C23C4679-DCB8-40E8-86BD-DB990A3599AD}) (Version: 4.0.7318.0 - Box, Inc.)
Box Sync (Version: 4.0.6567.0 - Box Inc.) Hidden
BRB-ArrayTools (HKLM\...\{1CA1C22B-358A-42CA-A1E0-B63D9132A0F8}) (Version: 4.4.0.0 - National Cancer Institute Biometric Research Branch)
BRB-CGHTools (HKLM\...\{3F217A19-4BCB-47F6-9AF7-CC0576C9B055}) (Version: 1.3.2 - National Cancer Institute Biometric Research Branch)
Bullzip PDF Printer 10.2.0.2141 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.2.0.2141 - Bullzip)
Canon Utilities CameraWindow DC 8 (HKLM\...\CameraWindowDC) (Version: 8.8.0.17 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}) (Version: 5.0.6 - Cisco Systems, Inc.)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
Crystal Reports Basic for Visual Studio 2008 (HKLM\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
DjVu Solo 3.1 (HKLM\...\DjVu Solo 3.1) (Version:  - )
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
Download Accelerator Manager (HKLM\...\Download Accelerator Manager) (Version: 4.5.47 - )
Dropbox (HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Effect Size Generator 2.3 (HKLM\...\Effect_Size_Generator_2.2) (Version:  - )
EndNote X3 (HKLM\...\{86B3F2D6-AC2B-4E88-8AE1-F2F77F781B0C}) (Version: 13.0.0.4094 - Thomson Reuters)
Enthought Canopy (32-bit) (HKLM\...\{7C13AA42-1B81-4C70-963D-D2772F8D7F33}) (Version: 1.2.0.123 - Enthought, Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Everything 1.3.4.686 (x86) (HKLM\...\Everything) (Version:  - )
Exact Audio Copy 1.0beta3 (HKLM\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
FastStone Image Viewer 4.9 (HKLM\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)
FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Flashnote 4.6 (HKLM\...\Flashnote) (Version: 4.6 - Tiushkov Nikolay)
foobar2000 v1.3.7 (HKLM\...\foobar2000) (Version: 1.3.7 - Peter Pawlowski)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
FreeFileSync 6.12 (HKLM\...\FreeFileSync_is1) (Version: 6.12 - www.FreeFileSync.org)
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
GOM Player (HKLM\...\GOM Player) (Version: 2.2.77.5240 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 50.0.2661.75 - Google Inc.)
Google Drive (HKLM\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Input Bengali (HKLM\...\GoogleInputBengali) (Version:  - Google Inc.)
Google Input Tools (HKLM\...\GoogleInputFramework) (Version:  - Google Inc.)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
HandBrake 0.9.9.1 (HKLM\...\HandBrake) (Version: 0.9.9.1 - )
HP Deskjet 3540 series Basic Device Software (HKLM\...\{4BD528D2-7E50-4FE4-BBB2-D8E66F970991}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
IBM SPSS Statistics 21 (HKLM\...\{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}) (Version: 21.0.0.0 - IBM Corp)
iDailyDiary 3.85 (HKLM\...\iDailyDiary_is1) (Version:  - Splinterware Software Solutions)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 14.2 - Intel)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
JAGS 3.4.0 (HKLM\...\JAGS-3.4.0) (Version: 3.4.0 - JAGS)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Kaspersky Internet Security (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (Version: 16.0.0.614 - Kaspersky Lab) Hidden
KeePass Password Safe 1.30 (HKLM\...\KeePass Password Safe_is1) (Version: 1.30 - Dominik Reichl)
KeePass Password Safe 2.32 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.32 - Dominik Reichl)
KeepNote 0.7.8 (HKLM\...\KeepNote_is1) (Version:  - Matt Rasmussen)
K-Lite Mega Codec Pack 12.0.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.0.5 - KLCP)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MATLAB R2010a (HKLM\...\MatlabR2010a) (Version: 7.10 - The MathWorks, Inc.)
MATLAB R2015b (HKLM\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Microsoft .NET Compact Framework 2.0 SP2 (HKLM\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Application Compatibility Toolkit 5.6 (HKLM\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft Device Emulator version 3.0 - ENU (HKLM\...\{B32E7732-B2FB-3FD0-81AC-6025B1104C66}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 for Devices ENU (HKLM\...\{241F2BF7-69EB-42A4-9156-96B2426C7504}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Professional Edition - ENU (HKLM\...\Microsoft Visual Studio 2008 Professional Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{05EC21B8-4593-3037-A781-A6B5AFFCB19D}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{842FAF7C-50EF-4463-9B8F-6222E1384D7D}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{64c5b887-b5ee-42b8-8596-78905a6b5f1f}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{B268E9A1-04A9-40D0-9866-846BE2B74BA7}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Firefox 44.0.2 (x86 en-US) (HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Firefox 45.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 45.0.1 (x86 en-US)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
NetLogo 5.0.4 (HKLM\...\5730-6571-9917-5170) (Version: 5.0.4 - )
Nitro Reader 3 (HKLM\...\{F5451D00-B448-4E9A-82DC-1929F4F1910D}) (Version: 3.5.6.5 - Nitro)
Notepad++ (HKLM\...\Notepad++) (Version: 6.9 - Notepad++ Team)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.6128 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation)
NVIDIA WMI 2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.18.0 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
OpenStat version 2.0 (HKLM\...\{1C6D7856-B7F4-4483-8B47-20199F1CF224}_is1) (Version: 2.0 - WGM Consulting)
Opera Stable 36.0.2130.46 (HKLM\...\Opera 36.0.2130.46) (Version: 36.0.2130.46 - Opera Software)
Oracle VM VirtualBox 4.3.4 (HKLM\...\{867E903E-9EB4-4B3A-A7C8-E556E5C996ED}) (Version: 4.3.4 - Oracle Corporation)
Origin 8.5.1 (Version: 8.51.00 - OriginLab) Hidden
OriginPro 8.5.1 (HKLM\...\{E1294D19-6193-4EC2-A077-6571012BDE5B}) (Version: 8.5.1 - OriginLab Corporation)
PopGene.S2 (HKLM\...\{462EEFCF-11A5-49E7-A5AC-C1871CDC2F09}) (Version: 1.0.0 - PopGene)
PSPP (HKLM\...\PSPP) (Version: 0.8.3 - Free Software Foundation, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
PyQt4 - PyQwt5 5.2.1-5 (HKLM\...\PyQt4 - PyQwt5 5.2.1-5) (Version: 5.2.1-5 - pythonxy.com)
