Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Viruses in temp folder?


  • This topic is locked This topic is locked
14 replies to this topic

#1 pegasis

pegasis

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:33 PM

Posted 21 September 2016 - 09:21 AM

I have the same issue, bitdefender captures these files in the temp folder; says Eicar_test_file?

Exterminate-it deleted the offending files, but it has reappeared?

 

what is causing this, and how can i fix it?

 



BC AdBot (Login to Remove)

 


#2 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:06:33 AM

Posted 21 September 2016 - 03:42 PM

Hello! My name is The Codesee, nice to meet you :)

 

Please follow the steps below:

 

:step1: Please download MiniToolBox to your desktop
 

1. Double click MiniToolBox

2. Select the items below and press go

3. Post the log in your next reply

  • List Installed Programs
  • List Restore Points
  • List last 10 Event Viewer log
  • Flush DNS
:step2: Please download Security Check to your desktop
 

1. Double click SecurityCheck and follow the on-screen instructions.

2. A log should open called checkup.txt.

3. Post the log in your next reply

 

:step3: Please download TFC (Temp File Cleaner) to your desktop

 

1. Close all open applications

2. Double click TFC

3. Click the start button and the program will run

4. When done, press OK to restart your computer

 

Logs I expect in your next reply:

  1. MiniToolBox Log
  2. Security Check Log

Edited by The_Codesee, 21 September 2016 - 03:55 PM.


#3 buddy215

buddy215

  • Moderator
  • 13,130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:33 AM

Posted 23 September 2016 - 07:04 AM

pegasis....I note that you have not responded in 2 days. But here is some advice.....get rid of Exterminate it. Even if you have purchased it.

The file it supposedly is finding.....if it is actually on your computer....is a completely harmless test file and can be manually deleted.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 TazzyOpz

TazzyOpz

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:33 AM

Posted 24 September 2016 - 12:15 AM

Eicar detections are normally harmless. And usually used for testing on Anti-Virus Software. You can remove it for peace of mind tho.


Software Developer & Malware Analyst
Programming Langues: VB.net, C#, Java, & HTML.
Reverse Engineering/Tracking Tool familiarity: Ollydbg, IDA, CE, & Wireshark
My Website


#5 pegasis

pegasis
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:33 PM

Posted 24 September 2016 - 12:04 PM

If Eicar_test_files are harmless what is causing these random named temp files?

 

Bit defender is quarantining these random names temp files

 

I can do a search but I can't locate the Eicar_tet_file file?

 

MTB log:

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Troy (administrator) on 24-09-2016 at 09:40:47
Running from "C:\Users\T\Desktop"
Microsoft Windows 8.1  (X64)
Model: All Series Manufacturer: ASUS
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ============================== 

========================= Hosts content: =================================
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

There are 4 entries.

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Anchorfree HSS VPN Adapter = Ethernet 2 (Media disconnected)
Anchorfree HSS VPN Adapter = Ethernet 4 (Media disconnected)
The following helper DLL cannot be loaded: WCNNETSH.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled mtu=1500 nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 3" forwarding=enabled advertise=enabled mtu=1500 nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="VirtualBox Host-Only Network" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled ecncapability=ecndisabled
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : troy-Home
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : netgear.com

Ethernet adapter Ethernet 4:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter #2
   Physical Address. . . . . . . . . : 00-FF-DB-6E-EC-15
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter
   Physical Address. . . . . . . . . : 00-FF-21-50-81-7F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : netgear.com
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 40-16-7E-B5-0F-83
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d7:d492:5282:524e%3(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.254.15(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, September 24, 2016 8:25:04 AM
   Lease Expires . . . . . . . . . . : Sunday, September 25, 2016 8:25:03 AM
   Default Gateway . . . . . . . . . : 192.168.254.254
   DHCP Server . . . . . . . . . . . : 192.168.254.254
   DHCPv6 IAID . . . . . . . . . . . : 54531710
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-A7-7D-C9-40-16-7E-B5-0F-83
   DNS Servers . . . . . . . . . . . : 192.168.254.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VirtualBox Host-Only Network:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
   Physical Address. . . . . . . . . : 08-00-27-00-BC-AF
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3945:16fe:4a4b:fe77%20(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 386400295
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-A7-7D-C9-40-16-7E-B5-0F-83
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
                                       4.2.2.1
                                       4.2.2.2
                                       208.67.222.222
                                       208.67.220.220
                                       8.26.56.26
                                       8.20.247.20
                                       156.154.70.1
                                       156.154.71.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  dslrouter.netgear.com
Address:  192.168.254.254

Name:    google.com
Addresses:  2607:f8b0:400a:801::200e
	  172.217.3.174


Pinging google.com [172.217.3.174] with 32 bytes of data:
Reply from 172.217.3.174: bytes=32 time=9ms TTL=55
Reply from 172.217.3.174: bytes=32 time=11ms TTL=55

Ping statistics for 172.217.3.174:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 11ms, Average = 10ms
Server:  dslrouter.netgear.com
Address:  192.168.254.254

