Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need help to remove viruses on my computer, Norton passing over files

Norton Infostealer.Sinfula.b malware removal

  • This topic is locked This topic is locked

#16
ThatOneDude

ThatOneDude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

Part nine (last one):

 

17:24:01.0803 0x11f4  [ F1C05C50912240EB1E651FC3A5690D20, C852C488EA98F5CF103C4D03752157669DA22E9108F2A606E6ECD0B2C2E5D7E9 ] C:\Program Files\SolidWorks Corp\SolidWorks\mkl_core.dll

17:24:01.0803 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\mkl_core.dll - ok

17:24:01.0816 0x11f4  [ A59A7985F192198BF0EEED789BB5124C, FC6D13FAE902535E7655951B50DF4895AEFCD39C2474074AA07BFB22F397402E ] C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\cltlmh.exe

17:24:01.0816 0x11f4  C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\cltlmh.exe - ok

17:24:01.0830 0x11f4  [ F136F02046DB250482004B3B62729D7F, 01FEDD2D72592E9B31F3A374093634B0303094A79243E13409300F4EDF1CFE56 ] C:\Program Files\SolidWorks Corp\SolidWorks\libiomp5md.dll

17:24:01.0830 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\libiomp5md.dll - ok

17:24:01.0844 0x11f4  [ D6631649807283FB5C569269F5BDFCDB, B20A4DE26A5D60E0981BC9A131859E10825AC76F3544608FB7E7E47ECEDE24E2 ] C:\Program Files\SolidWorks Corp\SolidWorks\sldhscdu.dll

17:24:01.0844 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\sldhscdu.dll - ok

17:24:01.0859 0x11f4  [ 03516F3F37D67EAA23B9CF5B15E841B6, 5E8D8E16415F06B381EBF0E60B739BD2A46C0AAEB05B67E50D8F35AEC6630EDB ] C:\Program Files\SolidWorks Corp\SolidWorks\sldmoasmu.dll

17:24:01.0859 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\sldmoasmu.dll - ok

17:24:01.0871 0x11f4  [ 5467526E0D0878D13B81F5B0E3B0CAE0, 3A2F6E58356ED7A2E9747CA5BFECB12D8999AAAC51D427C3EDB7E1DBACF5F578 ] C:\Program Files\SolidWorks Corp\SolidWorks\win7HelperBaseu.dll

17:24:01.0872 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\win7HelperBaseu.dll - ok

17:24:01.0887 0x11f4  [ 054291CA2F7C75F585CB2D7821E8B991, EEEA6199767A21A82934A9AAE406B896E80D0324081C0FE47F6874C28308B03F ] C:\Program Files\SolidWorks Corp\SolidWorks\slddlgdatau.dll

17:24:01.0887 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\slddlgdatau.dll - ok

17:24:01.0900 0x11f4  [ 3727F20FC17461E3E71C322103B21E62, 46122750779A60A4B578B14E5107230E1EC65A88F9C299375FF9C9692E9AC4B6 ] C:\Program Files\SolidWorks Corp\SolidWorks\sldappu.dll

17:24:01.0900 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\sldappu.dll - ok

17:24:01.0919 0x11f4  [ 41BEF87E8732BB10314374716E35E86D, 0928550C4E841672131037C34AFC6338799109ECAFBE06CCFD7AB349FA2BED89 ] C:\Program Files\SolidWorks Corp\SolidWorks\DockingPaneHelperU.dll

17:24:01.0919 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\DockingPaneHelperU.dll - ok

17:24:01.0933 0x11f4  [ 0A74787B7DCA14007DF868CF0E0884A5, 9E7B32812FD893BBD4925CE23093E3CCF74C1A2AB1432FA757C121083EFEBC62 ] C:\Program Files\SolidWorks Corp\SolidWorks\toolkitprovc100x64u.dll

17:24:01.0933 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\toolkitprovc100x64u.dll - ok

17:24:01.0947 0x11f4  [ 370D6457224519CA3506ED07F36C67A2, 4DE5C92C4F12BBB9EC2FCF9A1B543B4D3C9CB3D3A78EA3155800F2BB7C351D92 ] C:\Program Files\SolidWorks Corp\SolidWorks\sldxtkitu.dll

17:24:01.0947 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\sldxtkitu.dll - ok

17:24:01.0960 0x11f4  [ 70C89C93A9496D5EA03B7DD8A238C11B, 300A82D67B21F086D5AC64DBAA56A5529AF996C5C399CB357D317DF2ABAB195F ] C:\Program Files\SolidWorks Corp\SolidWorks\sldxtoolkitu.dll

17:24:01.0960 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\sldxtoolkitu.dll - ok

17:24:01.0972 0x11f4  [ 11D4EA2E93C5E7646BB7421ADB4AEBB8, DE54984A988F3C3843881CB1ABDAC0DF678DC68038FE09DA0BEA8BB645D875AA ] C:\Program Files\SolidWorks Corp\SolidWorks\sldgfxu.dll

17:24:01.0972 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\sldgfxu.dll - ok

17:24:01.0986 0x11f4  [ ABAC57D3B1C8E5E3C5A86F3D311CAA5F, 74DF953CB69A46B04AA9D77A07C50D346976DB4283FDFEE3637935C482C7DF30 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll

17:24:01.0986 0x11f4  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok

17:24:01.0999 0x11f4  [ 21F27B1F9CB9E50C2D8C489F0145EB93, 02DA865DFA50DD60E64AFAED4E38E76AAA5A7A5F695A7D61421F1D430C437E12 ] C:\Program Files\SolidWorks Corp\SolidWorks\sldsmmu.dll

17:24:01.0999 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\sldsmmu.dll - ok

17:24:02.0013 0x11f4  [ A659ADBC53A82F558CB5059454554675, 362E960BD1D1C984AA09B116EF734DF02824589AE7B992A8705961B0D0D92ECC ] C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll

17:24:02.0013 0x11f4  C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll - ok

17:24:02.0026 0x11f4  [ 04BCD403CDD1890536266E0EF5B7DFEF, 75CF4F2C9059FF407BDF01D430A81AE4EC521CD7B3B153C9E6BA5A61D5215989 ] C:\Program Files\SolidWorks Corp\SolidWorks\sldmswiftu.dll

17:24:02.0026 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\sldmswiftu.dll - ok

17:24:02.0039 0x11f4  [ 31A7689F580F37B52F65B9653F8916D4, AB75E544211E6EBE14A984D637E19C5B111FCECF1C7A8A96FF369C06A43CBBA3 ] C:\Program Files\Internet Explorer\iexplore.exe

17:24:02.0039 0x11f4  C:\Program Files\Internet Explorer\iexplore.exe - ok

17:24:02.0052 0x11f4  [ 484ACF6AF85A29AC52F3CF054DFDE9D3, D36A5FFF5BD5DF538457ED4DCF084BCD6E2820A6266B31405EADEED03076946D ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe

17:24:02.0052 0x11f4  C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe - ok

17:24:02.0066 0x11f4  [ 0E407155E325DF1233F91558F8F013B1, 8EDFCF21D9F9DFA0C1ACAD177CE6369CC8E1E4C5B9E7DF6D8882C3D87D9D1D47 ] C:\Users\Sonny\Downloads\FRST64.exe

17:24:02.0066 0x11f4  C:\Users\Sonny\Downloads\FRST64.exe - ok

17:24:02.0079 0x11f4  [ DD835DBB6F6831A71769370EB62418E3, 223047D93A624AA8D8E8A898E0DDD8889952B735E6B35E537D371878DC7CDC4C ] C:\Program Files\SolidWorks Corp\SolidWorks\slddetailsu.dll

17:24:02.0079 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\slddetailsu.dll - ok

17:24:02.0092 0x11f4  [ CE06D4D8F945F51A2189F4614F480117, 96D8308F52A051A2458AC7B6CD70EB2A66270BFBFD96D4ED88004323B54C8DC0 ] C:\Program Files\SolidWorks Corp\SolidWorks\sldrtmou.dll

17:24:02.0093 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\sldrtmou.dll - ok

17:24:02.0105 0x11f4  [ C0F4A57BA5E09A28AE3D2F67ED219EEA, F2069979F2EA7BCC37E894A0FE1EB3A0D554878696C97827D62A13D9B0A84076 ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe

17:24:02.0105 0x11f4  C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe - ok

17:24:02.0118 0x11f4  [ 73E9A10B5D343D5555F42A819E0EBAD3, E2F6F00A2384F5A749BABC61F6B5D1AC13DEDA656C26941388048F66DC6AC040 ] C:\Program Files\SolidWorks Corp\SolidWorks\sldadoconverteru.dll

17:24:02.0118 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\sldadoconverteru.dll - ok

17:24:02.0134 0x11f4  [ FCFD27FCD88886FE04C854BC12A764D9, E9DA6CBC4AE64AC5B427902386F627494B51730066BF3CC61AF18794330BFE21 ] C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\uistub.exe

17:24:02.0134 0x11f4  C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\uistub.exe - ok

17:24:02.0148 0x11f4  [ B1ADCDB346254F13F1917224B767736C, C3E94EB6B50E23256839FE46D867F5E3CBCDA258A742B25F3C81DE6B711DCE6A ] C:\Program Files\SolidWorks Corp\SolidWorks\sldrulesu.dll

17:24:02.0148 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\sldrulesu.dll - ok

17:24:02.0162 0x11f4  [ 7594F8694342927227EDEFC4047249DB, BB4E53EB26E8DF80F1E604C2BB66535BB8DE1F8A13ACC9476433079C1DC47537 ] C:\Program Files\SolidWorks Corp\SolidWorks\slddataeditingu.dll

17:24:02.0162 0x11f4  C:\Program Files\SolidWorks Corp\SolidWorks\slddataeditingu.dll - ok

17:24:02.0181 0x11f4  [ 314C76642049DD4E9B964BC333A620B1, 313AE7FD4F3885623A5582F1E67C4EC4E22B9A4EAB1C1D9C94BA7C0734FAAC32 ] C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe

17:24:02.0181 0x11f4  C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe - ok

17:24:02.0194 0x11f4  [ CBC3FE8CC9EEDEBC2AC7C5A8FF78237D, 7E0276DBF1A9240522174D3545E39A913362232F537D4B4E76CF953EC81E784B ] C:\Windows\System32\mfc100enu.dll

17:24:02.0194 0x11f4  C:\Windows\System32\mfc100enu.dll - ok

17:24:02.0205 0x11f4  [ 3E466073C3B1033FF92ADE9031E3D4A2, 2B26096A6BA2EE8C496D3252248F21D214E8C41ECF79A60A60E52D3BC4135C03 ] C:\Windows\System32\odbcint.dll

17:24:02.0206 0x11f4  C:\Windows\System32\odbcint.dll - ok

17:24:02.0219 0x11f4  [ 561D3BF0DF32742A2E53B3875FD05CD7, 29DB5B83B34375C74B81C4B6A17C1AF6073B3DDCABC569CE1EF4E1423D3D94F4 ] C:\Windows\Installer\{77DE5105-D05E-448C-96CB-7FA381903753}\iTunesIco.exe

17:24:02.0219 0x11f4  C:\Windows\Installer\{77DE5105-D05E-448C-96CB-7FA381903753}\iTunesIco.exe - ok

17:24:02.0232 0x11f4  [ 625FF1A0B5B2C2B8DD11B2395DA6E51A, 2A0845E1B88494A5A838FF6BF24EFE1DD90796BD698626D3CAB503BE260CD8D5 ] C:\Windows\Installer\{FA4C2D53-205F-4245-9717-F3761154824D}\SafariIco.exe