PyQt4 - QtHelp 4.8.4-2 (HKLM\...\PyQt4 - QtHelp 4.8.4-2) (Version: 4.8.4-2 - pythonxy.com)
Python 2.7 - astropy 0.2.4-1 (HKLM\...\Python 2.7 - astropy 0.2.4-1) (Version: 0.2.4-1 - pythonxy)
Python 2.7 - babel 1.3-2 (HKLM\...\Python 2.7 - babel 1.3-2) (Version: 1.3-2 - pythonxy)
Python 2.7 - base_libraries 1.4.0-9 (HKLM\...\Python 2.7 - base_libraries 1.4.0-9) (Version: 1.4.0-9 - pythonxy)
Python 2.7 - base_python 1.7.1-14 (HKLM\...\Python 2.7 - base_python 1.7.1-14) (Version: 1.7.1-14 - pythonxy)
Python 2.7 - BeautifulSoup4 4.3.1-1 (HKLM\...\Python 2.7 - BeautifulSoup4 4.3.1-1) (Version: 4.3.1-1 - pythonxy)
Python 2.7 - bottleneck 0.7.0-2 (HKLM\...\Python 2.7 - bottleneck 0.7.0-2) (Version: 0.7.0-2 - pythonxy)
Python 2.7 - cffi 0.7.2-3 (HKLM\...\Python 2.7 - cffi 0.7.2-3) (Version: 0.7.2-3 - pythonxy)
Python 2.7 - cvxopt 1.1.6-1 (HKLM\...\Python 2.7 - cvxopt 1.1.6-1) (Version: 1.1.6-1 - pythonxy)
Python 2.7 - cx_Freeze 4.3.1-1 (HKLM\...\Python 2.7 - cx_Freeze 4.3.1-1) (Version: 4.3.1-1 - pythonxy.com)
Python 2.7 - Cython 0.19.1-7 (HKLM\...\Python 2.7 - Cython 0.19.1-7) (Version: 0.19.1-7 - pythonxy)
Python 2.7 - docutils 0.11-2 (HKLM\...\Python 2.7 - docutils 0.11-2) (Version: 0.11-2 - pythonxy)
Python 2.7 - EnthoughtToolSuite 4.3.0-3 (HKLM\...\Python 2.7 - EnthoughtToolSuite 4.3.0-3) (Version: 4.3.0-3 - pythonxy)
Python 2.7 - fabric 1.8.0-1 (HKLM\...\Python 2.7 - fabric 1.8.0-1) (Version: 1.8.0-1 - pythonxy)
Python 2.7 - formlayout 1.0.15-3 (HKLM\...\Python 2.7 - formlayout 1.0.15-3) (Version: 1.0.15-3 - pythonxy)
Python 2.7 - freeimage 3.6.0-3 (HKLM\...\Python 2.7 - freeimage 3.6.0-3) (Version: 3.6.0-3 - pythonxy)
Python 2.7 - gdal 1.9.2-2 (HKLM\...\Python 2.7 - gdal 1.9.2-2) (Version: 1.9.2-2 - pythonxy.com)
Python 2.7 - gevent 1.0.0-2 (HKLM\...\Python 2.7 - gevent 1.0.0-2) (Version: 1.0.0-2 - pythonxy)
Python 2.7 - Gnuplot 1.8.0.3 (HKLM\...\Python 2.7 - Gnuplot 1.8.0.3) (Version: 1.8.0.3 - pythonxy.com)
Python 2.7 - guidata 1.6.1-2 (HKLM\...\Python 2.7 - guidata 1.6.1-2) (Version: 1.6.1-2 - pythonxy)
Python 2.7 - guiqwt 2.3.1-4 (HKLM\...\Python 2.7 - guiqwt 2.3.1-4) (Version: 2.3.1-4 - pythonxy)
Python 2.7 - h5py 2.2.0-4 (HKLM\...\Python 2.7 - h5py 2.2.0-4) (Version: 2.2.0-4 - pythonxy)
Python 2.7 - html5lib 0.99-1 (HKLM\...\Python 2.7 - html5lib 0.99-1) (Version: 0.99-1 - pythonxy)
Python 2.7 - IPython 1.1.0-3 (HKLM\...\Python 2.7 - IPython 1.1.0-3) (Version: 1.1.0-3 - pythonxy)
Python 2.7 - itk 4.4.1-3 (HKLM\...\Python 2.7 - itk 4.4.1-3) (Version: 4.4.1-3 - pythonxy)
Python 2.7 - jinja2 2.7.1-2 (HKLM\...\Python 2.7 - jinja2 2.7.1-2) (Version: 2.7.1-2 - pythonxy)
Python 2.7 - lxml 3.2.3-7 (HKLM\...\Python 2.7 - lxml 3.2.3-7) (Version: 3.2.3-7 - pythonxy)
Python 2.7 - mahotas 1.0.2-6 (HKLM\...\Python 2.7 - mahotas 1.0.2-6) (Version: 1.0.2-6 - pythonxy)
Python 2.7 - matplotlib 1.3.0-2 (HKLM\...\Python 2.7 - matplotlib 1.3.0-2) (Version: 1.3.0-2 - pythonxy)
Python 2.7 - mdp 3.3.0.1 (HKLM\...\Python 2.7 - mdp 3.3.0.1) (Version: 3.3.0.1 - pythonxy.com)
Python 2.7 - mx 3.2.6-2 (HKLM\...\Python 2.7 - mx 3.2.6-2) (Version: 3.2.6-2 - pythonxy)
Python 2.7 - netcdf4 1.0.5-2 (HKLM\...\Python 2.7 - netcdf4 1.0.5-2) (Version: 1.0.5-2 - pythonxy)
Python 2.7 - networkx 1.8.1-1 (HKLM\...\Python 2.7 - networkx 1.8.1-1) (Version: 1.8.1-1 - pythonxy)
Python 2.7 - nose 1.3.0-2 (HKLM\...\Python 2.7 - nose 1.3.0-2) (Version: 1.3.0-2 - pythonxy)
Python 2.7 - numexpr 2.2.2-4 (HKLM\...\Python 2.7 - numexpr 2.2.2-4) (Version: 2.2.2-4 - pythonxy)
Python 2.7 - numpy 1.7.1-3 (HKLM\...\Python 2.7 - numpy 1.7.1-3) (Version: 1.7.1-3 - pythonxy)
Python 2.7 - OpenCV 2.4.6.1-3 (HKLM\...\Python 2.7 - OpenCV 2.4.6.1-3) (Version: 2.4.6.1-3 - pythonxy)
Python 2.7 - openpyxl 1.6.2-2 (HKLM\...\Python 2.7 - openpyxl 1.6.2-2) (Version: 1.6.2-2 - pythonxy)
Python 2.7 - pandas 0.12.0-7 (HKLM\...\Python 2.7 - pandas 0.12.0-7) (Version: 0.12.0-7 - pythonxy)
Python 2.7 - paramiko 1.12.0-4 (HKLM\...\Python 2.7 - paramiko 1.12.0-4) (Version: 1.12.0-4 - pythonxy)
Python 2.7 - patsy 0.2.1-1 (HKLM\...\Python 2.7 - patsy 0.2.1-1) (Version: 0.2.1-1 - pythonxy)
Python 2.7 - PIL 2.2.1-4 (HKLM\...\Python 2.7 - PIL 2.2.1-4) (Version: 2.2.1-4 - pythonxy)
Python 2.7 - pip 1.4.1-4 (HKLM\...\Python 2.7 - pip 1.4.1-4) (Version: 1.4.1-4 - pythonxy)
Python 2.7 - ply 3.4 (HKLM\...\Python 2.7 - ply 3.4) (Version: 3.4 - pythonxy.com)
Python 2.7 - pp 1.6.4-3 (HKLM\...\Python 2.7 - pp 1.6.4-3) (Version: 1.6.4-3 - pythonxy.com)
Python 2.7 - psutil 1.1.0-4 (HKLM\...\Python 2.7 - psutil 1.1.0-4) (Version: 1.1.0-4 - pythonxy)
Python 2.7 - py2exe 0.6.9 (HKLM\...\Python 2.7 - py2exe 0.6.9) (Version: 0.6.9 - pythonxy.com)
Python 2.7 - pycparser 2.10-2 (HKLM\...\Python 2.7 - pycparser 2.10-2) (Version: 2.10-2 - pythonxy)
Python 2.7 - pycrypto 2.6-1 (HKLM\...\Python 2.7 - pycrypto 2.6-1) (Version: 2.6-1 - pythonxy)
Python 2.7 - PycURL 7.19.0-2 (HKLM\...\Python 2.7 - PycURL 7.19.0-2) (Version: 7.19.0-2 - pythonxy)
Python 2.7 - pydicom 0.9.8-2 (HKLM\...\Python 2.7 - pydicom 0.9.8-2) (Version: 0.9.8-2 - pythonxy.com)
Python 2.7 - pygame 1.9.2-2 (HKLM\...\Python 2.7 - pygame 1.9.2-2) (Version: 1.9.2-2 - pythonxy)
Python 2.7 - pygments 1.6-1 (HKLM\...\Python 2.7 - pygments 1.6-1) (Version: 1.6-1 - pythonxy.com)
Python 2.7 - pygraphviz 1.3-2 (HKLM\...\Python 2.7 - pygraphviz 1.3-2) (Version: 1.3-2 - pythonxy)
Python 2.7 - pyhdf 0.8.3-2 (HKLM\...\Python 2.7 - pyhdf 0.8.3-2) (Version: 0.8.3-2 - pythonxy)
Python 2.7 - PyICU 1.5-1 (HKLM\...\Python 2.7 - PyICU 1.5-1) (Version: 1.5-1 - pythonxy.com)
Python 2.7 - pylint 1.0.0-6 (HKLM\...\Python 2.7 - pylint 1.0.0-6) (Version: 1.0.0-6 - pythonxy)
Python 2.7 - pyodbc 3.0.7-1 (HKLM\...\Python 2.7 - pyodbc 3.0.7-1) (Version: 3.0.7-1 - pythonxy)
Python 2.7 - PyOpenGL 3.0.2-3 (HKLM\...\Python 2.7 - PyOpenGL 3.0.2-3) (Version: 3.0.2-3 - pythonxy)
Python 2.7 - pyparallel 0.2.0.1 (HKLM\...\Python 2.7 - pyparallel 0.2.0.1) (Version: 0.2.0.1 - pythonxy.com)
Python 2.7 - pyparsing 2.0.1-2 (HKLM\...\Python 2.7 - pyparsing 2.0.1-2) (Version: 2.0.1-2 - pythonxy)
Python 2.7 - PyQt4 4.9.6-3 (HKLM\...\Python 2.7 - PyQt4 4.9.6-3) (Version: 4.9.6-3 - pythonxy.com)
Python 2.7 - pyreadline 2.0-1 (HKLM\...\Python 2.7 - pyreadline 2.0-1) (Version: 2.0-1 - pythonxy)
Python 2.7 - pyserial 2.6.0.1 (HKLM\...\Python 2.7 - pyserial 2.6.0.1) (Version: 2.6.0.1 - pythonxy.com)