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
	  2001:4998:44:204::a7
	  2001:4998:c:a06::2:4008
	  98.138.253.109
	  98.139.183.24
	  206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=11ms TTL=53
Reply from 206.190.36.45: bytes=32 time=11ms TTL=53

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 11ms, Maximum = 11ms, Average = 11ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...00 ff db 6e ec 15 ......Anchorfree HSS VPN Adapter #2
  4...00 ff 21 50 81 7f ......Anchorfree HSS VPN Adapter
  3...40 16 7e b5 0f 83 ......Realtek PCIe GBE Family Controller
 20...08 00 27 00 bc af ......VirtualBox Host-Only Ethernet Adapter
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254   192.168.254.15     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
     192.168.56.0    255.255.255.0         On-link      192.168.56.1    276
     192.168.56.1  255.255.255.255         On-link      192.168.56.1    276
   192.168.56.255  255.255.255.255         On-link      192.168.56.1    276
    192.168.254.0    255.255.255.0         On-link    192.168.254.15    276
   192.168.254.15  255.255.255.255         On-link    192.168.254.15    276
  192.168.254.255  255.255.255.255         On-link    192.168.254.15    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.56.1    276
        224.0.0.0        240.0.0.0         On-link    192.168.254.15    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.56.1    276
  255.255.255.255  255.255.255.255         On-link    192.168.254.15    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 20    276 fe80::/64                On-link
  3    276 fe80::/64                On-link
  3    276 fe80::d7:d492:5282:524e/128
                                    On-link
 20    276 fe80::3945:16fe:4a4b:fe77/128
                                    On-link
  1    306 ff00::/8                 On-link
 20    276 ff00::/8                 On-link
  3    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 \Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 \Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 \Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 \Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 \Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 \Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog9 01 \Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 \Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 \Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 \Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 \Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 \Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 \Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 \Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 \Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 \Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/24/2016 08:35:43 AM) (Source: ESENT) (User: )
Description: svchost (5340) Instance: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb00002.log.

Error: (09/23/2016 10:52:42 PM) (Source: ESENT) (User: )
Description: svchost (3224) Instance: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb00002.log.

Error: (09/23/2016 10:52:42 PM) (Source: ESENT) (User: )
Description: svchost (3224) Instance: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb00002.log.

Error: (09/23/2016 10:52:42 PM) (Source: ESENT) (User: )
Description: svchost (3224) Instance: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb00002.log.

Error: (09/23/2016 10:52:42 PM) (Source: ESENT) (User: )
Description: svchost (3224) Instance: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb00002.log.

Error: (09/23/2016 10:52:42 PM) (Source: ESENT) (User: )
Description: svchost (3224) Instance: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb00002.log.

Error: (09/23/2016 10:52:42 PM) (Source: ESENT) (User: )
Description: svchost (3224) Instance: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb00002.log.

Error: (09/23/2016 10:52:42 PM) (Source: ESENT) (User: )
Description: svchost (3224) Instance: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb00002.log.

Error: (09/23/2016 10:52:42 PM) (Source: ESENT) (User: )
Description: svchost (3224) Instance: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb00002.log.

Error: (09/23/2016 10:52:42 PM) (Source: ESENT) (User: )
Description: svchost (3224) Instance: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb00002.log.


System errors:
=============
Error: (09/24/2016 09:39:31 AM) (Source: DCOM) (User: troy-Home)
Description: application-specificLocalLaunch{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}troy-HomeTS-1-5-21-2934600066-496943794-4240687687-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (09/24/2016 09:38:40 AM) (Source: DCOM) (User: troy-Home)
Description: application-specificLocalLaunch{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}troy-HomeTS-1-5-21-2934600066-496943794-4240687687-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (09/24/2016 09:38:13 AM) (Source: DCOM) (User: troy-Home)
Description: application-specificLocalLaunch{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}troy-HomeTS-1-5-21-2934600066-496943794-4240687687-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (09/24/2016 09:37:13 AM) (Source: DCOM) (User: troy-Home)
Description: application-specificLocalLaunch{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}troy-HomeTS-1-5-21-2934600066-496943794-4240687687-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (09/24/2016 09:36:58 AM) (Source: DCOM) (User: troy-Home)
Description: application-specificLocalLaunch{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}troy-HomeTS-1-5-21-2934600066-496943794-4240687687-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (09/24/2016 08:39:48 AM) (Source: DCOM) (User: troy-Home)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}troy-HomeTS-1-5-21-2934600066-496943794-4240687687-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (09/24/2016 08:39:48 AM) (Source: DCOM) (User: troy-Home)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}troy-HomeTS-1-5-21-2934600066-496943794-4240687687-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (09/24/2016 08:39:48 AM) (Source: DCOM) (User: troy-Home)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}troy-HomeTS-1-5-21-2934600066-496943794-4240687687-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (09/24/2016 08:39:48 AM) (Source: DCOM) (User: troy-Home)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}troy-HomeTS-1-5-21-2934600066-496943794-4240687687-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (09/24/2016 08:31:31 AM) (Source: DCOM) (User: troy-Home)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}troy-HomeTS-1-5-21-2934600066-496943794-4240687687-1001LocalHost (Using LRPC)UnavailableUnavailable