17:24:02.0232 0x11f4  C:\Windows\Installer\{FA4C2D53-205F-4245-9717-F3761154824D}\SafariIco.exe - ok

17:24:02.0246 0x11f4  [ 6CEEB872A7DA45E82613BDC357544C8E, 9B90C1F4A066913D46AE5034C02B753CAAC4E508A2024824C5E10C1FEF49C674 ] C:\Program Files\SolidWorks Corp\eDrawings X64 Edition\EModelViewer.exe

17:24:02.0246 0x11f4  C:\Program Files\SolidWorks Corp\eDrawings X64 Edition\EModelViewer.exe - ok

17:24:02.0260 0x11f4  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{673F2EAE-A09A-4B46-89CF-D960A716C644}.tmp

17:24:02.0260 0x11f4  C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{673F2EAE-A09A-4B46-89CF-D960A716C644}.tmp - ok

17:24:02.0273 0x11f4  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{472653CF-508A-4D9D-A530-466CCDB007AE}.tmp

17:24:02.0273 0x11f4  C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{472653CF-508A-4D9D-A530-466CCDB007AE}.tmp - ok

17:24:02.0286 0x11f4  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{670232B2-A97E-4079-AB09-1A4321580407}.tmp

17:24:02.0286 0x11f4  C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{670232B2-A97E-4079-AB09-1A4321580407}.tmp - ok

17:24:02.0299 0x11f4  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{F191824F-3F9B-444B-818A-417F70F810DE}.tmp

17:24:02.0300 0x11f4  C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{F191824F-3F9B-444B-818A-417F70F810DE}.tmp - ok

17:24:02.0314 0x11f4  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{7B727E05-789B-4A8D-960D-CD018B5D00CC}.tmp

17:24:02.0314 0x11f4  C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{7B727E05-789B-4A8D-960D-CD018B5D00CC}.tmp - ok

17:24:02.0327 0x11f4  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{7FDFE5A6-F830-4D9D-9BCC-B6F1A6349B66}.tmp

17:24:02.0327 0x11f4  C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{7FDFE5A6-F830-4D9D-9BCC-B6F1A6349B66}.tmp - ok

17:24:02.0340 0x11f4  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{1F364250-B8DF-4ECC-A9D6-896555634797}.tmp

17:24:02.0340 0x11f4  C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{1F364250-B8DF-4ECC-A9D6-896555634797}.tmp - ok

17:24:02.0354 0x11f4  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{A57D95B9-5FA1-4607-BB4F-728CF6B1A57E}.tmp

17:24:02.0355 0x11f4  C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{A57D95B9-5FA1-4607-BB4F-728CF6B1A57E}.tmp - ok

17:24:02.0368 0x11f4  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{EA38E8BE-31E8-4591-8631-C0B4B54665AE}.tmp

17:24:02.0368 0x11f4  C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{EA38E8BE-31E8-4591-8631-C0B4B54665AE}.tmp - ok

17:24:02.0383 0x11f4  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{52EDD329-AFC2-4178-8BDC-1D96345D58FC}.tmp

17:24:02.0384 0x11f4  C:\Users\Sonny\AppData\Local\Temp\{69CFC0E1-1245-4AA6-B01E-57CEB29CA748}\{52EDD329-AFC2-4178-8BDC-1D96345D58FC}.tmp - ok

17:24:02.0397 0x11f4  [ B92E9318F7E4AEF633B8EC3A873565AF, DA378AE1283B941B4251B7DD37FB21F37F7282750D94900D96EE413ADD316883 ] C:\Windows\SysWOW64\perfdisk.dll

17:24:02.0397 0x11f4  C:\Windows\SysWOW64\perfdisk.dll - ok

17:24:02.0410 0x11f4  [ 7F59E4F51DA9C9C6B29B881D8DD92400, 502D9526BCF2DB5BA653F8335E601F870EB0521AA33DDB3A6010528853BB61F4 ] C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe

17:24:02.0410 0x11f4  C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe - ok

17:24:02.0417 0x11f4  ================ Scan generic autorun ======================

17:24:02.0923 0x11f4  [ 910AFE116ADE17C93E892C38452075F9, E9CBFCF0549CACAC9B40BB67454548F996F1856AAF568D751015A3158F47043A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

17:24:03.0304 0x11f4  RtHDVCpl - ok

17:24:03.0432 0x11f4  [ 0C4F4CFFA3A613D175BB25728514C0C4, 6CE71BF4CDD6F954AABDACD716A7716D28E737D328C88AE53C5501D8BD5191F6 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

17:24:03.0487 0x11f4  Acer ePower Management - ok

17:24:03.0683 0x11f4  [ EAEB34D06AC35097031B0F11595012D7, 5203574367A8FCD9F708CC02A868991D40E4508EE39E6D662F65AD65E9B7E3A0 ] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

17:24:03.0715 0x11f4  mwlDaemon - ok

17:24:03.0722 0x11f4  SynTPEnh - ok

17:24:03.0752 0x11f4  [ EF533F9D1E4F51C783D4349A7C3F518F, 5A4B84CFC96F13AF4B5EC1F693152A37DA37FC08150EE37913EC5D6EEEFD490E ] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

17:24:03.0778 0x11f4  EgisTecLiveUpdate - ok

17:24:03.0850 0x11f4  [ 452FA961163EF4AEE4815796A13AB2CF, 14DC422082F96F5C21C41A5E5F6E8445547CC4B02B18F0A86A34669CA2CE18A7 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe

17:24:03.0872 0x11f4  Adobe Reader Speed Launcher - ok

17:24:03.0960 0x11f4  [ 981E539199217491DF663368C02F4B94, BF17C28733E94D986FEA311DCD6D6507A4FD58515FD5F7C6ABA5A2A92045A511 ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe

17:24:04.0000 0x11f4  NortonOnlineBackupReminder - ok

17:24:04.0110 0x11f4  [ 34BC222864CEF86DABB5032DA36485DA, 17B3BDE6C825AC6C789846AB7597CD904F401668754D5A5F135EFBB9EA62FE03 ] C:\Program Files (x86)\Launch Manager\LManager.exe

17:24:04.0183 0x11f4  LManager - ok

17:24:04.0287 0x11f4  [ EF5C94E3EFC691D1EE862044505F6345, A3DF95B12BEF1591F33DD9F709AB3367DF17567AF9F5680D8EFA57044B82C226 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

17:24:04.0340 0x11f4  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )

17:24:06.0871 0x11f4  Detect skipped due to KSN trusted

17:24:06.0871 0x11f4  StartCCC - ok

17:24:06.0958 0x11f4  [ 00892B52634940C19ED46FC6CDA52FF1, 6ACDC0F973E720D0E8C8F932C96242D26D43C2F2209B1A8D50434DDE94B358A6 ] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

17:24:06.0982 0x11f4  ArcadeDeluxeAgent - ok

17:24:07.0037 0x11f4  [ 96CA717D3295B88EEF14CFEE0636F1CD, 2BF75209ED28D545F3B37FC810869AD3CF63C719E2ACF33A23DCCEF16B66E280 ] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

17:24:07.0064 0x11f4  PlayMovie - ok

17:24:07.0237 0x11f4  [ 19B2731AFB82729F8FF10B082CD609B3, 34AAEC8E2CBDB46BBB88CD588CD6FD915A99C8598F65702B7A0BC04880840E9C ] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe

17:24:07.0318 0x11f4  Acer Assist Launcher - detected UnsignedFile.Multi.Generic ( 1 )

17:24:09.0838 0x11f4  Detect skipped due to KSN trusted

17:24:09.0838 0x11f4  Acer Assist Launcher - ok

17:24:09.0974 0x11f4  [ 714C602C1B8CEF17E25C753F1BACF78D, E0B0DC548CA9DA7F3D0EEE9EDACC9058D5C845E8B03B841434EB1E03683A9B73 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

17:24:10.0004 0x11f4  AppleSyncNotifier - ok

17:24:10.0063 0x11f4  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

17:24:10.0083 0x11f4  APSDaemon - ok

17:24:10.0171 0x11f4  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe

17:24:10.0206 0x11f4  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )

17:24:13.0024 0x11f4  Detect skipped due to KSN trusted

17:24:13.0024 0x11f4  QuickTime Task - ok

17:24:13.0100 0x11f4  [ 3B5045DDD039FAB9782851BC486FD92B, 12C59F9E79EB37F26FE0805585EA6B0DAFB41FB8A4FAE972774BC8E3815A1673 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe

17:24:13.0125 0x11f4  iTunesHelper - ok

17:24:13.0263 0x11f4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

17:24:13.0365 0x11f4  Sidebar - ok

17:24:13.0410 0x11f4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

17:24:13.0468 0x11f4  mctadmin - ok

17:24:13.0563 0x11f4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

17:24:13.0641 0x11f4  Sidebar - ok

17:24:13.0662 0x11f4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

17:24:13.0705 0x11f4  mctadmin - ok

17:24:13.0874 0x11f4  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe

17:24:13.0992 0x11f4  Sidebar - ok

17:24:14.0182 0x11f4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Users\Sonny\AppData\Local\Google\Update\GoogleUpdate.exe

17:24:14.0236 0x11f4  Google Update - ok

17:24:14.0365 0x11f4  [ AC45CE93A426000DC0A5B8BC2491BF92, 3A094C40507C028ABAF23EF1BA81F1DCDB17CF733473EF42454668F3B2C6FCCE ] C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe

17:24:14.0434 0x11f4  Desktop Software - detected UnsignedFile.Multi.Generic ( 1 )

17:24:17.0224 0x11f4  Detect skipped due to KSN trusted

17:24:17.0224 0x11f4  Desktop Software - ok

17:24:17.0375 0x11f4  MobileDocuments - ok

17:24:17.0457 0x11f4  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

17:24:17.0477 0x11f4  swg - ok

17:24:17.0484 0x11f4  Waiting for KSN requests completion. In queue: 8

17:24:18.0484 0x11f4  Waiting for KSN requests completion. In queue: 8

17:24:19.0485 0x11f4  Waiting for KSN requests completion. In queue: 8

17:24:20.0535 0x11f4  AV detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\WSCStub.exe ( 21.5.0.0 ), 0x51000 ( enabled : updated )

17:24:20.0539 0x11f4  FW detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\WSCStub.exe ( 21.5.0.0 ), 0x51010 ( enabled )

17:24:23.0138 0x11f4  ============================================================

17:24:23.0138 0x11f4  Scan finished

17:24:23.0138 0x11f4  ============================================================

17:24:23.0187 0x10b8  Detected object count: 0

17:24:23.0187 0x10b8  Actual detected object count: 0


  • 0

Advertisements


#17
ThatOneDude

ThatOneDude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

Third and final log and final post (I promise):

 

aswMBR log:

 

18:19:32.685    OS Version: Windows x64 6.1.7601 Service Pack 1

18:19:32.685    Number of processors: 1 586 0x7C02

18:19:32.687    ComputerName: SONNY-PC  UserName: Sonny

18:19:34.648    Initialize success

18:19:34.983    VM: initialized successfully

18:19:34.988    VM: Amd CPU virtualization not supported 

18:23:07.777    AVAST engine defs: 14090502

18:23:24.745    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

18:23:24.749    Disk 0 Vendor: Hitachi_HTS545016B9A300 PBBOC60F Size: 152627MB BusType: 11

18:23:25.135    Disk 0 MBR read successfully

18:23:25.145    Disk 0 MBR scan

18:23:25.167    Disk 0 Windows 7 default MBR code

18:23:25.179    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        12291 MB offset 63

18:23:25.229    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          101 MB offset 25173855

18:23:25.235    Disk 0 Boot: NTFS     code=1

18:23:25.256    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       140232 MB offset 25382700

18:23:25.429    Disk 0 scanning C:\Windows\system32\drivers

18:23:41.259    Service scanning

18:23:47.821    Service BHDrvx64 C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140821.007\BHDrvx64.sys **LOCKED** 5

18:24:00.436    Service IDSVia64 C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140905.001\IDSvia64.sys **LOCKED** 5

18:24:07.635    Service NAVENG C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140905.007\ENG64.SYS **LOCKED** 5

18:24:07.968    Service NAVEX15 C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140905.007\EX64.SYS **LOCKED** 5

18:24:33.040    Modules scanning

18:24:33.052    Disk 0 trace - called modules:

18:24:33.084    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 

18:24:33.095    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80030a3060]

18:24:33.105    3 CLASSPNP.SYS[fffff8800161743f] -> nt!IofCallDriver -> [0xfffffa80030d2760]

18:24:33.117    5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800308e060]

18:24:33.987    AVAST engine scan C:\

23:18:07.166    Scan finished successfully

23:21:30.250    Disk 0 MBR has been saved successfully to "C:\Users\Sonny\Downloads\MBR.dat"

23:21:30.335    The log file has been saved successfully to "C:\Users\Sonny\Downloads\aswMBR.txt"

 

Sorry for spamming this forum but it was the only way for me to get it all on here (that second log was just soooooo long - was there supposed to be two logs for TDSSKiller?)