Python 2.7 - pytables 3.0.0-2 (HKLM\...\Python 2.7 - pytables 3.0.0-2) (Version: 3.0.0-2 - pythonxy)
Python 2.7 - pytest 2.4.2-2 (HKLM\...\Python 2.7 - pytest 2.4.2-2) (Version: 2.4.2-2 - pythonxy)
Python 2.7 - pyvisa 1.4 (HKLM\...\Python 2.7 - pyvisa 1.4) (Version: 1.4 - pythonxy.com)
Python 2.7 - PyWavelets 0.2.2 (HKLM\...\Python 2.7 - PyWavelets 0.2.2) (Version: 0.2.2 - pythonxy.com)
Python 2.7 - pywin32 218-1 (HKLM\...\Python 2.7 - pywin32 218-1) (Version: 218-1 - pythonxy.com)
Python 2.7 - pywinauto 0.4.0 (HKLM\...\Python 2.7 - pywinauto 0.4.0) (Version: 0.4.0 - pythonxy.com)
Python 2.7 - pyyaml 3.10-1 (HKLM\...\Python 2.7 - pyyaml 3.10-1) (Version: 3.10-1 - pythonxy)
Python 2.7 - pyzmq 13.1.0-5 (HKLM\...\Python 2.7 - pyzmq 13.1.0-5) (Version: 13.1.0-5 - pythonxy)
Python 2.7 - reportlab 2.7-1 (HKLM\...\Python 2.7 - reportlab 2.7-1) (Version: 2.7-1 - pythonxy)
Python 2.7 - rst2pdf 0.93-3 (HKLM\...\Python 2.7 - rst2pdf 0.93-3) (Version: 0.93-3 - pythonxy)
Python 2.7 - scikits.image 0.8.2-2 (HKLM\...\Python 2.7 - scikits.image 0.8.2-2) (Version: 0.8.2-2 - pythonxy.com)
Python 2.7 - scikits-learn 0.14.1-4 (HKLM\...\Python 2.7 - scikits-learn 0.14.1-4) (Version: 0.14.1-4 - pythonxy)
Python 2.7 - scipy 0.12.0-2 (HKLM\...\Python 2.7 - scipy 0.12.0-2) (Version: 0.12.0-2 - pythonxy)
Python 2.7 - SendKeys 0.3 (HKLM\...\Python 2.7 - SendKeys 0.3) (Version: 0.3 - pythonxy)
Python 2.7 - setuptools 1.1.6-3 (HKLM\...\Python 2.7 - setuptools 1.1.6-3) (Version: 1.1.6-3 - pythonxy)
Python 2.7 - simplejson 3.3.0-5 (HKLM\...\Python 2.7 - simplejson 3.3.0-5) (Version: 3.3.0-5 - pythonxy)
Python 2.7 - sphinx 1.2-1 (HKLM\...\Python 2.7 - sphinx 1.2-1) (Version: 1.2-1 - pythonxy)
Python 2.7 - spyder 2.2.4-8 (HKLM\...\Python 2.7 - spyder 2.2.4-8) (Version: 2.2.4-8 - pythonxy)
Python 2.7 - sqlalchemy 0.8.2-7 (HKLM\...\Python 2.7 - sqlalchemy 0.8.2-7) (Version: 0.8.2-7 - pythonxy)
Python 2.7 - statsmodels 0.5.0-1 (HKLM\...\Python 2.7 - statsmodels 0.5.0-1) (Version: 0.5.0-1 - pythonxy)
Python 2.7 - sympy 0.7.3-2 (HKLM\...\Python 2.7 - sympy 0.7.3-2) (Version: 0.7.3-2 - pythonxy)
Python 2.7 - tornado 3.1.1-4 (HKLM\...\Python 2.7 - tornado 3.1.1-4) (Version: 3.1.1-4 - pythonxy)
Python 2.7 - uncertainties 2.4.1-7 (HKLM\...\Python 2.7 - uncertainties 2.4.1-7) (Version: 2.4.1-7 - pythonxy)
Python 2.7 - veusz 1.18-5 (HKLM\...\Python 2.7 - veusz 1.18-5) (Version: 1.18-5 - pythonxy)
Python 2.7 - virtualenv 1.10.1-5 (HKLM\...\Python 2.7 - virtualenv 1.10.1-5) (Version: 1.10.1-5 - pythonxy)
Python 2.7 - vitables 2.1.0.3 (HKLM\...\Python 2.7 - vitables 2.1.0.3) (Version: 2.1.0.3 - pythonxy.com)
Python 2.7 - vpython 5.74-1 (HKLM\...\Python 2.7 - vpython 5.74-1) (Version: 5.74-1 - pythonxy.com)
Python 2.7 - vtk 5.10.1-3 (HKLM\...\Python 2.7 - vtk 5.10.1-3) (Version: 5.10.1-3 - pythonxy)
Python 2.7 - winpdb 1.4.8.3 (HKLM\...\Python 2.7 - winpdb 1.4.8.3) (Version: 1.4.8.3 - pythonxy.com)
Python 2.7 - wxPython 2.8.12.1-1 (HKLM\...\Python 2.7 - wxPython 2.8.12.1-1) (Version: 2.8.12.1-1 - pythonxy)
Python 2.7 - xlrd 0.9.2-3 (HKLM\...\Python 2.7 - xlrd 0.9.2-3) (Version: 0.9.2-3 - pythonxy)
Python 2.7 - xlwt 0.7.5-1 (HKLM\...\Python 2.7 - xlwt 0.7.5-1) (Version: 0.7.5-1 - pythonxy)
Python 2.7 - xy 1.3.2-4 (HKLM\...\Python 2.7 - xy 1.3.2-4) (Version: 1.3.2-4 - pythonxy)
Python 2.7.5 (Version: 2.7.5150 - Python Software Foundation) Hidden
Python(x,y) - console 2.0.148-8 (HKLM\...\Python(x,y) - console 2.0.148-8) (Version: 2.0.148-8 - pythonxy.com)
Python(x,y) - gettext 0.14.4.3 (HKLM\...\Python(x,y) - gettext 0.14.4.3) (Version: 0.14.4.3 - pythonxy.com)
Python(x,y) - mingw 4.5.2.3 (HKLM\...\Python(x,y) - mingw 4.5.2.3) (Version: 4.5.2.3 - pythonxy.com)
Python(x,y) - SciTE 3.3.2-3 (HKLM\...\Python(x,y) - SciTE 3.3.2-3) (Version: 3.3.2-3 - pythonxy)
Python(x,y) - swig 2.0.10-2 (HKLM\...\Python(x,y) - swig 2.0.10-2) (Version: 2.0.10-2 - pythonxy)
Python(x,y) - WinMerge 2.12.4.2 (HKLM\...\Python(x,y) - WinMerge 2.12.4.2) (Version: 2.12.4.2 - pythonxy.com)
Python(x,y) - xydoc 1.0.5.1 (HKLM\...\Python(x,y) - xydoc 1.0.5.1) (Version: 1.0.5.1 - pythonxy.com)
Python(x,y) (HKLM\...\Python(x,y)) (Version: 2.7.5.1 - Python(x,y))
Q-Dir (HKLM\...\Q-Dir) (Version:  - )
Qiqqa (HKLM\...\{99AF0582-482B-4E5E-BB11-675354BF5E77}_is1) (Version: 77 - Quantisle Ltd.)
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
R for Windows 3.1.0 (HKLM\...\R for Windows 3.1.0_is1) (Version: 3.1.0 - R Core Team)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
R for Windows 3.2.4 Revised (HKLM\...\R for Windows 3.2.4 Revised_is1) (Version: 3.2.4 Revised - R Core Team)
Rainlendar2 (remove only) (HKLM\...\Rainlendar2) (Version:  - )
ResearchSoft Direct Export Helper (HKLM\...\ResearchSoft Direct Export Helper) (Version:  - )
RICOH Media Driver (HKLM\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.10.00.04 - RICOH)
RStudio (HKLM\...\RStudio) (Version: 0.99.484 - RStudio)
SciDAVis 1.D5 (HKLM\...\SciDAVis) (Version: 1.D5 - )
SigmaPlot 11.0 (HKLM\...\{B1A88375-BAB9-4081-B58F-A137FC6ED2A4}) (Version: 11.0 - Systat Software, Inc.)
Skype™ 7.22 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.108 - Skype Technologies S.A.)
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2C06_hpZ1379z) (Version:  - )
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
StartupMonitor (HKLM\...\{76EFAC4F-1712-401F-B2AE-590B170C9BCE}) (Version: 1.0.2.0 - Mike Lin)
STATISTICA 9.1.210.0 (HKLM\...\{93ac258b-48e2-75fc-8d9c-e8496769386d}) (Version: 9.1.210.0 - StatSoft, Inc.)
Stickies 8.0a (HKLM\...\ZhornStickies) (Version:  - Zhorn Software)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
TableCurve 2D v5.01 (HKLM\...\TableCurve 2D v5.01) (Version:  - )
TableCurve 3D v4.0 (HKLM\...\TableCurve 3D v4.0) (Version:  - )
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
TreeDBNotes 4 (HKLM\...\TreeDBNotes 4) (Version:  - )
UBitMenu UK (HKLM\...\{C8748FFB-1713-4e95-B3DF-4F1622D96F93}_is1) (Version: 01.04 - UBit Schweiz AG)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC Runtimes MSI (Version: 9.0.21022 - Microsoft) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VirtuaWin v4.4 (HKLM\...\VirtuaWin_is1) (Version:  - )
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