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.6.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 5.0 (HKLM-x32\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems Inc.)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.4.0 - IObit)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
APC PowerChute Personal Edition (HKLM-x32\...\{5A0C892E-FD1C-4203-941E-0956AED20A6A}) (Version: 1.5 - American Power Conversion Corporation)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM-x32\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version:  - ArcSoft)
Audio Product Tool (HKLM-x32\...\{032D9888-CC94-4AD6-9451-481CB7D67061}) (Version: 1.03 - Actions)
Auslogics BoostSpeed 9 (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 9.0.0.0 - Auslogics Labs Pty Ltd)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 7.0.0.0 - Auslogics Labs Pty Ltd)
Avira Launcher (HKLM-x32\...\{af1966e2-5e60-4d93-8a48-c21462a87e3c}) (Version: 1.2.71.9779 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{CF35E4FA-4227-43DD-B62B-B0DF2962A456}) (Version: 1.2.71.9779 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 2.6.1.2751 - Avira Operations GmbH & Co. KG)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (HKLM-x32\...\{594DB57D-58D1-4AA3-AE6C-BF99484F52F8}) (Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (HKLM-x32\...\{28C7344F-E894-4CF5-8D05-EDC7ED71796C}) (Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1109 - Bitdefender)
Build Tools - amd64 (HKLM\...\{DE293220-4F3A-40C8-B825-E151A231455A}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{20C6C9E5-B5B0-40A2-8ACD-EF08A9562A5B}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (HKLM\...\{ACE05087-00E9-480F-A955-1C3D7B977A7D}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (HKLM-x32\...\{2F2A7D0D-C28D-4953-A59A-A5EF1171E03F}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Canon CanoScan 8800F User Registration (HKLM-x32\...\Canon CanoScan 8800F User Registration) (Version:  - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version:  - )
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version:  - )
Canon MP960 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP960) (Version:  - )
Canon MX890 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX890_series) (Version:  - Canon Inc.)
Canon MX890 series On-screen Manual (HKLM-x32\...\Canon MX890 series On-screen Manual) (Version:  - )
Canon MX890 series User Registration (HKLM-x32\...\Canon MX890 series User Registration) (Version:  - )
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon MX920 series User Registration (HKLM-x32\...\Canon MX920 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon Utilities Easy-PhotoPrint (HKLM-x32\...\Easy-PhotoPrint) (Version:  - )
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.4.20.0 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan 8800F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4805) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix)
CutePDF Writer 2.8 (HKLM-x32\...\CutePDF Writer Installation) (Version:  - )
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version:  3.1 - Acro Software Inc.)
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4703 - CyberLink Corp.)
CyberLink LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4619 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3402 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3530.52 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2512 - CyberLink Corp.)
Dashlane (HKCU\...\Dashlane) (Version: 4.6.0.17042 - Dashlane SAS)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Diskeeper 2011  (HKLM-x32\...\{C437FB48-53B0-4F61-994F-D287D74439EA}) (Version: 15.0.968.32 - Diskeeper Corporation)
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
E.M. Total Video Player 1.31 (HKLM-x32\...\E.M. Total Video Player 1.31_is1) (Version:  - EffectMatrix Inc.)
EasySaver B9.0610.1  (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
Edimax Wireless LAN (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0205.2 - Edimax Technology Co.)
Entity Framework 6.1.3 Tools  for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Exterminate It! (HKLM-x32\...\Exterminate It!) (Version: 2.12.06.06 - CURIOLAB S.M.B.A.)
FastStone Image Viewer 5.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.7 - FastStone Soft)
Format Package 3 (HKLM-x32\...\FormatPackage_is1) (Version: 3.0.2 - iFunSoft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.0.2.805 - Foxit Software Inc.)
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version:  - )
Free YouTube Downloader 4.1.477 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version:  - HOW Inc.)
FreeRIP v3.30 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 3.30 - MGShareware)
Git version 2.7.0 (HKLM\...\Git_is1) (Version: 2.7.0 - The Git Development Community)
Glary Utilities 5.58 (HKLM-x32\...\Glary Utilities 5) (Version: 5.58.0.79 - Glarysoft Ltd)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