  • 0

#18
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi and sorry for the delay, I had a working Sunday filled with students' exams.
 
The TDSSKiller logs may be huge sometimes, no worries about using multiple posts. It's totally understandable.



FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.


  • 0

#19
ThatOneDude

ThatOneDude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

Here's the logs you requested:

 

FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Sonny (administrator) on SONNY-PC on 07-09-2014 23:19:24
Running from C:\Users\Sonny\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
(Dropbox, Inc.) C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\n360.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\n360.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-03] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-24] (Symantec Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157128 2009-07-27] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-07-31] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-08-04] (Acer Corp.)
HKLM-x32\...\Run: [Acer Assist Launcher] => C:\Program Files (x86)\Acer\Acer Assist\launcher.exe [1261568 2007-11-19] ()
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-09] (Microsoft Corporation)
HKU\S-1-5-21-383688522-2780381096-3143111068-1000\...\Run: [Google Update] => C:\Users\Sonny\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-11] (Google Inc.)
HKU\S-1-5-21-383688522-2780381096-3143111068-1000\...\Run: [Desktop Software] => C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe [1025320 2009-04-24] (SupportSoft, Inc.)
HKU\S-1-5-21-383688522-2780381096-3143111068-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-383688522-2780381096-3143111068-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-21] (Google Inc.)
HKU\S-1-5-21-383688522-2780381096-3143111068-1000\...\MountPoints2: {47977155-60c2-11e0-ac56-00262263e441} - E:\VZAccess_Manager.exe /z detect
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KE6D28~1.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll [88376 2013-07-24] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KE50FD~1.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll [81160 2013-07-24] (Zemana Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Fast Start.lnk
ShortcutTarget: SolidWorks 2014 Fast Start.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=17
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...44z145t48m2x239
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW
SearchScopes: HKCU - Comcast URL = http://search.xfinit...art_tech_search
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...1I7ACAW_enUS359
SearchScopes: HKCU - {8E707D6B-C02F-45F1-AD61-180F7CA67031} URL = https://search.yahoo...p={SearchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Constant Guard Protection Suite -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.14.425.1\NativeBHO.dll (WhiteSky)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Sonny\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Sonny\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-09-07]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2009-12-27]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-15]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\pdf.dll ()
CHR Plugin: (XFINITY Constant Guard Protection Suite Add-on) - C:\Program Files (x86)\Constant Guard Protection Suite\CHROME\plugin/IdVault.Chrome.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Profile: C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-28]
CHR Extension: (YouTube) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-26]
CHR Extension: (Google Search) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-26]
CHR Extension: (XFINITY Constant Guard Protection Suite) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\faknfdmfmhcmgphbfjhgmomfcihmocmp [2013-05-22]
CHR Extension: (SiteAdvisor) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2011-10-21]
CHR Extension: (Norton Identity Safe) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-12]
CHR Extension: (Google Wallet) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-26]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-08-11]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [156904 2014-07-28] (McAfee, Inc.)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\N360.exe [265040 2014-08-01] (Symantec Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-09-03] (SolidWorks) [File not signed]
S2 0122421407824551mcinstcleanup; C:\Windows\TEMP\012242~1.EXE -cleanup -nolog [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49752 2014-05-14] (Zemana Ltd.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-19] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140905.001\IDSvia64.sys [633560 2014-09-03] (Symantec Corporation)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25056 2013-07-24] (Zemana Ltd.)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140905.007\ENG64.SYS [129752 2014-09-04] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140905.007\EX64.SYS [2137304 2014-09-04] (Symantec Corporation)
S3 NWUSBModem; C:\Windows\System32\DRIVERS\nwusbmdm.sys [213120 2008-05-09] (Novatel Wireless Inc.)
S3 NWUSBPort; C:\Windows\System32\DRIVERS\nwusbser.sys [213120 2008-05-09] (Novatel Wireless Inc.)
S3 NWUSBPort2; C:\Windows\System32\DRIVERS\nwusbser2.sys [213120 2008-05-09] (Novatel Wireless Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-07-22] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-07-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-25] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-07-22] (Symantec Corporation)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-07 23:19 - 2014-09-07 23:19 - 00000000 ____D () C:\Users\Sonny\Downloads\FRST-OlderVersion
2014-09-05 23:21 - 2014-09-05 23:21 - 00002609 _____ () C:\Users\Sonny\Downloads\aswMBR.txt
2014-09-05 23:21 - 2014-09-05 23:21 - 00000512 _____ () C:\Users\Sonny\Downloads\MBR.dat
2014-09-05 18:19 - 2014-09-05 18:19 - 00013270 _____ () C:\Users\Sonny\Desktop\aswMBR - Shortcut.lnk
2014-09-05 18:16 - 2014-09-05 18:17 - 05185536 _____ (AVAST Software) C:\Users\Sonny\Downloads\aswMBR.exe
2014-09-05 16:56 - 2014-09-05 16:56 - 00013482 _____ () C:\Users\Sonny\Desktop\tdsskiller - Shortcut.lnk
2014-09-05 16:55 - 2014-09-05 16:55 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sonny\Downloads\tdsskiller.exe
2014-09-05 16:50 - 2014-09-05 16:50 - 00013560 _____ () C:\Users\Sonny\Desktop\adwcleaner_3.309 - Shortcut.lnk
2014-09-05 16:49 - 2014-09-05 16:49 - 00013342 _____ () C:\Users\Sonny\Desktop\FRST64 - Shortcut.lnk
2014-09-05 10:49 - 2014-09-05 10:50 - 00033748 _____ () C:\Users\Sonny\Downloads\Addition.txt
2014-09-05 10:44 - 2014-09-07 23:22 - 00024708 _____ () C:\Users\Sonny\Downloads\FRST.txt
2014-09-05 10:44 - 2014-09-07 23:19 - 00000000 ____D () C:\FRST
2014-09-05 10:41 - 2014-09-07 23:19 - 02105344 _____ (Farbar) C:\Users\Sonny\Downloads\FRST64.exe
2014-09-05 00:00 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-04 23:58 - 2014-09-05 00:23 - 00000000 ____D () C:\AdwCleaner
2014-09-04 23:57 - 2014-09-04 23:57 - 01370467 _____ () C:\Users\Sonny\Downloads\adwcleaner_3.309.exe
2014-09-04 17:12 - 2014-09-04 17:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-09-04 12:45 - 2014-09-04 12:45 - 00000017 _____ () C:\Users\Sonny\AppData\Local\resmon.resmoncfg
2014-09-03 17:11 - 2014-09-03 20:39 - 00000000 ____D () C:\Users\Sonny\Documents\SolidWorks Designs
2014-09-03 16:46 - 2014-09-04 21:51 - 00000000 ____D () C:\Users\Sonny\AppData\Local\TempSWBackupDirectory
2014-09-03 16:40 - 2014-09-04 14:46 - 00000000 ____D () C:\Users\Sonny\AppData\Local\SolidWorks
2014-09-03 16:17 - 2014-09-03 16:17 - 00002927 _____ () C:\Users\Public\Desktop\SolidWorks Composer Player 2014 - x64 Edition.lnk
2014-09-03 16:17 - 2014-09-03 16:17 - 00000000 ____D () C:\Users\Sonny\Documents\SolidWorksComposer
2014-09-03 16:15 - 2014-09-03 16:15 - 00002166 _____ () C:\Users\Public\Desktop\eDrawings 2014 x64 Edition.lnk
2014-09-03 16:15 - 2014-09-03 16:15 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\help_images_otherUI
2014-09-03 16:15 - 2014-09-03 16:15 - 00000000 _____ () C:\Windows\eDrawingOfficeAutomator.INI
2014-09-03 16:12 - 2014-09-03 16:12 - 00000000 ____D () C:\Users\Sonny\Documents\SolidWorks Visual Studio Tools for Applications
2014-09-03 16:11 - 2014-09-03 16:11 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\DassaultSystemes
2014-09-03 16:11 - 2014-09-03 16:11 - 00000000 ____D () C:\Users\Sonny\AppData\Local\DassaultSystemes
2014-09-03 16:11 - 2014-09-03 16:11 - 00000000 ____D () C:\ProgramData\DassaultSystemes
2014-09-03 15:59 - 2014-09-03 15:59 - 00002727 _____ () C:\Users\Public\Desktop\SolidWorks 2014 x64 Edition.lnk
2014-09-03 15:58 - 2014-09-03 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2014
2014-09-03 15:41 - 2014-09-03 16:16 - 00000000 ____D () C:\Program Files\SolidWorks Corp
2014-09-03 15:41 - 2014-09-03 15:56 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared
2014-09-03 15:41 - 2014-09-03 15:41 - 00000000 ____D () C:\ProgramData\SolidWorks
2014-09-03 15:41 - 2014-09-03 15:41 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-03 15:39 - 2014-09-03 15:39 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-09-03 15:37 - 2014-09-03 15:37 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-09-03 15:35 - 2014-09-03 15:35 - 00000000 ____D () C:\Users\Sonny\Documents\Visual Studio 2005
2014-09-03 15:35 - 2014-09-03 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2014-09-03 15:34 - 2014-09-03 15:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-03 15:33 - 2014-09-03 15:33 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-09-03 15:28 - 2014-09-03 16:45 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-09-03 14:33 - 2014-09-03 14:34 - 29474856 _____ () C:\Users\Sonny\Downloads\SolidWorksSetup (2).exe
2014-09-02 23:52 - 2014-09-03 16:11 - 00000000 ____D () C:\SolidWorks Data
2014-09-02 23:42 - 2014-09-02 23:43 - 29474856 _____ () C:\Users\Sonny\Downloads\SolidWorksSetup (1).exe
2014-09-02 23:38 - 2014-09-02 23:38 - 00000000 __SHD () C:\Users\Sonny\AppData\Local\EmieUserList
2014-09-02 23:38 - 2014-09-02 23:38 - 00000000 __SHD () C:\Users\Sonny\AppData\Local\EmieSiteList
2014-09-02 23:35 - 2014-09-02 23:36 - 29474856 _____ () C:\Users\Sonny\Downloads\SolidWorksSetup.exe
2014-09-02 23:12 - 2014-09-02 23:12 - 00003138 _____ () C:\Windows\System32\Tasks\{976FF976-582A-4807-89AC-C2573FEB44A7}
2014-09-02 22:48 - 2014-09-02 22:48 - 00000022 _____ () C:\Users\Sonny\Downloads\swdata99.id
2014-09-02 22:38 - 2014-09-03 16:40 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\SolidWorks
2014-09-02 22:38 - 2014-09-03 15:27 - 00000000 ____D () C:\Windows\SolidWorks
2014-09-02 22:38 - 2014-09-02 23:36 - 00000000 ____D () C:\Users\Sonny\Downloads\sldim
2014-08-27 14:54 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 14:54 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 14:54 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-18 18:06 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-18 18:06 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-18 18:06 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-18 18:06 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-18 18:05 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-18 18:05 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-18 18:05 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-18 18:05 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-18 18:05 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-18 18:05 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-18 18:04 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-18 18:04 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-18 18:04 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-18 18:04 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-14 16:10 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 16:10 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 16:10 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 16:10 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 16:10 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 16:10 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 16:09 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 16:09 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 16:00 - 2014-08-14 16:00 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-14 16:00 - 2014-08-14 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-14 15:58 - 2014-08-14 15:59 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-14 15:58 - 2014-08-14 15:59 - 00000000 ____D () C:\Program Files\iTunes
2014-08-14 15:58 - 2014-08-14 15:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-14 15:58 - 2014-08-14 15:58 - 00000000 ____D () C:\Program Files\iPod