wePresent WiPG-1000 (HKLM\...\wePresent WiPG-1000_is1) (Version: 1.2.4.5 - AWIND Inc)
Winamp (HKLM\...\Winamp) (Version: 5.66  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM\...\{6C9F6D23-E9AD-43C9-B43A-011562AAF876}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM\...\{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
WinMerge 2.14.0 (HKLM\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.6.2015.18 - Ruiware)
WinRAR 5.01 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
WinX DVD Ripper 5.6.0 (HKLM\...\WinX DVD Ripper_is1) (Version:  - Digiarty Software, Inc.)
WordWeb (HKLM\...\WordWeb) (Version: 7 - WordWeb Software)
XLSTAT 2010 (HKLM\...\{68B36FA5-E276-4C03-A56C-EC25717E1668}) (Version: 12.2.03 - Addinsoft)
XMind 2013 (v3.4.0) (HKLM\...\XMind_is1) (Version: 3.4.0.201311050558 - XMind Ltd.)
Zim Desktop Wiki (HKLM\...\Zim Desktop Wiki) (Version:  - )
Zotero Standalone 4.0.20 (x86 en-US) (HKLM\...\Zotero Standalone 4.0.20 (x86 en-US)) (Version: 4.0.20 - Zotero)
Zotero Standalone 4.0.28 (x86 en-US) (HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\...\Zotero Standalone 4.0.28 (x86 en-US)) (Version: 4.0.28 - Zotero)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\SD\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{05187161-5C36-4324-A734-22BF37509F2D}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfTheoraDecoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{05A1D945-A794-44EF-B41A-2F851A117155}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfVorbisDecoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\SD\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{121EA765-6D3F-4519-9686-A0BA6E5281A2}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfTheoraEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{1F3EFFE4-0E70-47C7-9C48-05EB99E20011}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfOggMux.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{2F234A01-A4EB-4EAB-A130-A13C97953F0B}\localserver32 -> D:\Programs on D\OriginLab\Origin851\Origin85.exe (OriginLab Corporation)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\SD\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{3376086C-D6F9-4CE4-8B89-33CD570106B5}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfFLACDecoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\SD\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{5C769985-C3E1-4F95-BEE7-1101C465F5FC}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfTheoraEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{5C94FE86-B93B-467F-BFC3-BD6C91416F9B}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfVorbisEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{61F6D8A0-2863-11D0-BBB6-00409512C43D}\localserver32 -> D:\Programs on D\OriginLab\Origin851\Origin85.exe (OriginLab Corporation)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfNativeFLACSource.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{7036C2FE-A209-464C-97AB-95B9260EDBF7}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfSpeexEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{7605E26C-DE38-4B82-ADD8-FE2568CC0B25}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfSpeexDecoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{77E3A6A3-2A24-43FA-B929-00747E4B560B}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfFLACEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{7CC95AE6-C1FA-40CC-AB17-3E91DA2F77CA}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\AxPlayer.dll (Xiph.Org)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\SD\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\SD\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{9FE89513-7A1C-4229-8DF1-AB272A668E52}\localserver32 -> D:\Programs on D\OriginLab\Origin851\Origin85.exe (OriginLab Corporation)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{A538F05F-DC08-4BF9-994F-18A86CCA6CC4}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfVorbisEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\SD\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{B0F21977-8AAB-4632-A73D-528B909C5663}\localserver32 -> D:\Programs on D\OriginLab\Origin851\Origin85.exe (OriginLab Corporation)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\SD\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\SD\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{C9361F5A-3282-4944-9899-6D99CDC5370B}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfOggDemux2.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\SD\AppData\Local\Google\Update\1.3.29.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ED3110F0-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\webmmux.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ED3110F3-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\vp8decoder.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ED3110F5-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\vp8encoder.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ED3110F8-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\webmsplit.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ED311102-5211-11DF-94AF-0026B977EEAA}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\vp8encoder.dll (Google)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{ED79AEC0-68AD-4BE6-B06E-B4D3C8101624}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfSpeexEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{EE66A998-4E5C-4E23-A0F3-97C40D87EC48}\InprocServer32 -> C:\Users\SD\AppData\Local\Enthought\opencodecs\x86\dsfFLACEncoder.dll ()
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\SD\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1435187640-4071721805-2113652602-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\SD\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0057E525-0505-4EA9-9B38-6E14A6DB1E37} - System32\Tasks\Opera scheduled Autoupdate 1391229852 => D:\Programs on D\Opera\launcher.exe [2016-03-24] (Opera Software)
Task: {04387A8A-B1AD-4F21-9545-D5EB916AD134} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-25] (Adobe Systems Incorporated)
Task: {04B53A1A-C12E-4FF5-8D60-184ABE28487B} - System32\Tasks\{608BE89A-5B9D-40C0-A925-76B242B507AE} => C:\STAT\STA_WIN.EXE [1995-12-14] ()