GWXStopper 1.20 (HKLM-x32\...\GWXStopper_is1) (Version:  - Greatis Software, LLC.)
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.276 - SurfRight B.V.)
Image Resizer for Windows (HKLM-x32\...\{0f571b70-6401-48cd-945d-45e2e8b559f8}) (Version: 3.0.4319.33193 - Brice Lambson)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel(R) Processor ID Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.90.0000 - Intel(R) Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.4.0.125 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java SE Development Kit 8 Update 92 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation)
JetBrains PyCharm Community Edition 5.0 (HKLM-x32\...\PyCharm Community Edition 5.0) (Version: 143.589 - JetBrains s.r.o.)
Kaspersky Security Scan (HKLM-x32\...\{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.380 - Kaspersky Lab) Hidden
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.380 - Kaspersky Lab)
Laplink PCmover Image Assistant (HKLM-x32\...\{880C0A42-B220-4136-AC91-A19A6C9B17B9}) (Version: 8.20.635 - Laplink Software, Inc.)
LightZone 4.1.6 (HKLM\...\3263-1164-2624-0047) (Version: 4.1.6 - LightZone Project)
LocalESPC (HKLM-x32\...\{62910715-63E3-0AB0-0B29-99140DE1C15E}) (Version: 8.59.29989 - Microsoft Corporation) Hidden
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Macrium Reflect Free Edition (HKLM\...\{E9473B5A-A6CD-401B-B579-EDDBD86596F1}) (Version: 6.2.1502 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)
Malware Hunter 1.18.0.32 (HKLM-x32\...\Malware Hunter) (Version: 1.18.0.32 - Glarysoft Ltd)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Outlook 2007 (HKLM-x32\...\OUTLOOKR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4433.1508 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 5 (HKLM-x32\...\{9be17f19-c737-431d-b922-66cbd4e685f2}) (Version: 12.0.40629.0 - Microsoft Corporation)
Microsoft WorldWide Telescope (HKLM-x32\...\{7785F029-FBFF-4572-8E1C-596D8A28B548}) (Version: 5.1.09 - Microsoft Research)
Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla)
Mozilla Firefox 48.0 (x64 en-US) (HKLM\...\Mozilla Firefox 48.0 (x64 en-US)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)
MySQL Connector C++ 1.1.7 (HKLM\...\{A4310FCD-95D5-49B7-91BA-9A079F07B167}) (Version: 1.1.7 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{305FFC5F-8338-4F1A-9922-D0DB44E21648}) (Version: 5.1.38 - Oracle Corporation)
MySQL Connector Net 6.9.8 (HKLM-x32\...\{D01DF7C8-6F2D-46BC-923B-418233EB1D14}) (Version: 6.9.8 - Oracle)
MySQL Connector Python v2.1.3 for Python v3.4 (HKLM-x32\...\{90F8BCBF-586B-4439-A756-DB03EE675C04}) (Version: 2.1.3 - Oracle)
MySQL Connector/C 6.1 (HKLM\...\{ABC3A516-54E3-414B-B501-762E7FB2F9D5}) (Version: 6.1.6 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{17E48BE8-F0F8-42B6-82D3-7A5840694D79}) (Version: 5.3.6 - Oracle Corporation)
MySQL Documents 5.7 (HKLM-x32\...\{E42DA76C-DE7F-4E54-91E1-86A60878F8BF}) (Version: 5.7.12 - Oracle Corporation)
MySQL Examples and Samples 5.7 (HKLM-x32\...\{143A7DCA-E4BB-44DB-8D21-F1164FD491F1}) (Version: 5.7.12 - Oracle Corporation)
MySQL Fabric 1.5.6 & MySQL Utilities 1.5.6 (HKLM-x32\...\{C914EB85-F0E6-4150-9FA0-99B716A15EAF}) (Version: 1.5.6 - Oracle Corporation)
MySQL For Excel 1.3.6 (HKLM-x32\...\{DC8733F3-63A6-43F4-8C38-637071FB6D5F}) (Version: 1.3.6 - Oracle)
MySQL for Visual Studio 1.2.6 (HKLM-x32\...\{D885AD96-9178-4CF2-836C-33AE57A57427}) (Version: 1.2.6 - Oracle)
MySQL Installer - Community (HKLM-x32\...\{E16A1E43-41FF-42F7-8864-D881AA28C1E6}) (Version: 1.4.15.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
MySQL Server 5.7 (HKLM\...\{654D5AEF-3F39-4705-B234-C7E64F659534}) (Version: 5.7.12 - Oracle Corporation)
MySQL Workbench 6.3 CE (HKLM\...\{59958BAC-A61D-4A23-8082-CC2FDF17937F}) (Version: 6.3.6 - Oracle Corporation)
NetBeans IDE 7.4 (HKLM-x32\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
Norton Bootable Recovery Tool Wizard (HKLM-x32\...\NBRTWizard) (Version: 7.1.0.26 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4433.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4433.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4433.1508 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 21.0.1432.57 (HKLM-x32\...\Opera 21.0.1432.57) (Version: 21.0.1432.57 - Opera Software ASA)
Opera Stable 28.0.1750.48 (HKLM-x32\...\Opera 28.0.1750.48) (Version: 28.0.1750.48 - Opera Software ASA)
Opera Stable 36.0.2130.46 (HKCU\...\Opera 36.0.2130.46) (Version: 36.0.2130.46 - Opera Software)
Opera Stable 39.0.2256.48 (HKCU\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.9 - Panda Security)
Paragon Drive Copyâ„¢ 14 Professional (HKLM\...\{24371D30-7CFF-11DE-B053-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PcCloneEX (HKLM-x32\...\PcCloneEX) (Version:  - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.2 - pdfforge GmbH)