2014-08-14 13:58 - 2014-06-03 03:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 13:58 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 13:58 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 13:58 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 13:58 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 13:58 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 13:58 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 13:57 - 2014-07-15 20:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 13:57 - 2014-07-15 19:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 13:56 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 13:56 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 13:56 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 13:56 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 13:56 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 13:56 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 13:56 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 13:56 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 13:56 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 13:56 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 13:56 - 2014-07-08 15:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 13:56 - 2014-07-08 15:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 13:56 - 2014-06-24 19:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 13:56 - 2014-06-24 18:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 13:56 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 13:55 - 2014-07-31 16:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 13:55 - 2014-07-31 16:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 13:55 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 13:55 - 2014-07-25 07:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 13:55 - 2014-07-25 07:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 13:55 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 13:55 - 2014-07-25 06:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 13:55 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 13:55 - 2014-07-25 06:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 13:55 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 13:55 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 13:55 - 2014-07-25 06:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 13:55 - 2014-07-25 06:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 13:55 - 2014-07-25 06:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 13:55 - 2014-07-25 06:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 13:55 - 2014-07-25 06:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 13:55 - 2014-07-25 06:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 13:55 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 13:55 - 2014-07-25 05:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 13:55 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 13:55 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 13:55 - 2014-07-25 05:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 13:55 - 2014-07-25 05:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 13:55 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 13:55 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 13:55 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 13:55 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 13:55 - 2014-07-25 05:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 13:55 - 2014-07-25 05:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 13:55 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 13:55 - 2014-07-25 05:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 13:55 - 2014-07-25 05:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 13:55 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 13:55 - 2014-07-25 05:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 13:55 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 13:55 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 13:55 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 13:55 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 13:55 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 13:55 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 13:55 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 13:55 - 2014-07-25 04:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 13:55 - 2014-07-25 04:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 13:55 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 13:55 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 13:55 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 13:55 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 13:55 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 13:55 - 2014-07-25 04:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 13:55 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 13:55 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 13:55 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 13:55 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 13:55 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 13:55 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 13:55 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 13:54 - 2014-08-06 19:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 13:54 - 2014-08-06 19:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 13:54 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 13:54 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 22:18 - 2014-08-12 22:18 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-08-11 22:30 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-11 22:30 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-11 22:20 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-11 22:20 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-11 22:20 - 2014-05-30 01:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-08-11 22:20 - 2014-05-30 01:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-11 22:20 - 2014-05-30 01:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-11 22:20 - 2014-05-30 01:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-11 22:20 - 2014-05-30 01:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-11 22:20 - 2014-05-30 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-11 22:20 - 2014-05-30 01:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-11 22:20 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-11 22:15 - 2014-06-05 07:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-11 22:15 - 2014-06-05 07:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-08-11 22:15 - 2014-06-05 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-07 23:22 - 2014-09-05 10:44 - 00024708 _____ () C:\Users\Sonny\Downloads\FRST.txt
2014-09-07 23:22 - 2011-08-30 15:35 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\ID Vault
2014-09-07 23:20 - 2009-10-10 10:09 - 01474439 _____ () C:\Windows\WindowsUpdate.log
2014-09-07 23:19 - 2014-09-07 23:19 - 00000000 ____D () C:\Users\Sonny\Downloads\FRST-OlderVersion
2014-09-07 23:19 - 2014-09-05 10:44 - 00000000 ____D () C:\FRST
2014-09-07 23:19 - 2014-09-05 10:41 - 02105344 _____ (Farbar) C:\Users\Sonny\Downloads\FRST64.exe
2014-09-07 23:14 - 2014-05-07 18:03 - 00000000 ___RD () C:\Users\Sonny\Dropbox
2014-09-07 23:14 - 2014-05-07 17:58 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\Dropbox
2014-09-07 23:11 - 2010-01-29 20:01 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-07 23:10 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-07 23:09 - 2009-07-13 21:51 - 00116805 _____ () C:\Windows\setupact.log
2014-09-06 14:11 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-06 14:11 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-06 14:04 - 2011-10-21 17:21 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-383688522-2780381096-3143111068-1000UA.job
2014-09-06 01:50 - 2012-05-30 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-06 01:37 - 2010-01-29 20:01 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-05 23:21 - 2014-09-05 23:21 - 00002609 _____ () C:\Users\Sonny\Downloads\aswMBR.txt
2014-09-05 23:21 - 2014-09-05 23:21 - 00000512 _____ () C:\Users\Sonny\Downloads\MBR.dat
2014-09-05 22:06 - 2011-08-30 15:34 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite
2014-09-05 18:19 - 2014-09-05 18:19 - 00013270 _____ () C:\Users\Sonny\Desktop\aswMBR - Shortcut.lnk
2014-09-05 18:17 - 2014-09-05 18:16 - 05185536 _____ (AVAST Software) C:\Users\Sonny\Downloads\aswMBR.exe
2014-09-05 17:18 - 2011-08-30 15:36 - 00000000 ____D () C:\Users\Sonny\AppData\Local\ID Vault
2014-09-05 17:03 - 2011-10-21 17:21 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-383688522-2780381096-3143111068-1000Core.job
2014-09-05 16:56 - 2014-09-05 16:56 - 00013482 _____ () C:\Users\Sonny\Desktop\tdsskiller - Shortcut.lnk
2014-09-05 16:55 - 2014-09-05 16:55 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sonny\Downloads\tdsskiller.exe
2014-09-05 16:50 - 2014-09-05 16:50 - 00013560 _____ () C:\Users\Sonny\Desktop\adwcleaner_3.309 - Shortcut.lnk
2014-09-05 16:49 - 2014-09-05 16:49 - 00013342 _____ () C:\Users\Sonny\Desktop\FRST64 - Shortcut.lnk
2014-09-05 10:50 - 2014-09-05 10:49 - 00033748 _____ () C:\Users\Sonny\Downloads\Addition.txt
2014-09-05 00:25 - 2009-08-21 19:31 - 01003388 _____ () C:\Windows\PFRO.log
2014-09-05 00:23 - 2014-09-04 23:58 - 00000000 ____D () C:\AdwCleaner
2014-09-04 23:57 - 2014-09-04 23:57 - 01370467 _____ () C:\Users\Sonny\Downloads\adwcleaner_3.309.exe
2014-09-04 21:51 - 2014-09-03 16:46 - 00000000 ____D () C:\Users\Sonny\AppData\Local\TempSWBackupDirectory
2014-09-04 17:12 - 2014-09-04 17:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-09-04 15:05 - 2011-10-21 17:23 - 00002368 _____ () C:\Users\Sonny\Desktop\Google Chrome.lnk
2014-09-04 14:46 - 2014-09-03 16:40 - 00000000 ____D () C:\Users\Sonny\AppData\Local\SolidWorks
2014-09-04 12:45 - 2014-09-04 12:45 - 00000017 _____ () C:\Users\Sonny\AppData\Local\resmon.resmoncfg
2014-09-03 20:39 - 2014-09-03 17:11 - 00000000 ____D () C:\Users\Sonny\Documents\SolidWorks Designs
2014-09-03 17:10 - 2009-07-13 22:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-03 16:45 - 2014-09-03 15:28 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-09-03 16:40 - 2014-09-02 22:38 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\SolidWorks
2014-09-03 16:30 - 2009-12-25 00:35 - 00092520 _____ () C:\Users\Sonny\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-03 16:27 - 2009-07-13 21:45 - 00361048 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-03 16:17 - 2014-09-03 16:17 - 00002927 _____ () C:\Users\Public\Desktop\SolidWorks Composer Player 2014 - x64 Edition.lnk
2014-09-03 16:17 - 2014-09-03 16:17 - 00000000 ____D () C:\Users\Sonny\Documents\SolidWorksComposer
2014-09-03 16:16 - 2014-09-03 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2014
2014-09-03 16:16 - 2014-09-03 15:41 - 00000000 ____D () C:\Program Files\SolidWorks Corp
2014-09-03 16:15 - 2014-09-03 16:15 - 00002166 _____ () C:\Users\Public\Desktop\eDrawings 2014 x64 Edition.lnk
2014-09-03 16:15 - 2014-09-03 16:15 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\help_images_otherUI
2014-09-03 16:15 - 2014-09-03 16:15 - 00000000 _____ () C:\Windows\eDrawingOfficeAutomator.INI
2014-09-03 16:12 - 2014-09-03 16:12 - 00000000 ____D () C:\Users\Sonny\Documents\SolidWorks Visual Studio Tools for Applications
2014-09-03 16:11 - 2014-09-03 16:11 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\DassaultSystemes
2014-09-03 16:11 - 2014-09-03 16:11 - 00000000 ____D () C:\Users\Sonny\AppData\Local\DassaultSystemes
2014-09-03 16:11 - 2014-09-03 16:11 - 00000000 ____D () C:\ProgramData\DassaultSystemes
2014-09-03 16:11 - 2014-09-02 23:52 - 00000000 ____D () C:\SolidWorks Data
2014-09-03 15:59 - 2014-09-03 15:59 - 00002727 _____ () C:\Users\Public\Desktop\SolidWorks 2014 x64 Edition.lnk
2014-09-03 15:56 - 2014-09-03 15:41 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared
2014-09-03 15:41 - 2014-09-03 15:41 - 00000000 ____D () C:\ProgramData\SolidWorks
2014-09-03 15:41 - 2014-09-03 15:41 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-03 15:39 - 2014-09-03 15:39 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-09-03 15:37 - 2014-09-03 15:37 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-09-03 15:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-03 15:35 - 2014-09-03 15:35 - 00000000 ____D () C:\Users\Sonny\Documents\Visual Studio 2005
2014-09-03 15:35 - 2014-09-03 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2014-09-03 15:35 - 2009-08-21 19:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-03 15:34 - 2014-09-03 15:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-03 15:34 - 2009-08-21 19:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-03 15:33 - 2014-09-03 15:33 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-09-03 15:27 - 2014-09-02 22:38 - 00000000 ____D () C:\Windows\SolidWorks
2014-09-03 14:34 - 2014-09-03 14:33 - 29474856 _____ () C:\Users\Sonny\Downloads\SolidWorksSetup (2).exe
2014-09-03 14:22 - 2014-05-14 14:40 - 00000000 ____D () C:\Users\Sonny\AppData\Local\NPE
2014-09-03 14:07 - 2014-05-14 14:46 - 00000000 ____D () C:\NPE
2014-09-02 23:43 - 2014-09-02 23:42 - 29474856 _____ () C:\Users\Sonny\Downloads\SolidWorksSetup (1).exe
2014-09-02 23:38 - 2014-09-02 23:38 - 00000000 __SHD () C:\Users\Sonny\AppData\Local\EmieUserList
2014-09-02 23:38 - 2014-09-02 23:38 - 00000000 __SHD () C:\Users\Sonny\AppData\Local\EmieSiteList
2014-09-02 23:38 - 2009-12-25 08:38 - 00000000 ____D () C:\Users\Sonny\AppData\Local\Google
2014-09-02 23:36 - 2014-09-02 23:35 - 29474856 _____ () C:\Users\Sonny\Downloads\SolidWorksSetup.exe
2014-09-02 23:36 - 2014-09-02 22:38 - 00000000 ____D () C:\Users\Sonny\Downloads\sldim
2014-09-02 23:16 - 2013-03-27 14:41 - 00000000 ____D () C:\Users\Sonny\AppData\Local\CrashDumps
2014-09-02 23:12 - 2014-09-02 23:12 - 00003138 _____ () C:\Windows\System32\Tasks\{976FF976-582A-4807-89AC-C2573FEB44A7}
2014-09-02 22:48 - 2014-09-02 22:48 - 00000022 _____ () C:\Users\Sonny\Downloads\swdata99.id
2014-09-01 18:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-08-22 19:07 - 2014-08-27 14:54 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 18:45 - 2014-08-27 14:54 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 17:59 - 2014-08-27 14:54 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-16 14:02 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 16:47 - 2013-08-15 17:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 16:26 - 2010-04-15 17:57 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 16:08 - 2014-04-30 02:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 16:00 - 2014-08-14 16:00 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-14 16:00 - 2014-08-14 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-14 15:59 - 2014-08-14 15:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-14 15:59 - 2014-08-14 15:58 - 00000000 ____D () C:\Program Files\iTunes
2014-08-14 15:59 - 2014-08-14 15:58 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-14 15:58 - 2014-08-14 15:58 - 00000000 ____D () C:\Program Files\iPod
2014-08-14 13:41 - 2014-05-07 18:03 - 00001021 _____ () C:\Users\Sonny\Desktop\Dropbox.lnk
2014-08-14 13:41 - 2014-05-07 18:02 - 00000946 _____ () C:\Windows\wininit.ini
2014-08-14 13:41 - 2014-05-07 18:01 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-12 22:18 - 2014-08-12 22:18 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-08-12 22:07 - 2011-08-30 16:05 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-08-12 22:05 - 2013-02-16 16:52 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-08-12 22:04 - 2013-12-15 15:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2014-08-12 22:04 - 2013-11-25 17:02 - 00002444 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2014-08-12 13:04 - 2009-07-14 00:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-12 13:04 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-12 13:04 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-11 23:54 - 2012-09-07 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-11 23:51 - 2012-09-07 18:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-11 23:51 - 2012-09-07 18:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
 