Task: {08AD8929-9E7A-4382-8D24-E622CE758ED3} - System32\Tasks\{A6CE1F8C-EB2A-4320-AD1E-27CD6D0EC567} => pcalua.exe -a "D:\Programs on D\DLIDownloader\Uninstall.exe" -d "D:\Programs on D\DLIDownloader"
Task: {17FE5E7B-74FF-402F-94D0-A0CBBB4FC669} - System32\Tasks\{6BEDB762-CBF9-4E77-98F1-CAF58AEDC73C} => C:\STAT\STA_WIN.EXE [1995-12-14] ()
Task: {2426AF32-AD8E-4E19-A36A-C6601E3E40B8} - System32\Tasks\{A1A3F479-C159-4D9F-9045-7BB9C1EC9B73} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {2431F5E8-0B12-4205-ADDD-06DE4A0BEED1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {2E3324AF-D6F0-463E-92FA-3573A83C9B17} - System32\Tasks\{F5BC9529-58D4-4FBE-AC12-BC96C49EAAD0} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {358A1515-76B7-4029-B542-7325DEA04A4E} - System32\Tasks\{D1C665D2-AE1D-4FC6-9DD2-5EB523401A17} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {3B622486-BCE3-4B0A-8DF1-745F972893FC} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2015-11-11] (AO Kaspersky Lab)
Task: {4961C2E6-67C8-4AD3-B45B-640A6E6B7C65} - System32\Tasks\MATLAB R2015b Startup Accelerator => D:\Programs on D\MATLAB_R2015b\bin\win32\MATLABStartupAccelerator.exe [2015-07-30] ()
Task: {50D4F229-5BEC-401B-BF5C-5D799BDF4C9A} - System32\Tasks\{7811F6EC-FE1C-4B83-BE46-422CC076F413} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {52CC46EE-ADB3-40F5-BD22-208CEE972AF9} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000Core => C:\Users\SD\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {53FB695C-720C-471B-AD5D-44014B0ABDEB} - System32\Tasks\{AD0876B4-D39A-4DD8-86B0-BCD69F7EAF0D} => pcalua.exe -a C:\Users\SD\Desktop\vpnclient-win-msi-5.0.07.0290-k9.exe -d C:\Users\SD\Desktop
Task: {5872593A-3CD0-47D7-AFF3-E3327857612C} - System32\Tasks\{92FCA738-36EB-42AD-A7D9-B666A87BAC0E} => E:\DeyAtPune\ResearchRelated\qbasic\QB.EXE [1988-09-28] ()
Task: {5EF67412-CD9C-48C7-BED4-AB6731B2E244} - System32\Tasks\{42D78DDF-602A-407C-BB51-D178536D8748} => msiexec.exe /package "H:\PuneSoftwares_5\Softwares_Scientific\ENDNOTE_official\ENX3Inst.msi"
Task: {6035E747-3828-4C10-8446-174F72704E87} - System32\Tasks\{9BA6AC18-4F97-485F-A275-4E2A5CF99FE2} => C:\STAT\STA_WIN.EXE [1995-12-14] ()
Task: {68AC9B48-149D-4E19-A2C8-7D1C0722F51E} - System32\Tasks\{D39EA1C0-5FE8-49CA-8940-E06AF176B574} => pcalua.exe -a F:\install.exe -d F:\
Task: {6C66C042-D363-42F8-89DE-86D199907E52} - System32\Tasks\{8FE17DE7-D42E-4A8C-866C-AC7D02AC15C4} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {6D19562B-A068-4AA6-9894-CF5CFAD2810C} - System32\Tasks\CCleanerSkipUAC => D:\Programs on D\CCleaner\CCleaner.exe [2016-03-12] (Piriform Ltd)
Task: {7C42C550-9C79-4A2E-81A0-FE8C7CA3F077} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-03-22] ()
Task: {8D4CC7F0-55CD-4124-9071-1939FD999AD8} - System32\Tasks\{72D0F312-E5F1-4D3A-8F18-2FDF97C330C6} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {95C24F6F-4353-41C2-B534-D22335DC48FF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000UA => C:\Users\SD\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {A53A59EF-5F65-4A06-BFEA-83DFF6A8D62A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000Core => C:\Users\SD\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A553968D-B7CA-4FC6-97C1-7ABF9897748E} - System32\Tasks\{8543325E-768C-40AF-B55B-6728574574E3} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {AC69D728-0C06-4D97-86EF-34FA329959BB} - System32\Tasks\{BA0262CE-9EB3-4AA6-91EB-F6B849961DDB} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {B59B09A1-737D-4345-9534-E08E1DED510F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000UA => C:\Users\SD\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B6F99914-A54B-49A6-B7D7-2D4B5D57A617} - System32\Tasks\{F32FD8CA-02C4-42CD-AC14-91CDAD479151} => pcalua.exe -a F:\Softwares\sp45191.exe -d F:\Softwares
Task: {BA0D22DD-914F-4616-A80D-421C39F82F20} - System32\Tasks\{04ECD668-8639-4961-B04E-60B035295D39} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {DA7AEB82-8347-49D2-83E4-70AF76416706} - System32\Tasks\{AC6497A7-358E-4F83-95C1-621210D972E1} => E:\DeyAtPune\ResearchRelated\qbasic\QB.EXE [1988-09-28] ()
Task: {DC135B8B-280E-4F88-93A2-5C234C0FF809} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {E53B4C8C-3F60-468A-9842-A20C161E4257} - System32\Tasks\{07C7D1A3-37A5-4918-90A3-917679C83D7C} => C:\STAT\STA_BAS.EXE [1995-12-14] ()
Task: {EBDD3284-2B27-4038-98AE-E4D9B133A36D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {F569A633-3378-4C3B-BCC3-07D62A26370B} - System32\Tasks\{598F0CC9-8002-43CE-9AAD-F0F4C50CFA5F} => pcalua.exe -a C:\Users\SD\Desktop\Merge7zInstaller0028-465-920.exe -d C:\Users\SD\Desktop
Task: {F8E67D14-5BBC-4ACB-8CAB-E3AB9C1AF71A} - System32\Tasks\{41FDA522-DA87-491F-ABB8-2BD58F2A2EC4} => C:\STAT\STA_BAS.EXE [1995-12-14] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000Core.job => C:\Users\SD\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000UA.job => C:\Users\SD\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000Core.job => C:\Users\SD\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1435187640-4071721805-2113652602-1000UA.job => C:\Users\SD\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job => D:\Programs on D\MATLAB_R2015b\bin\win32\MATLABStartupAccelerator.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-12-17 09:58 - 2015-11-05 21:36 - 02216136 _____ () C:\Windows\system32\nvwmi.exe
2013-12-17 09:57 - 2015-10-13 22:17 - 00113840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-02-02 21:23 - 2013-10-23 15:23 - 00089136 _____ () C:\Windows\System32\cpwmon2k.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Windows\system32\vpnapi.dll
2009-03-13 06:48 - 2014-08-06 06:31 - 01048576 _____ () D:\Programs on D\Everything\Everything.exe
2014-10-01 18:05 - 2014-10-01 18:05 - 06847824 _____ () D:\Programs on D\AtempoLiveNavigator\bin\HNagent.exe
2013-08-08 00:55 - 2013-08-08 00:55 - 00093696 _____ () D:\Programs on D\FileZilla FTP Client\fzshellext.dll
2013-11-26 19:59 - 2011-10-26 17:41 - 00325120 _____ () D:\Programs on D\TeraCopy\TeraCopy.dll
2000-05-20 17:23 - 2000-05-20 17:23 - 00086016 _____ () C:\Windows\StartupMonitor.exe
2013-03-10 23:28 - 2013-03-10 23:28 - 02598496 _____ () D:\Programs on D\Rainlendar2\Rainlendar2.exe