PHOTOfunSTUDIO 9.7 PE (HKLM-x32\...\{2A71E3D5-1714-4E8F-88CD-7C06894FA6A2}) (Version: 9.07.707.1033 - Panasonic Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.38 - VIA Technologies, Inc.) Hidden
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
PowerShellIntegration.Notifications (HKLM-x32\...\{0B48F5AE-6A17-49C1-8C65-81C6F74E6CF2}) (Version: 2.6.0.0 - Microsoft Corporation) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Puran Utilities 3.0 (HKLM\...\Puran Utilities_is1) (Version:  - Puran Software)
Python 2.7.10 (Anaconda 2.3.0 64-bit) (HKLM\...\Python 2.7.10 (Anaconda 2.3.0 64-bit)) (Version: 2.3.0 - Continuum Analytics, Inc.)
Python 3.4.3 (64-bit) (HKLM\...\{9529565f-e693-3f11-b3bf-8cd545f5f9a0}) (Version: 3.4.3150 - Python Software Foundation)
Python 3.5.0a1 (64-bit) (HKCU\...\{ebc37270-06c5-4472-b638-c6f1b08fb666}) (Version: 3.5.0.10 - Python Software Foundation)
Python 3.5.0a1 C Runtime (64-bit) (HKLM\...\{3ECCCBFD-8604-40B5-BE73-5FB39D5A8F86}) (Version: 3.5.0.10 - Python Software Foundation) Hidden
Python 3.5.0a1 Core Interpreter (64-bit) (HKLM\...\{B29B65E4-8AFC-4E0F-8C64-9D68E442BA03}) (Version: 3.5.0.10 - Python Software Foundation) Hidden
Python 3.5.0a1 Development Libraries (64-bit) (HKLM\...\{D8970A91-4EC2-4789-812A-4775A9F61C30}) (Version: 3.5.0.10 - Python Software Foundation) Hidden
Python 3.5.0a1 Documentation (64-bit) (HKLM\...\{AF19C106-28DE-465B-B923-1373DB747EBD}) (Version: 3.5.0.10 - Python Software Foundation) Hidden
Python 3.5.0a1 Executables (64-bit) (HKLM\...\{84D49091-EFF7-4DC8-9E2C-B5D0F311793B}) (Version: 3.5.0.10 - Python Software Foundation) Hidden
Python 3.5.0a1 Launcher (32-bit) (HKLM-x32\...\{9B744466-15FA-4EE0-A74B-77CBCF1709E5}) (Version: 3.5.0.10 - Python Software Foundation) Hidden
Python 3.5.0a1 pip Bootstrap (64-bit) (HKLM\...\{6651ECE0-D0AB-4ECF-8489-426694227011}) (Version: 3.5.0.10 - Python Software Foundation) Hidden
Python 3.5.0a1 Standard Library (64-bit) (HKLM\...\{C9DE2093-23AA-4F08-8240-0A2B352181D6}) (Version: 3.5.0.10 - Python Software Foundation) Hidden
Python 3.5.0a1 Tcl/Tk Support (64-bit) (HKLM\...\{B67C6EC3-5CCA-4FB9-B263-250E5F68A6A0}) (Version: 3.5.0.10 - Python Software Foundation) Hidden
Python 3.5.0a1 Test Suite (64-bit) (HKLM\...\{662C6E72-F8AF-43C1-B108-20CC9B562F1F}) (Version: 3.5.0.10 - Python Software Foundation) Hidden
Python 3.5.0a1 Utility Scripts (64-bit) (HKLM\...\{02A1F61A-D8D8-4F03-BB86-8B9307292B59}) (Version: 3.5.0.10 - Python Software Foundation) Hidden
Python 3.5.2 (32-bit) (HKCU\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation)
Python 3.5.2 (64-bit) (HKCU\...\{d46281ac-f66b-4246-8cfe-34f61512982f}) (Version: 3.5.2150.0 - Python Software Foundation)
Python 3.5.2 Add to Path (32-bit) (HKLM-x32\...\{7E08C4EE-B1C7-4138-8227-7CD3837636AA}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Add to Path (64-bit) (HKLM\...\{2364A926-B4AC-4EA5-9838-BE88C2930E38}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Core Interpreter (32-bit) (HKLM-x32\...\{EB0611B2-7F10-4D97-BCF2-DCAAB1199498}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Core Interpreter (64-bit) (HKLM\...\{E151A5E4-D373-4388-82FB-0C9F5F6CFB76}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Development Libraries (32-bit) (HKLM-x32\...\{5DB2183B-62D3-407F-BBC1-EAD2F36283FA}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Development Libraries (64-bit) (HKLM\...\{5397E020-59CB-43BF-A0FE-32B26DE98187}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Documentation (32-bit) (HKLM-x32\...\{1FBA5182-78DD-4940-9F06-96E5042B7061}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Documentation (64-bit) (HKLM\...\{911FCD3E-A42F-472C-983A-0518799BFE7D}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Executables (32-bit) (HKLM-x32\...\{33B10015-A9B1-4210-B50A-26C6443979B0}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Executables (64-bit) (HKLM\...\{24C31CC2-A8F2-417E-A61B-5E682D39893B}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 pip Bootstrap (32-bit) (HKLM-x32\...\{9ADF9987-3327-48C6-91B3-B10900366491}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 pip Bootstrap (64-bit) (HKLM\...\{A74E3253-CB6C-4214-8964-FFCEB37DB5D8}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Standard Library (32-bit) (HKLM-x32\...\{FCBB04F4-D2CF-4F55-BE92-B3898696B318}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Standard Library (64-bit) (HKLM\...\{976C50E6-00DF-40A6-9E59-70A4F3EF4E32}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C1153533-FDC4-4922-892D-B71810F69566}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Tcl/Tk Support (64-bit) (HKLM\...\{A4B31C78-C884-4B36-BDE4-FBAD3A2A1C7E}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Test Suite (32-bit) (HKLM-x32\...\{9D50A6D7-410A-4469-87B7-35FA84CBD479}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Test Suite (64-bit) (HKLM\...\{7BA8A393-A7EB-4529-8A63-D7A4502C0D24}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Utility Scripts (32-bit) (HKLM-x32\...\{E6DEBF43-7ACF-4E88-9BBF-9B5945683281}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Utility Scripts (64-bit) (HKLM\...\{E5642976-7F8E-41C1-A249-419B809CA2A8}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{0276F61C-30FC-46D4-BEFE-0EA959C4D691}) (Version: 3.5.2121.0 - Python Software Foundation)
Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)
Python Tools Redirection Template (HKLM-x32\...\{C6028E83-4C47-459F-9EDC-7D1412CBCD97}) (Version: 1.1 - Microsoft Corporation) Hidden
Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.12.7 - Intuit)
RailsInstaller 3.1.1 (HKCU\...\{613C3EA5-1248-4E35-B61A-6D0B31BBC0DB}_is1) (Version: 3.1.1 - RailsInstaller Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.)
Reason Core Security (HKLM-x32\...\Reason Core Security) (Version: 1.1.2.0 - Reason Software Company Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registry Repair 5.0.1.82 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.82 - Glarysoft Ltd)
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.489 - RStudio)
Ruby 1.9.3-p545 (HKCU\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p545 - RubyInstaller Team)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
ScanSoft OmniPage SE 4.0 (HKLM-x32\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Seagate Dashboard 2.0 (HKLM-x32\...\{43C423D9-E6D6-4607-ADC9-EBB54F690C57}) (Version: 2.2.15.0 - Seagate)
Seagate DiscWizard (HKLM-x32\...\{FDE52A79-D081-483F-8291-BD180887644C}) (Version: 16.0.5861 - Seagate)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.6 - Seagate Technology)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
SILKYPIX Developer Studio 4.3 SE (HKLM-x32\...\{18F34C8F-280E-4B1F-908B-58CE6430E5E3}) (Version: 4 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 4.4 SE (HKLM-x32\...\{73506320-CCDD-46FF-AE91-1032FAAD56F7}) (Version: 4 - Ichikawa Soft Laboratory)
Skypeâ„¢ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.2.0 - IObit)
Soda Manager (HKLM-x32\...\{C7C04652-1CE7-4790-AF71-F37C082C4044}) (Version: 8.0.0.0 - LULU Software Limited) Hidden
Soda PDF 8 Asian Fonts Pack (HKLM\...\{18385A27-4899-402B-862D-F6358C58CAD5}) (Version: 8.0.44.25306 - LULU Software Limited) Hidden
Soda PDF 8 Convert Module (HKLM\...\{BF2D119E-8D88-4958-B12B-B3C2B0BFB3B5}) (Version: 8.0.44.25306 - LULU Software Limited) Hidden
Soda PDF 8 Create Module (HKLM\...\{C804079F-EC35-492F-8447-73DAF6356BF1}) (Version: 8.0.44.25306 - LULU Software Limited) Hidden
Soda PDF 8 Edit Module (HKLM\...\{41DDB716-41A8-41C4-A505-7E842AC0706A}) (Version: 8.0.44.25306 - LULU Software Limited) Hidden
Soda PDF 8 Forms Module (HKLM\...\{C6F012D6-AE4D-446B-850C-6D3AE4431E52}) (Version: 8.0.44.25306 - LULU Software Limited) Hidden
Soda PDF 8 Insert Module (HKLM\...\{58EE609B-9A8E-45DF-AA5B-F7E0B1A73A33}) (Version: 8.0.44.25306 - LULU Software Limited) Hidden
Soda PDF 8 OCR Module (HKLM\...\{64195683-A8B8-4CC3-93E8-4FA80053BBDB}) (Version: 8.0.44.25306 - LULU Software Limited) Hidden
Soda PDF 8 Review Module (HKLM\...\{A9473E29-3A0D-4704-A5E7-1EB1E6BCA769}) (Version: 8.0.44.25306 - LULU Software Limited) Hidden
Soda PDF 8 Secure Module (HKLM\...\{69AD1D9E-5080-41A1-905B-DB1C8A864094}) (Version: 8.0.44.25306 - LULU Software Limited) Hidden
Soda PDF 8 View Module (HKLM\...\{12B1CB64-CD49-4FD5-BF0F-2CB0D7C0A1A5}) (Version: 8.0.44.25306 - LULU Software Limited) Hidden
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.23.2.4686 - Enigma Software Group, LLC)
Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TC2000 v16 (HKCU\...\TC2000 v16 1.0.0) (Version: 1.0.0 - Worden Brothers, Inc.)
TC2000 v16 (HKLM-x32\...\{A6A526E4-A376-4772-897D-508FB2473C91}) (Version: 1.0.0 - Worden Brothers, Inc.) Hidden
TC2000 Version 7 (HKLM-x32\...\{8F899627-1EA1-484D-91EA-7B22C05358DB}) (Version: 7.00.0000 - Worden Brothers Inc)
Team Explorer for Microsoft Visual Studio 2013 (HKLM-x32\...\{C9E7751E-88ED-36CF-B610-71A1D262E906}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
TypeScript Power Tool (HKLM-x32\...\{6098D454-CB7B-44C2-8615-D869FD9655C7}) (Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{0E4A9B1A-12D2-4827-BE61-44DBD72797FB}) (Version: 1.0.5.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.38 - VIA Technologies, Inc.)
Virtual Disk Driver (HKLM-x32\...\{7E014B78-94DA-4DE6-8226-A674A878F0C7}) (Version: 1.1.2116 - Acronis)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VS Update core components (HKLM-x32\...\{7CE8C6D0-6EA4-34C3-A4ED-8C28A1D67228}) (Version: 12.0.40629 - Microsoft Corporation) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.1.5976 - WinISO Computing Inc.)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinX YouTube Downloader 4.0.4 (HKLM-x32\...\WinX YouTube Downloader_is1) (Version:  - Digiarty Software, Inc.)
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
YACReader 8.5.0 (HKLM-x32\...\YACReader_is1) (Version:  - )