Some content of TEMP:
====================
C:\Users\Sonny\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiwij6t.dll
C:\Users\Sonny\AppData\Local\Temp\eject.exe
C:\Users\Sonny\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-28 13:30
 
==================== End Of Log ============================
 
Addition log:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by Sonny at 2014-09-07 23:24:25
Running from C:\Users\Sonny\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.6821 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.6821 - CyberLink Corp.) Hidden
Acer Assist (HKLM-x32\...\Acer Assist) (Version:  - Acer Incorporated)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3002 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3002 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.02.0804 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
AMD USB Filter Driver (x32 Version: 1.0.11.86 - Advanced Micro Devices, Inc.) Hidden
AntiLogger SDK version 1.7.6.367 (HKLM-x32\...\{4D46DE30-49FE-4043-99F7-D7E8C06175E0}_is1) (Version: 1.7.6.367 - Zemana Ltd.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{ACCA82EB-7088-919E-5E1C-100A24F11CCF}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2227.38498 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help English (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help French (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help German (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
ccc-utility64 (Version: 2009.0729.2227.38498 - ATI) Hidden
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Comcast Desktop Software (v1.2.1) (HKLM-x32\...\{118C3943-1683-42EF-824D-C22E70DB42E7}) (Version: 24 - Comcast)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Constant Guard Protection Suite (HKLM-x32\...\ID Vault) (Version: 1.14.425.1 - Comcast)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{AAF89271-2594-468D-B578-96B2E30C41C4}) (Version: 2.1.0703 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.00 - Acer Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.3.1.133 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.125 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (Version: 8.0.52572 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (x32 Version: 8.0.50727.146 - Microsoft Corporation) Hidden
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Mobile Broadband Generic Drivers (HKLM-x32\...\{68CC54AC-EFE5-4CE4-81F8-BE0C834E2D86}) (Version: 2.02.07.002.14 - Novatel Wireless)
MobileMe Control Panel (HKLM\...\{41BC9E31-0D39-462E-8E4C-767B21A3B1C3}) (Version: 3.1.8.0 - Apple Inc.)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.5.0.19 - Symantec Corporation)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6619 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30102 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
SolidWorks 2014 x64 Edition SP02 (HKLM-x32\...\SolidWorks Installation Manager 20140-40200-1100-100) (Version: 22.2.0.40 - SolidWorks Corporation)
SolidWorks 2014 x64 Edition SP02 (Version: 22.120.40 - SolidWorks) Hidden
SolidWorks Composer Player 2014 SP02 x64 Edition (Version: 22.20.40 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2014 x64 Edition SP02 (Version: 14.2.116 - Dassault Systèmes SolidWorks Corp) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
VZAccess Manager for Novatel (HKLM-x32\...\{7BA20EF6-AE4E-4408-B083-7AE999E92D73}) (Version: 6.9.8 - Smith Micro Software Inc.)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
19-08-2014 01:03:18 Windows Update
28-08-2014 06:37:36 Windows Update
04-09-2014 04:13:13 Windows Update
05-09-2014 00:01:02 Windows Update
05-09-2014 08:07:10 Windows Update
05-09-2014 19:13:25 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {14B84488-B2F1-4B69-B653-DA4136DBFD6C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-29] (Google Inc.)
Task: {1698A3FD-FC85-4E31-AAAE-2EFEC5271187} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {3E6D0158-C8C2-468C-96FE-A508F5F16C75} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-383688522-2780381096-3143111068-1000UA => C:\Users\Sonny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11] (Google Inc.)
Task: {49B5A363-AFDA-4361-ABE8-61995D73FC13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {4A245D42-A8F1-4B58-865E-404D23EDD77D} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {7C2CAD7A-6E22-4C36-854E-45ABA89BB266} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {970AEBAC-79E0-48C5-82EC-97D494179770} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-29] (Google Inc.)
Task: {A8281614-F2C5-4125-80C1-7A5C3CDC1ED3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C268157C-278D-4AB0-82C6-76C0DD1D10DA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-383688522-2780381096-3143111068-1000Core => C:\Users\Sonny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11] (Google Inc.)
Task: {F10881BD-7203-4032-88C9-E927FDCB88E2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\WSCStub.exe [2014-07-31] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-383688522-2780381096-3143111068-1000Core.job => C:\Users\Sonny\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-383688522-2780381096-3143111068-1000UA.job => C:\Users\Sonny\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-01-11 20:06 - 2014-01-11 20:06 - 00276008 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sldBodyDiffu.dll
2009-07-07 14:09 - 2009-07-07 14:09 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-10-10 10:11 - 2009-10-10 10:11 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-28 13:32 - 2014-04-28 13:32 - 00549272 _____ () C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.DLL
2014-09-07 23:12 - 2014-09-07 23:12 - 00043008 _____ () c:\users\sonny\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiwij6t.dll
2013-08-23 12:01 - 2013-08-23 12:01 - 25100288 _____ () C:\Users\Sonny\AppData\Roaming\Dropbox\bin\libcef.dll
2014-09-04 15:01 - 2014-08-29 19:49 - 01098056 _____ () C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-04 15:01 - 2014-08-29 19:49 - 00174408 _____ () C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-04 15:01 - 2014-08-29 19:49 - 08577864 _____ () C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-04 15:02 - 2014-08-29 19:49 - 00331592 _____ () C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-04 15:01 - 2014-08-29 19:49 - 01660232 _____ () C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\71363785.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\71363785.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/04/2014 05:01:32 PM) (Source: IDVault) (EventID: 0) (User: )
Description: SessionChange Error No process is associated with this object.
 
Error: (09/04/2014 00:39:38 PM) (Source: SendoriService) (EventID: 99) (User: )
Description: In the enable methodObject reference not set to an instance of an object.
 
Error: (09/02/2014 11:16:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sldadminoptioneditor.exe, version: 22.2.0.40, time stamp: 0x52d1519e
Faulting module name: sldadminoptioneditor.exe, version: 22.2.0.40, time stamp: 0x52d1519e
Exception code: 0xc0000005
Fault offset: 0x00044408
Faulting process id: 0x160
Faulting application start time: 0xsldadminoptioneditor.exe0
Faulting application path: sldadminoptioneditor.exe1
Faulting module path: sldadminoptioneditor.exe2
Report Id: sldadminoptioneditor.exe3
 
Error: (09/01/2014 07:29:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3728533
 
Error: (09/01/2014 07:29:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3728533
 
Error: (09/01/2014 07:29:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/01/2014 07:29:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3726178
 
Error: (09/01/2014 07:29:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3726178
 
Error: (09/01/2014 07:29:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/01/2014 07:29:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3725117
 
 
System errors:
=============
Error: (09/07/2014 11:13:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (09/07/2014 11:11:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
%%1053
 
Error: (09/07/2014 11:11:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Error: (09/07/2014 11:09:22 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
 
Error: (09/07/2014 11:09:22 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
 
Error: (09/06/2014 02:03:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (09/06/2014 02:01:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
%%1053
 
Error: (09/06/2014 02:01:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Error: (09/06/2014 01:59:38 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
 
Error: (09/06/2014 01:59:38 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-28 16:30:37.206
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-28 16:30:36.847
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ Processor TF-20
Percentage of memory in use: 57%
Total physical RAM: 2812.05 MB
Available physical RAM: 1205.3 MB
Total Pagefile: 5622.28 MB
Available Pagefile: 3499.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:136.95 GB) (Free:68.55 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 863055F0)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=136.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#20
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

I don't see anything bad now here. Can you tell me what issues persist?


  • 0

#21
ThatOneDude

ThatOneDude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

i don't think i see any more issues. I suppose that I just misinterpreted what Norton quick scan was doing - checking for, not scanning, those viruses - and then overreacted to what I thought I saw. Turns out that the only thing wrong with my computer was the adware from Sendori which was mostly removed with what I did before I read your first message.