2012-05-17 00:31 - 2012-05-17 00:31 - 00140800 _____ () D:\Programs on D\Rainlendar2\lua52.dll
2013-03-10 23:29 - 2013-03-10 23:29 - 00215648 _____ () D:\Programs on D\Rainlendar2\plugins\iCalendarPlugin.dll
2012-06-17 18:52 - 2012-06-17 18:52 - 00012800 _____ () D:\Programs on D\Rainlendar2\lfs.dll
2013-11-30 22:37 - 2010-04-03 14:05 - 00380928 _____ () D:\Programs on D\Launchy\Launchy.exe
2013-11-30 22:37 - 2009-12-16 23:13 - 08314880 _____ () D:\Programs on D\Launchy\QtGui4.dll
2013-11-30 22:37 - 2009-12-16 22:54 - 02236416 _____ () D:\Programs on D\Launchy\QtCore4.dll
2013-11-30 22:37 - 2009-12-16 22:56 - 00712704 _____ () D:\Programs on D\Launchy\QtNetwork4.dll
2013-11-30 22:37 - 2009-12-17 01:18 - 00233472 _____ () D:\Programs on D\Launchy\imageformats\qmng4.dll
2013-11-30 22:37 - 2010-04-03 14:06 - 00081920 _____ () D:\Programs on D\Launchy\plugins\calcy.dll
2013-11-30 22:37 - 2010-04-03 14:05 - 00090112 _____ () D:\Programs on D\Launchy\plugins\controly.dll
2013-11-30 22:37 - 2010-04-03 14:06 - 00024064 _____ () D:\Programs on D\Launchy\plugins\gcalc.dll
2013-11-30 22:37 - 2010-04-03 14:06 - 00094208 _____ () D:\Programs on D\Launchy\plugins\runner.dll
2013-11-30 22:37 - 2010-04-03 14:05 - 00057344 _____ () D:\Programs on D\Launchy\plugins\verby.dll
2013-11-30 22:37 - 2010-04-03 14:05 - 00122880 _____ () D:\Programs on D\Launchy\plugins\weby.dll
2016-03-20 14:23 - 2016-02-23 23:49 - 00034768 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-03-20 14:22 - 2016-02-23 23:50 - 00019408 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-03-20 14:22 - 2016-02-23 23:49 - 00116688 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-03-20 14:23 - 2016-02-23 23:49 - 00093640 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-03-20 14:23 - 2016-02-23 23:49 - 00018376 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\select.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00019760 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00105928 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-03-20 14:22 - 2016-02-23 23:49 - 00392144 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-03-20 14:23 - 2016-03-12 05:48 - 00381752 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-03-20 14:23 - 2016-02-23 23:49 - 00692688 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00020816 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-03-20 14:23 - 2016-02-23 23:50 - 00112592 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 01682760 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00020808 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00020800 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00021840 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00038696 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-03-20 14:22 - 2016-02-23 23:51 - 00020936 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00024528 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00114640 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00124880 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00021832 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00024016 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00175560 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00030160 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00043472 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00028616 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00048592 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00026456 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00057808 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00024016 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00117056 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00024392 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-03-20 14:22 - 2016-02-23 23:51 - 00036296 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\librsync.dll
2016-03-20 14:23 - 2016-03-12 05:48 - 00023376 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-03-20 14:23 - 2016-02-23 23:49 - 00134608 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-03-20 14:22 - 2016-02-23 23:49 - 00134088 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-03-20 14:22 - 2016-02-23 23:50 - 00240584 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00052024 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00020800 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00021824 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00019776 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00020800 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00020280 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-03-20 14:23 - 2016-02-23 23:51 - 00350152 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-03-20 14:23 - 2016-03-12 05:48 - 00022352 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00084792 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-03-20 14:22 - 2016-03-12 05:48 - 01826096 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-03-20 14:23 - 2016-02-23 23:50 - 00083912 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\sip.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 03928880 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 01971504 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00531248 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00132912 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00223544 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00207672 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00158008 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-03-20 14:22 - 2016-03-12 05:48 - 00042808 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-03-20 14:22 - 2016-02-23 23:53 - 00017864 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-03-20 14:22 - 2016-02-23 23:53 - 01631184 _____ () C:\Users\SD\AppData\Roaming\Dropbox\bin\libGLESv2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 07:34 - 2009-06-11 03:09 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1435187640-4071721805-2113652602-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Search Everything.lnk => C:\Windows\pss\Search Everything.lnk.CommonStartup