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 18%
Total physical RAM: 15554.14 MB
Available physical RAM: 12605.77 MB
Total Virtual: 17026.14 MB
Available Virtual: 13202.82 MB

========================= Partitions: =====================================

1 Drive c: (susie home) (Fixed) (Total:1863.02 GB) (Free:530.42 GB) NTFS

========================= Users: ========================================

User accounts for \\TROY-HOME

Administrator            Guest                    T                        
Troy                     

========================= Restore Points ==================================

20-09-2016 17:17:02 JRT Pre-Junkware Removal
20-09-2016 17:28:37 09202016
22-09-2016 18:13:05 JRT Pre-Junkware Removal
23-09-2016 18:50:53 Installed Sophos Virus Removal Tool.

**** End of log ****

Security check:

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
[b][u]``````````````Antivirus/Firewall Check:``````````````[/b][/u] 
 Windows Firewall Enabled!  
IObit Malware Fighter                
Bitdefender Antivirus Free Edition   
 Antivirus up to date!   
[b][u]`````````Anti-malware/Other Utilities Check:`````````[/b][/u] 
 SpyHunter 4    
 Panda Cloud Cleaner   
 Visual Studio Extensions for Windows Library for JavaScript 
 [color=red][b]Java version 32-bit out of Date![/b][/color] 
 Adobe Flash Player 	22.0.0.209  
 Mozilla Firefox (43.0.4) 
[b][u]````````Process Check: objlist.exe by Laurent````````[/b][/u]  
 [b][color=red]Spybot Teatimer.exe is disabled![/color][/b] 
 Bitdefender Antivirus Free Edition gzserv.exe  
 Bitdefender Antivirus Free Edition gziface.exe  
 IObit IObit Malware Fighter IMFsrv.exe  
 Zemana AntiMalware ZAM.exe   
 IObit IObit Malware Fighter IMF.exe  
[b][u]`````````````````System Health check`````````````````[/b][/u] 
 Total Fragmentation on Drive C:  % 
[b][u]````````````````````End of Log``````````````````````[/b][/u] 


#6 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:06:33 AM

Posted 24 September 2016 - 12:32 PM

Thank you for the logs.
 
:exclame: IOBIT Products
 
I, and many others, do not trust products by IOBIT. This is mainly due to their history (including stealing from Malwarebytes). Please read here for thoughts about IOBIT and Advanced System Care:

:exclame: Registry Cleaners

 

Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version: - )
Registry Repair 5.0.1.82 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.82 - Glarysoft Ltd)

 
Bleeping Computer does not recommend the use of registry cleaners as they can be extremely harmful to your system.

:exclame: Spyhunter
 
Spyhunter was previously listed as a rogue product on the Rogue/Suspect Anti-Spyware Products List. I highly recommend you remove this program as there are mixed reviews about the legitimacy of it as well as reports of aggressive and deceptive advertising.

:step1: Please uninstall some programs
 
There's currently some programs on your PC that we need to remove. Press the Windows + R key on your keyboard and type in appwiz.cpl and press enter. Navigate to each of the following below one-by-one and click uninstall:

  • Advanced SystemCare 9
  • Driver Booster 3.4
  • Exterminate It!
  • Free Window Registry Repair
  • Free YouTube Downloader
  • IObit Malware Fighter 4
  • IObit Uninstaller
  • IObit Unlocker
  • Registry Repair
  • Smart Defrag 5
  • SpyHunter 4
  • Surfing Protection

Note: if you already have Malwarebytes Anti-Malware installed, you can skip the download and step 1.
 
:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log:

  • On the Malwarebytes Anti-Malware dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe.
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step4: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.

Logs I expect in your next reply:

  • Malwarebytes Log
  • AdwCleaner Log
  • Junkware Removal Tool (JRT) Log

Please also update me on the status of the computer


Edited by The_Codesee, 24 September 2016 - 12:43 PM.


#7 pegasis

pegasis
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:33 PM

Posted 24 September 2016 - 02:02 PM

why should I uninstall:

 

  • Advanced SystemCare 9
  •  
  • Exterminate It!
  •  
  • Surfing Protection


#8 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:06:33 AM

Posted 24 September 2016 - 02:28 PM

Thanks for asking.

 

IOBIT Products
 
As I mentioned in my original post, Advanced SystemCare 9 and Surfing Protection are products by IOBIT.
 
IOBOT aren't trustworthy and their products can often be replaced with a better alternative (e.g Advanced SystemCare 9 => CCleaner). In addition, their programs are often considered PUPs (Potentially Unwanted Programs) - in some cases, security scanners remove them.
 
You may furthermore refer to these links about IOBIT and their products:

Also refer to iOBit Advanced System Care, Good or Bad

 

Exterminate It!

 

I would recommend you stay far away from this product. A few years back, they were well known for their false positives and charging for malware removal.


Edited by The_Codesee, 24 September 2016 - 02:34 PM.


#9 pegasis

pegasis
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:33 PM

Posted 24 September 2016 - 07:16 PM

Unable to un-install this: 

  • Free Window Registry Repair

says can't open install.LOG file 



#10 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:06:33 AM

Posted 25 September 2016 - 04:47 AM

:step1: Please download Revo Uninstaller to your desktop

  1. Double click revosetup.exe and follow the on-screen instructions.
  2. When the installation has completed, launch Revo Uninstaller.
  3. From the list of programs, select 'Free Window Registry Repair' and click uninstall.
  4. After a system restore point has been created, the programs default uninstaller will run.
  5. After the program has been uninstalled, select 'Advanced' from the scanning modes list 

30kf338.png

      6. Revo Uninstaller will now scan your computer for any left over files or registry entries relating to the program.

      7. When the leftover registry entries are displayed, click 'select all' and then 'delete' then press next.

      8. Follow instruction number 7 for when the leftover files and folders are displayed.

 

wkke4g.png


Edited by The_Codesee, 25 September 2016 - 04:47 AM.


#11 pegasis

pegasis
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:33 PM

Posted 25 September 2016 - 11:25 AM

still can't be removed



#12 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:06:33 AM

Posted 25 September 2016 - 11:29 AM

still can't be removed

Did Revo Uninstaller successfully remove leftover files, folders and registry entries?

 

If so, continue on with the rest of my steps.


Edited by The_Codesee, 25 September 2016 - 11:30 AM.


#13 pegasis

pegasis
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:33 PM

Posted 25 September 2016 - 09:24 PM

yes, it did

 

Maleware bytes:

 

alwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 9/24/2016
Scan Time: 7:02 PM
Logfile: MB09272017.txt
Administrator: No

Version: 2.2.1.1043
Malware Database: v2016.09.25.01
Rootkit Database: v2016.08.15.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: T

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356744
Time Elapsed: 17 min, 53 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

 

adware cleaner:

 

# AdwCleaner v6.020 - Logfile created 24/09/2016 at 18:53:25
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-09-24.2 [Server]
# Operating System : Windows 8.1 (X64)
# Username : Troy - TROY-HOME
# Running from : C:\Users\T\Desktop\adwcleaner_6.020.exe
# Mode: Scan
# Support : https://toolslib.net/forum



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry entries found.


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

\AdwCleaner\AdwCleaner[C0].txt - [1456 Bytes] - [17/08/2016 22:50:30]
\AdwCleaner\AdwCleaner[C2].txt - [1331 Bytes] - [20/09/2016 10:29:48]
\AdwCleaner\AdwCleaner[S0].txt - [1557 Bytes] - [17/08/2016 22:50:15]
\AdwCleaner\AdwCleaner[S1].txt - [1181 Bytes] - [24/09/2016 18:53:25]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [1252 Bytes] ##########

 

JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.8 (09.20.2016)
Operating System: Windows 8.1 x64
Ran by Troy (Administrator) on Sat 09/24/2016 at 18:55:30.94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Troy\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Avira System Speedup Tray (Task)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 09/24/2016 at 18:58:05.96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

still getting randowm names temp files



#14 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:06:33 AM

Posted 26 September 2016 - 01:16 AM

I suspect that your computer is infected. The next step would be to create a new topic in the Virus, Trojan, Spyware, and Malware Removal Logs subforum and wait for a malware professional to assist you using advanced tools.

It might be a good idea to also include a link back to this thread.
 
The Codesee :)



#15 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,110 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:11:33 PM

Posted 26 September 2016 - 11:20 AM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/627779/getting-random-named-temp-files/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users