 

My computer seems to be running faster than before (I will have to check other websites to make sure - you told me not to use the internet much except to go to this website, and I haven't been using it for anything except to follow your instructions and go to this website) so i think I can say that I'm not experiencing any issues anymore. Thanks for helping a computer noob like me Naat!  :spoton:

 

Btw, if I was financially stable right now, I would donate to you right now, but I don't have much money to my name nor a credit card/pay pal or whatever it is you use for your donations, so my apologies.

 

Thanks again!


  • 0

#22
ThatOneDude

ThatOneDude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

I did a bit of researching on the web and I think I might have a bit more adware (AdChoices I think) if you would like to help me out there that would be appreciated thanks.


  • 0

#23
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

I did a bit of researching on the web and I think I might have a bit more adware (AdChoices I think)

What makes you think that?
 
But of course I will take a fresh look on your logs and see if I can dig something there:



FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
  • 0

#24
ThatOneDude

ThatOneDude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

The reason why I believe this is because I have noticed that on certain websites (such as my email list and this websites home page) i get advertisement that are by AdChoices. Curious just to make sure I didn't have more adware I researched it and found out that it is adware similar to Sendori except appearing more like regular advertisements.it doesn't seem to cause as much lag to my computer as Sendori did before that got removed, but still, something that is designed to gather info on me and give it to third parties isn't exactly comforting to have on my computer. Thanks for continuing to help me with my issues Naat.

Btw before I post the logs, I began to use the internet again on my computer in order to do my homework for a class, is that alright? A specific class requires me to be on the internet to read the textbook the teacher wrote.

 

Anyway here's the logs:

 

FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Sonny (administrator) on SONNY-PC on 08-09-2014 23:30:49
Running from C:\Users\Sonny\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
(Dropbox, Inc.) C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\n360.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\n360.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sonny\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-03] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-24] (Symantec Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157128 2009-07-27] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-07-31] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-08-04] (Acer Corp.)
HKLM-x32\...\Run: [Acer Assist Launcher] => C:\Program Files (x86)\Acer\Acer Assist\launcher.exe [1261568 2007-11-19] ()
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-09] (Microsoft Corporation)
HKU\S-1-5-21-383688522-2780381096-3143111068-1000\...\Run: [Google Update] => C:\Users\Sonny\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-11] (Google Inc.)
HKU\S-1-5-21-383688522-2780381096-3143111068-1000\...\Run: [Desktop Software] => C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe [1025320 2009-04-24] (SupportSoft, Inc.)
HKU\S-1-5-21-383688522-2780381096-3143111068-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-383688522-2780381096-3143111068-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-21] (Google Inc.)
HKU\S-1-5-21-383688522-2780381096-3143111068-1000\...\MountPoints2: {47977155-60c2-11e0-ac56-00262263e441} - E:\VZAccess_Manager.exe /z detect
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KE6D28~1.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll [88376 2013-07-24] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KE50FD~1.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll [81160 2013-07-24] (Zemana Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Fast Start.lnk
ShortcutTarget: SolidWorks 2014 Fast Start.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=17
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...44z145t48m2x239
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW
SearchScopes: HKCU - Comcast URL = http://search.xfinit...art_tech_search
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...1I7ACAW_enUS359
SearchScopes: HKCU - {8E707D6B-C02F-45F1-AD61-180F7CA67031} URL = https://search.yahoo...p={SearchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Constant Guard Protection Suite -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.14.425.1\NativeBHO.dll (WhiteSky)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Sonny\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Sonny\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-09-08]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2009-12-27]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-15]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\pdf.dll ()
CHR Plugin: (XFINITY Constant Guard Protection Suite Add-on) - C:\Program Files (x86)\Constant Guard Protection Suite\CHROME\plugin/IdVault.Chrome.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Profile: C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-28]
CHR Extension: (YouTube) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-26]
CHR Extension: (Google Search) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-26]
CHR Extension: (XFINITY Constant Guard Protection Suite) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\faknfdmfmhcmgphbfjhgmomfcihmocmp [2013-05-22]
CHR Extension: (SiteAdvisor) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2011-10-21]
CHR Extension: (Norton Identity Safe) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-12]
CHR Extension: (Google Wallet) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-26]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-08-11]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [156904 2014-07-28] (McAfee, Inc.)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\N360.exe [265040 2014-08-01] (Symantec Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-09-03] (SolidWorks) [File not signed]
S2 0122421407824551mcinstcleanup; C:\Windows\TEMP\012242~1.EXE -cleanup -nolog [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49752 2014-05-14] (Zemana Ltd.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-19] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140907.003\IDSvia64.sys [633560 2014-09-03] (Symantec Corporation)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25056 2013-07-24] (Zemana Ltd.)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140908.002\ENG64.SYS [129752 2014-09-04] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140908.002\EX64.SYS [2137304 2014-09-04] (Symantec Corporation)
S3 NWUSBModem; C:\Windows\System32\DRIVERS\nwusbmdm.sys [213120 2008-05-09] (Novatel Wireless Inc.)
S3 NWUSBPort; C:\Windows\System32\DRIVERS\nwusbser.sys [213120 2008-05-09] (Novatel Wireless Inc.)
S3 NWUSBPort2; C:\Windows\System32\DRIVERS\nwusbser2.sys [213120 2008-05-09] (Novatel Wireless Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-07-22] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-07-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-25] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-07-22] (Symantec Corporation)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-07 23:19 - 2014-09-07 23:19 - 00000000 ____D () C:\Users\Sonny\Downloads\FRST-OlderVersion
2014-09-05 23:21 - 2014-09-05 23:21 - 00002609 _____ () C:\Users\Sonny\Downloads\aswMBR.txt
2014-09-05 23:21 - 2014-09-05 23:21 - 00000512 _____ () C:\Users\Sonny\Downloads\MBR.dat
2014-09-05 18:19 - 2014-09-05 18:19 - 00013270 _____ () C:\Users\Sonny\Desktop\aswMBR - Shortcut.lnk
2014-09-05 18:16 - 2014-09-05 18:17 - 05185536 _____ (AVAST Software) C:\Users\Sonny\Downloads\aswMBR.exe
2014-09-05 16:56 - 2014-09-05 16:56 - 00013482 _____ () C:\Users\Sonny\Desktop\tdsskiller - Shortcut.lnk
2014-09-05 16:55 - 2014-09-05 16:55 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sonny\Downloads\tdsskiller.exe
2014-09-05 16:50 - 2014-09-05 16:50 - 00013560 _____ () C:\Users\Sonny\Desktop\adwcleaner_3.309 - Shortcut.lnk
2014-09-05 16:49 - 2014-09-05 16:49 - 00013342 _____ () C:\Users\Sonny\Desktop\FRST64 - Shortcut.lnk
2014-09-05 10:49 - 2014-09-07 23:25 - 00033915 _____ () C:\Users\Sonny\Downloads\Addition.txt
2014-09-05 10:44 - 2014-09-08 23:32 - 00025329 _____ () C:\Users\Sonny\Downloads\FRST.txt
2014-09-05 10:44 - 2014-09-08 23:30 - 00000000 ____D () C:\FRST
2014-09-05 10:41 - 2014-09-07 23:19 - 02105344 _____ (Farbar) C:\Users\Sonny\Downloads\FRST64.exe
2014-09-05 00:00 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-04 23:58 - 2014-09-05 00:23 - 00000000 ____D () C:\AdwCleaner
2014-09-04 23:57 - 2014-09-04 23:57 - 01370467 _____ () C:\Users\Sonny\Downloads\adwcleaner_3.309.exe
2014-09-04 17:12 - 2014-09-04 17:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-09-04 12:45 - 2014-09-04 12:45 - 00000017 _____ () C:\Users\Sonny\AppData\Local\resmon.resmoncfg
2014-09-03 17:11 - 2014-09-03 20:39 - 00000000 ____D () C:\Users\Sonny\Documents\SolidWorks Designs
2014-09-03 16:46 - 2014-09-04 21:51 - 00000000 ____D () C:\Users\Sonny\AppData\Local\TempSWBackupDirectory
2014-09-03 16:40 - 2014-09-04 14:46 - 00000000 ____D () C:\Users\Sonny\AppData\Local\SolidWorks
2014-09-03 16:17 - 2014-09-03 16:17 - 00002927 _____ () C:\Users\Public\Desktop\SolidWorks Composer Player 2014 - x64 Edition.lnk
2014-09-03 16:17 - 2014-09-03 16:17 - 00000000 ____D () C:\Users\Sonny\Documents\SolidWorksComposer
2014-09-03 16:15 - 2014-09-03 16:15 - 00002166 _____ () C:\Users\Public\Desktop\eDrawings 2014 x64 Edition.lnk
2014-09-03 16:15 - 2014-09-03 16:15 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\help_images_otherUI
2014-09-03 16:15 - 2014-09-03 16:15 - 00000000 _____ () C:\Windows\eDrawingOfficeAutomator.INI
2014-09-03 16:12 - 2014-09-03 16:12 - 00000000 ____D () C:\Users\Sonny\Documents\SolidWorks Visual Studio Tools for Applications
2014-09-03 16:11 - 2014-09-03 16:11 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\DassaultSystemes
2014-09-03 16:11 - 2014-09-03 16:11 - 00000000 ____D () C:\Users\Sonny\AppData\Local\DassaultSystemes
2014-09-03 16:11 - 2014-09-03 16:11 - 00000000 ____D () C:\ProgramData\DassaultSystemes
2014-09-03 15:59 - 2014-09-03 15:59 - 00002727 _____ () C:\Users\Public\Desktop\SolidWorks 2014 x64 Edition.lnk
2014-09-03 15:58 - 2014-09-03 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2014
2014-09-03 15:41 - 2014-09-03 16:16 - 00000000 ____D () C:\Program Files\SolidWorks Corp
2014-09-03 15:41 - 2014-09-03 15:56 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared
2014-09-03 15:41 - 2014-09-03 15:41 - 00000000 ____D () C:\ProgramData\SolidWorks
2014-09-03 15:41 - 2014-09-03 15:41 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-03 15:39 - 2014-09-03 15:39 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-09-03 15:37 - 2014-09-03 15:37 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-09-03 15:35 - 2014-09-03 15:35 - 00000000 ____D () C:\Users\Sonny\Documents\Visual Studio 2005
2014-09-03 15:35 - 2014-09-03 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2014-09-03 15:34 - 2014-09-03 15:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-03 15:33 - 2014-09-03 15:33 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-09-03 15:28 - 2014-09-03 16:45 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-09-03 14:33 - 2014-09-03 14:34 - 29474856 _____ () C:\Users\Sonny\Downloads\SolidWorksSetup (2).exe
2014-09-02 23:52 - 2014-09-03 16:11 - 00000000 ____D () C:\SolidWorks Data
2014-09-02 23:42 - 2014-09-02 23:43 - 29474856 _____ () C:\Users\Sonny\Downloads\SolidWorksSetup (1).exe
2014-09-02 23:38 - 2014-09-02 23:38 - 00000000 __SHD () C:\Users\Sonny\AppData\Local\EmieUserList
2014-09-02 23:38 - 2014-09-02 23:38 - 00000000 __SHD () C:\Users\Sonny\AppData\Local\EmieSiteList
2014-09-02 23:35 - 2014-09-02 23:36 - 29474856 _____ () C:\Users\Sonny\Downloads\SolidWorksSetup.exe
2014-09-02 23:12 - 2014-09-02 23:12 - 00003138 _____ () C:\Windows\System32\Tasks\{976FF976-582A-4807-89AC-C2573FEB44A7}
2014-09-02 22:48 - 2014-09-02 22:48 - 00000022 _____ () C:\Users\Sonny\Downloads\swdata99.id
2014-09-02 22:38 - 2014-09-03 16:40 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\SolidWorks
2014-09-02 22:38 - 2014-09-03 15:27 - 00000000 ____D () C:\Windows\SolidWorks
2014-09-02 22:38 - 2014-09-02 23:36 - 00000000 ____D () C:\Users\Sonny\Downloads\sldim
2014-08-27 14:54 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 14:54 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 14:54 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-18 18:06 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-18 18:06 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-18 18:06 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-18 18:06 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-18 18:05 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-18 18:05 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-18 18:05 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-18 18:05 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-18 18:05 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-18 18:05 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-18 18:04 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-18 18:04 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-18 18:04 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-18 18:04 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-14 16:10 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 16:10 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 16:10 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 16:10 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 16:10 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 16:10 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 16:09 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 16:09 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 16:00 - 2014-08-14 16:00 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-14 16:00 - 2014-08-14 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-14 15:58 - 2014-08-14 15:59 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-14 15:58 - 2014-08-14 15:59 - 00000000 ____D () C:\Program Files\iTunes
2014-08-14 15:58 - 2014-08-14 15:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-14 15:58 - 2014-08-14 15:58 - 00000000 ____D () C:\Program Files\iPod
2014-08-14 13:58 - 2014-06-03 03:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 13:58 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 13:58 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 13:58 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 13:58 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 13:58 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 13:58 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 13:57 - 2014-07-15 20:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 13:57 - 2014-07-15 19:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 13:56 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 13:56 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 13:56 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 13:56 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 13:56 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 13:56 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 13:56 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 13:56 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 13:56 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 13:56 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 13:56 - 2014-07-08 15:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 13:56 - 2014-07-08 15:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 13:56 - 2014-06-24 19:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 13:56 - 2014-06-24 18:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 13:56 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 13:55 - 2014-07-31 16:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 13:55 - 2014-07-31 16:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 13:55 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 13:55 - 2014-07-25 07:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 13:55 - 2014-07-25 07:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 13:55 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 13:55 - 2014-07-25 06:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 13:55 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 13:55 - 2014-07-25 06:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 13:55 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 13:55 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 13:55 - 2014-07-25 06:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 13:55 - 2014-07-25 06:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 13:55 - 2014-07-25 06:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 13:55 - 2014-07-25 06:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 13:55 - 2014-07-25 06:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 13:55 - 2014-07-25 06:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 13:55 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 13:55 - 2014-07-25 05:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 13:55 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 13:55 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 13:55 - 2014-07-25 05:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 13:55 - 2014-07-25 05:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 13:55 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 13:55 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 13:55 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 13:55 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 13:55 - 2014-07-25 05:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 13:55 - 2014-07-25 05:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 13:55 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 13:55 - 2014-07-25 05:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 13:55 - 2014-07-25 05:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 13:55 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 13:55 - 2014-07-25 05:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 13:55 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 13:55 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 13:55 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 13:55 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 13:55 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 13:55 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 13:55 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 13:55 - 2014-07-25 04:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 13:55 - 2014-07-25 04:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 13:55 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 13:55 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 13:55 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 13:55 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 13:55 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 13:55 - 2014-07-25 04:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 13:55 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 13:55 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 13:55 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 13:55 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 13:55 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 13:55 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 13:55 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 13:54 - 2014-08-06 19:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 13:54 - 2014-08-06 19:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 13:54 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 13:54 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 22:18 - 2014-08-12 22:18 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-08-11 22:30 - 2014-06-06 03:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-11 22:30 - 2014-06-06 02:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-11 22:20 - 2014-06-17 19:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-11 22:20 - 2014-06-17 18:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-11 22:20 - 2014-05-30 01:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-08-11 22:20 - 2014-05-30 01:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-11 22:20 - 2014-05-30 01:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-11 22:20 - 2014-05-30 01:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-11 22:20 - 2014-05-30 01:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-11 22:20 - 2014-05-30 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-11 22:20 - 2014-05-30 01:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-11 22:20 - 2014-05-30 00:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-11 22:20 - 2014-05-29 23:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-11 22:15 - 2014-06-05 07:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-11 22:15 - 2014-06-05 07:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-08-11 22:15 - 2014-06-05 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-08 23:32 - 2014-09-05 10:44 - 00025329 _____ () C:\Users\Sonny\Downloads\FRST.txt
2014-09-08 23:30 - 2014-09-05 10:44 - 00000000 ____D () C:\FRST
2014-09-08 23:18 - 2009-10-10 10:09 - 01496938 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 23:04 - 2011-10-21 17:21 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-383688522-2780381096-3143111068-1000UA.job
2014-09-08 22:50 - 2012-05-30 21:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-08 22:37 - 2010-01-29 20:01 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-08 19:40 - 2011-08-30 15:34 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite
2014-09-08 17:53 - 2011-08-30 15:35 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\ID Vault
2014-09-08 17:03 - 2011-10-21 17:21 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-383688522-2780381096-3143111068-1000Core.job
2014-09-08 17:01 - 2009-07-13 21:51 - 00116917 _____ () C:\Windows\setupact.log
2014-09-08 16:13 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 16:13 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 16:03 - 2014-05-07 18:03 - 00000000 ___RD () C:\Users\Sonny\Dropbox
2014-09-08 16:03 - 2014-05-07 17:58 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\Dropbox
2014-09-08 16:00 - 2010-01-29 20:01 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-08 15:58 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-07 23:25 - 2014-09-05 10:49 - 00033915 _____ () C:\Users\Sonny\Downloads\Addition.txt
2014-09-07 23:19 - 2014-09-07 23:19 - 00000000 ____D () C:\Users\Sonny\Downloads\FRST-OlderVersion
2014-09-07 23:19 - 2014-09-05 10:41 - 02105344 _____ (Farbar) C:\Users\Sonny\Downloads\FRST64.exe
2014-09-05 23:21 - 2014-09-05 23:21 - 00002609 _____ () C:\Users\Sonny\Downloads\aswMBR.txt
2014-09-05 23:21 - 2014-09-05 23:21 - 00000512 _____ () C:\Users\Sonny\Downloads\MBR.dat
2014-09-05 18:19 - 2014-09-05 18:19 - 00013270 _____ () C:\Users\Sonny\Desktop\aswMBR - Shortcut.lnk
2014-09-05 18:17 - 2014-09-05 18:16 - 05185536 _____ (AVAST Software) C:\Users\Sonny\Downloads\aswMBR.exe
2014-09-05 17:18 - 2011-08-30 15:36 - 00000000 ____D () C:\Users\Sonny\AppData\Local\ID Vault
2014-09-05 16:56 - 2014-09-05 16:56 - 00013482 _____ () C:\Users\Sonny\Desktop\tdsskiller - Shortcut.lnk
2014-09-05 16:55 - 2014-09-05 16:55 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sonny\Downloads\tdsskiller.exe
2014-09-05 16:50 - 2014-09-05 16:50 - 00013560 _____ () C:\Users\Sonny\Desktop\adwcleaner_3.309 - Shortcut.lnk
2014-09-05 16:49 - 2014-09-05 16:49 - 00013342 _____ () C:\Users\Sonny\Desktop\FRST64 - Shortcut.lnk
2014-09-05 00:25 - 2009-08-21 19:31 - 01003388 _____ () C:\Windows\PFRO.log
2014-09-05 00:23 - 2014-09-04 23:58 - 00000000 ____D () C:\AdwCleaner
2014-09-04 23:57 - 2014-09-04 23:57 - 01370467 _____ () C:\Users\Sonny\Downloads\adwcleaner_3.309.exe
2014-09-04 21:51 - 2014-09-03 16:46 - 00000000 ____D () C:\Users\Sonny\AppData\Local\TempSWBackupDirectory
2014-09-04 17:12 - 2014-09-04 17:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-09-04 15:05 - 2011-10-21 17:23 - 00002368 _____ () C:\Users\Sonny\Desktop\Google Chrome.lnk
2014-09-04 14:46 - 2014-09-03 16:40 - 00000000 ____D () C:\Users\Sonny\AppData\Local\SolidWorks
2014-09-04 12:45 - 2014-09-04 12:45 - 00000017 _____ () C:\Users\Sonny\AppData\Local\resmon.resmoncfg
2014-09-03 20:39 - 2014-09-03 17:11 - 00000000 ____D () C:\Users\Sonny\Documents\SolidWorks Designs
2014-09-03 17:10 - 2009-07-13 22:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-03 16:45 - 2014-09-03 15:28 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-09-03 16:40 - 2014-09-02 22:38 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\SolidWorks
2014-09-03 16:30 - 2009-12-25 00:35 - 00092520 _____ () C:\Users\Sonny\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-03 16:27 - 2009-07-13 21:45 - 00361048 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-03 16:17 - 2014-09-03 16:17 - 00002927 _____ () C:\Users\Public\Desktop\SolidWorks Composer Player 2014 - x64 Edition.lnk
2014-09-03 16:17 - 2014-09-03 16:17 - 00000000 ____D () C:\Users\Sonny\Documents\SolidWorksComposer
2014-09-03 16:16 - 2014-09-03 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2014
2014-09-03 16:16 - 2014-09-03 15:41 - 00000000 ____D () C:\Program Files\SolidWorks Corp
2014-09-03 16:15 - 2014-09-03 16:15 - 00002166 _____ () C:\Users\Public\Desktop\eDrawings 2014 x64 Edition.lnk
2014-09-03 16:15 - 2014-09-03 16:15 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\help_images_otherUI
2014-09-03 16:15 - 2014-09-03 16:15 - 00000000 _____ () C:\Windows\eDrawingOfficeAutomator.INI
2014-09-03 16:12 - 2014-09-03 16:12 - 00000000 ____D () C:\Users\Sonny\Documents\SolidWorks Visual Studio Tools for Applications
2014-09-03 16:11 - 2014-09-03 16:11 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\DassaultSystemes
2014-09-03 16:11 - 2014-09-03 16:11 - 00000000 ____D () C:\Users\Sonny\AppData\Local\DassaultSystemes
2014-09-03 16:11 - 2014-09-03 16:11 - 00000000 ____D () C:\ProgramData\DassaultSystemes
2014-09-03 16:11 - 2014-09-02 23:52 - 00000000 ____D () C:\SolidWorks Data
2014-09-03 15:59 - 2014-09-03 15:59 - 00002727 _____ () C:\Users\Public\Desktop\SolidWorks 2014 x64 Edition.lnk
2014-09-03 15:56 - 2014-09-03 15:41 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared
2014-09-03 15:41 - 2014-09-03 15:41 - 00000000 ____D () C:\ProgramData\SolidWorks
2014-09-03 15:41 - 2014-09-03 15:41 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-03 15:39 - 2014-09-03 15:39 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-09-03 15:37 - 2014-09-03 15:37 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-09-03 15:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-03 15:35 - 2014-09-03 15:35 - 00000000 ____D () C:\Users\Sonny\Documents\Visual Studio 2005
2014-09-03 15:35 - 2014-09-03 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2014-09-03 15:35 - 2009-08-21 19:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-03 15:34 - 2014-09-03 15:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-03 15:34 - 2009-08-21 19:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-03 15:33 - 2014-09-03 15:33 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-09-03 15:27 - 2014-09-02 22:38 - 00000000 ____D () C:\Windows\SolidWorks
2014-09-03 14:34 - 2014-09-03 14:33 - 29474856 _____ () C:\Users\Sonny\Downloads\SolidWorksSetup (2).exe
2014-09-03 14:22 - 2014-05-14 14:40 - 00000000 ____D () C:\Users\Sonny\AppData\Local\NPE
2014-09-03 14:07 - 2014-05-14 14:46 - 00000000 ____D () C:\NPE
2014-09-02 23:43 - 2014-09-02 23:42 - 29474856 _____ () C:\Users\Sonny\Downloads\SolidWorksSetup (1).exe
2014-09-02 23:38 - 2014-09-02 23:38 - 00000000 __SHD () C:\Users\Sonny\AppData\Local\EmieUserList
2014-09-02 23:38 - 2014-09-02 23:38 - 00000000 __SHD () C:\Users\Sonny\AppData\Local\EmieSiteList
2014-09-02 23:38 - 2009-12-25 08:38 - 00000000 ____D () C:\Users\Sonny\AppData\Local\Google
2014-09-02 23:36 - 2014-09-02 23:35 - 29474856 _____ () C:\Users\Sonny\Downloads\SolidWorksSetup.exe
2014-09-02 23:36 - 2014-09-02 22:38 - 00000000 ____D () C:\Users\Sonny\Downloads\sldim
2014-09-02 23:16 - 2013-03-27 14:41 - 00000000 ____D () C:\Users\Sonny\AppData\Local\CrashDumps
2014-09-02 23:12 - 2014-09-02 23:12 - 00003138 _____ () C:\Windows\System32\Tasks\{976FF976-582A-4807-89AC-C2573FEB44A7}
2014-09-02 22:48 - 2014-09-02 22:48 - 00000022 _____ () C:\Users\Sonny\Downloads\swdata99.id
2014-09-01 18:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-08-22 19:07 - 2014-08-27 14:54 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 18:45 - 2014-08-27 14:54 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 17:59 - 2014-08-27 14:54 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-16 14:02 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 16:47 - 2013-08-15 17:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 16:26 - 2010-04-15 17:57 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 16:08 - 2014-04-30 02:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 16:00 - 2014-08-14 16:00 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-14 16:00 - 2014-08-14 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-14 15:59 - 2014-08-14 15:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-14 15:59 - 2014-08-14 15:58 - 00000000 ____D () C:\Program Files\iTunes
2014-08-14 15:59 - 2014-08-14 15:58 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-14 15:58 - 2014-08-14 15:58 - 00000000 ____D () C:\Program Files\iPod
2014-08-14 13:41 - 2014-05-07 18:03 - 00001021 _____ () C:\Users\Sonny\Desktop\Dropbox.lnk
2014-08-14 13:41 - 2014-05-07 18:02 - 00000946 _____ () C:\Windows\wininit.ini
2014-08-14 13:41 - 2014-05-07 18:01 - 00000000 ____D () C:\Users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-12 22:18 - 2014-08-12 22:18 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-08-12 22:07 - 2011-08-30 16:05 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-08-12 22:05 - 2013-02-16 16:52 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-08-12 22:04 - 2013-12-15 15:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2014-08-12 22:04 - 2013-11-25 17:02 - 00002444 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2014-08-12 13:04 - 2009-07-14 00:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-12 13:04 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-12 13:04 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-11 23:54 - 2012-09-07 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-11 23:51 - 2012-09-07 18:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-11 23:51 - 2012-09-07 18:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
 