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{B6659186-6C94-4CB2-854F-958A976ACC16}] => (Allow) D:\Programs on D\Winamp\winamp.exe
FirewallRules: [{2CD3833F-4C8E-48D8-8E07-1B6844111769}] => (Allow) D:\Programs on D\Winamp\winamp.exe
FirewallRules: [{C1DEBC08-BE1C-4DD9-9EBE-AAE53C8B436A}] => (Allow) C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6AFF1CEF-3553-4520-8AE1-F93A6EB1E58A}] => (Allow) C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D8F7AE10-DB7B-4954-9593-B3B35D8A1F43}] => (Allow) C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4C7891F2-C306-4CF5-8AAA-B6E9E968E937}] => (Allow) C:\Users\SD\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0ABEA87C-6B65-4929-B1D8-E26E611F9533}] => (Allow) D:\Programs on D\Microsoft Office\Office12\outlook.exe
FirewallRules: [{1074D3BB-E492-4CD1-9B4D-27F844F093DF}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{BC1F194F-1962-4BF7-B7CD-8694B458D60F}] => (Allow) D:\Programs on D\SPSS21\stats.exe
FirewallRules: [{F85081D3-74C3-4EA8-B1C3-8C4214EB9AFD}] => (Allow) D:\Programs on D\SPSS21\WinWrapIDE.exe
FirewallRules: [{864FA32B-9550-4E25-BB8F-0574DF41A0B0}] => (Allow) D:\Programs on D\SPSS21\stats.com
FirewallRules: [{52C962DC-8FD8-4302-9DBC-1DC2B196A618}] => (Allow) D:\Programs on D\SPSS21\stats.exe
FirewallRules: [{79577281-6AAF-47A6-9573-129CEC656642}] => (Allow) D:\Programs on D\SPSS21\WinWrapIDE.exe
FirewallRules: [{D5F06E88-E1C5-430F-801B-46C57F8F1DA2}] => (Allow) D:\Programs on D\SPSS21\stats.com
FirewallRules: [{75B3E1DD-CECF-42B7-A917-FE2F06170094}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe
FirewallRules: [{5691296A-AE61-4B93-91EA-D199C6F0DDEF}] => (Allow) LPort=5357
FirewallRules: [{744847DD-E3DB-4482-888E-A48F7C970EF0}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{57EFCC4B-398C-44A4-A7B6-AF5D7E26376C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{250A7654-4F78-4231-9208-FD27B1B21BEC}] => (Allow) D:\Programs on D\Mozilla Firefox\firefox.exe
FirewallRules: [{74E4C8BB-18A2-4654-A63E-BB8AB4909CAE}] => (Allow) D:\Programs on D\Mozilla Firefox\firefox.exe
FirewallRules: [{DB857B1A-9548-4358-9667-B37D2FAE281E}] => (Allow) C:\Program Files\wePresent WiPG-1000\wePresent WiPG-1000.exe
FirewallRules: [{1A5EC10C-34D6-4FCF-899C-21DCC83A597E}] => (Allow) C:\Program Files\wePresent WiPG-1000\wePresent WiPG-1000.exe
FirewallRules: [{14ADEF72-3769-4FF3-A9D0-1825679E3420}] => (Allow) C:\Program Files\wePresent WiPG-1000\SidePadLite.exe
FirewallRules: [{8E4C6877-98B8-459F-AC33-241B5AFCB9F6}] => (Allow) C:\Program Files\wePresent WiPG-1000\SidePadLite.exe
FirewallRules: [{76B69942-E506-4CAE-B870-77B900517D96}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{58C857A4-F05B-4C62-B4C3-8AE686623A2D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5FD12BD1-B7A9-4793-AC9D-534A2B2EE113}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

14-04-2016 22:04:49 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============

Name: Broadcom 802.11 Multiband Network Adapter
Description: Broadcom 802.11 Multiband Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2016 10:03:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2016 08:40:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2016 08:34:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2016 10:06:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2016 09:15:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 10:20:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 10:09:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 10:04:46 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a1344c6f-3f5b-4155-b321-860f2f57e8d0}

Error: (04/14/2016 10:01:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 02:41:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/15/2016 10:48:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (04/15/2016 08:33:07 PM) (Source: Microsoft-Windows-Application-Experience) (EventID: 205) (User: NT AUTHORITY)
Description: The Program Compatibility Assistant service failed to perform the phase two initialization.

Error: (04/14/2016 10:16:34 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (04/14/2016 10:16:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (04/14/2016 10:16:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Volume Shadow Copy service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2016 10:16:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (04/14/2016 10:16:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (04/14/2016 10:16:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The XAudioService service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2016 10:16:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SQL Server VSS Writer service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2016 10:16:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SQL Server Browser service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2014-10-14 12:38:33.151
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-14 12:38:33.151
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-14 12:38:33.151
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-14 12:38:33.135
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-14 12:38:33.135
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-14 12:38:33.135
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-14 12:38:33.120
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-14 12:38:33.120
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-14 12:38:33.120
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-14 12:38:33.120
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T7800 @ 2.60GHz
Percentage of memory in use: 48%
Total physical RAM: 3071.3 MB
Available physical RAM: 1595.03 MB
Total Virtual: 6140.93 MB
Available Virtual: 4516.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:51.52 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:97.66 GB) (Free:66.79 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:97.66 GB) (Free:55.21 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:172.79 GB) (Free:67.34 GB) NTFS
Drive h: () (Removable) (Total:3.91 GB) (Free:1.08 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EE1E1188)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=270.4 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 3.9 GB) (Disk ID: 91F72D24)
Partition 1: (Active) - (Size=3.9 GB) - (Type=06)

==================== End of Addition.txt ============================

 

Thanks

Regards

Dey



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:18 AM

Posted 15 April 2016 - 01:03 PM

Greetings,

Please do this.

===================================================

Query a Service Via Command Line

--------------------
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type cmd and hit Enter
  • Type the following after the command prompt and press Enter

sc query bcm43xx

  • Please tell me the information in the State line
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Service state?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 troubledsoul

troubledsoul
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 15 April 2016 - 01:07 PM

1 STOPPED



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,594 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:07:18 AM

Posted 15 April 2016 - 01:12 PM

OK, please do this.

I will be away from my computer for an hour or so.

===================================================

Starting a Service Using CMD

--------------------
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type cmd and hit Enter
  • Copy and paste (use right click and select paste) the following after the command prompt and press Enter

sc start bcm43xx

  • Confirm the service was started
  • Check your Internet access
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Results?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 troubledsoul

troubledsoul
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 15 April 2016 - 01:12 PM

Quick point:

Looks like you are asking for the status of the broadcom driver. That one is for wireless and I have explicitly kept that off since I do not normally use wireless at home. I am trying to access net via LAN. The corresponding driver is the Intel 8256MM Gigabit one.

 

Regards

Dey






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users