Some content of TEMP:
====================
C:\Users\Sonny\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwkeypn.dll
C:\Users\Sonny\AppData\Local\Temp\eject.exe
C:\Users\Sonny\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-28 13:30
 
==================== End Of Log ============================
 
Addition log:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by Sonny at 2014-09-08 23:33:55
Running from C:\Users\Sonny\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.6821 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.6821 - CyberLink Corp.) Hidden
Acer Assist (HKLM-x32\...\Acer Assist) (Version:  - Acer Incorporated)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3002 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3002 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.02.0804 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
AMD USB Filter Driver (x32 Version: 1.0.11.86 - Advanced Micro Devices, Inc.) Hidden
AntiLogger SDK version 1.7.6.367 (HKLM-x32\...\{4D46DE30-49FE-4043-99F7-D7E8C06175E0}_is1) (Version: 1.7.6.367 - Zemana Ltd.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{ACCA82EB-7088-919E-5E1C-100A24F11CCF}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2227.38498 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help English (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help French (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help German (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
ccc-utility64 (Version: 2009.0729.2227.38498 - ATI) Hidden
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Comcast Desktop Software (v1.2.1) (HKLM-x32\...\{118C3943-1683-42EF-824D-C22E70DB42E7}) (Version: 24 - Comcast)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Constant Guard Protection Suite (HKLM-x32\...\ID Vault) (Version: 1.14.425.1 - Comcast)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{AAF89271-2594-468D-B578-96B2E30C41C4}) (Version: 2.1.0703 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.00 - Acer Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.3.1.133 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.125 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (Version: 8.0.52572 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (x32 Version: 8.0.50727.146 - Microsoft Corporation) Hidden
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Mobile Broadband Generic Drivers (HKLM-x32\...\{68CC54AC-EFE5-4CE4-81F8-BE0C834E2D86}) (Version: 2.02.07.002.14 - Novatel Wireless)
MobileMe Control Panel (HKLM\...\{41BC9E31-0D39-462E-8E4C-767B21A3B1C3}) (Version: 3.1.8.0 - Apple Inc.)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.5.0.19 - Symantec Corporation)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6619 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30102 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
SolidWorks 2014 x64 Edition SP02 (HKLM-x32\...\SolidWorks Installation Manager 20140-40200-1100-100) (Version: 22.2.0.40 - SolidWorks Corporation)
SolidWorks 2014 x64 Edition SP02 (Version: 22.120.40 - SolidWorks) Hidden
SolidWorks Composer Player 2014 SP02 x64 Edition (Version: 22.20.40 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2014 x64 Edition SP02 (Version: 14.2.116 - Dassault Systèmes SolidWorks Corp) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
VZAccess Manager for Novatel (HKLM-x32\...\{7BA20EF6-AE4E-4408-B083-7AE999E92D73}) (Version: 6.9.8 - Smith Micro Software Inc.)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-383688522-2780381096-3143111068-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sonny\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
19-08-2014 01:03:18 Windows Update
28-08-2014 06:37:36 Windows Update
04-09-2014 04:13:13 Windows Update
05-09-2014 00:01:02 Windows Update
05-09-2014 08:07:10 Windows Update
05-09-2014 19:13:25 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {14B84488-B2F1-4B69-B653-DA4136DBFD6C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-29] (Google Inc.)
Task: {1698A3FD-FC85-4E31-AAAE-2EFEC5271187} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {3E6D0158-C8C2-468C-96FE-A508F5F16C75} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-383688522-2780381096-3143111068-1000UA => C:\Users\Sonny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11] (Google Inc.)
Task: {49B5A363-AFDA-4361-ABE8-61995D73FC13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {4A245D42-A8F1-4B58-865E-404D23EDD77D} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {7C2CAD7A-6E22-4C36-854E-45ABA89BB266} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {970AEBAC-79E0-48C5-82EC-97D494179770} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-29] (Google Inc.)
Task: {A8281614-F2C5-4125-80C1-7A5C3CDC1ED3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C268157C-278D-4AB0-82C6-76C0DD1D10DA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-383688522-2780381096-3143111068-1000Core => C:\Users\Sonny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11] (Google Inc.)
Task: {F10881BD-7203-4032-88C9-E927FDCB88E2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\WSCStub.exe [2014-07-31] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-383688522-2780381096-3143111068-1000Core.job => C:\Users\Sonny\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-383688522-2780381096-3143111068-1000UA.job => C:\Users\Sonny\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-01-11 20:06 - 2014-01-11 20:06 - 00276008 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sldBodyDiffu.dll
2014-04-28 13:32 - 2014-04-28 13:32 - 00549272 _____ () C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.DLL
2014-09-08 16:01 - 2014-09-08 16:02 - 00043008 _____ () c:\users\sonny\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwkeypn.dll
2013-08-23 12:01 - 2013-08-23 12:01 - 25100288 _____ () C:\Users\Sonny\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-04 15:01 - 2014-08-29 19:49 - 01098056 _____ () C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-04 15:01 - 2014-08-29 19:49 - 00174408 _____ () C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-04 15:01 - 2014-08-29 19:49 - 08577864 _____ () C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-04 15:02 - 2014-08-29 19:49 - 00331592 _____ () C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-04 15:01 - 2014-08-29 19:49 - 01660232 _____ () C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
2014-09-04 15:02 - 2014-08-29 19:49 - 14669128 _____ () C:\Users\Sonny\AppData\Local\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\71363785.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\71363785.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/04/2014 05:01:32 PM) (Source: IDVault) (EventID: 0) (User: )
Description: SessionChange Error No process is associated with this object.
 
Error: (09/04/2014 00:39:38 PM) (Source: SendoriService) (EventID: 99) (User: )
Description: In the enable methodObject reference not set to an instance of an object.
 
Error: (09/02/2014 11:16:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sldadminoptioneditor.exe, version: 22.2.0.40, time stamp: 0x52d1519e
Faulting module name: sldadminoptioneditor.exe, version: 22.2.0.40, time stamp: 0x52d1519e
Exception code: 0xc0000005
Fault offset: 0x00044408
Faulting process id: 0x160
Faulting application start time: 0xsldadminoptioneditor.exe0
Faulting application path: sldadminoptioneditor.exe1
Faulting module path: sldadminoptioneditor.exe2
Report Id: sldadminoptioneditor.exe3
 
Error: (09/01/2014 07:29:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3728533
 
Error: (09/01/2014 07:29:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3728533
 
Error: (09/01/2014 07:29:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/01/2014 07:29:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3726178
 
Error: (09/01/2014 07:29:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3726178
 
Error: (09/01/2014 07:29:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/01/2014 07:29:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3725117
 
 
System errors:
=============
Error: (09/08/2014 04:02:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (09/08/2014 04:00:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
%%1053
 
Error: (09/08/2014 04:00:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Error: (09/08/2014 03:59:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apple Mobile Device service failed to start due to the following error: 
%%1053
 
Error: (09/08/2014 03:59:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
 
Error: (09/08/2014 03:57:59 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
 
Error: (09/08/2014 03:57:59 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
 
Error: (09/07/2014 11:13:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (09/07/2014 11:11:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
%%1053
 
Error: (09/07/2014 11:11:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-28 16:30:37.206
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-28 16:30:36.847
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ Processor TF-20
Percentage of memory in use: 54%
Total physical RAM: 2812.05 MB
Available physical RAM: 1277.14 MB
Total Pagefile: 5622.28 MB
Available Pagefile: 2705.65 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:136.95 GB) (Free:68.2 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 863055F0)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=136.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#25
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

The reason why I believe this is because I have noticed that on certain websites (such as my email list and this websites home page) i get advertisement that are by AdChoices. Curious just to make sure I didn't have more adware I researched it and found out that it is adware similar to Sendori except appearing more like regular advertisements.it doesn't seem to cause as much lag to my computer as Sendori did before that got removed, but still, something that is designed to gather info on me and give it to third parties isn't exactly comforting to have on my computer.

When you visit those sites, you see ads deliveried by external vendors, who have contracts with those sites. I went once more through your logfiles and I don't see any signs of even half an adware on your machine :)
 

Thanks for continuing to help me with my issues Naat.

At your service sir! :)
 

Btw before I post the logs, I began to use the internet again on my computer in order to do my homework for a class, is that alright? A specific class requires me to be on the internet to read the textbook the teacher wrote.

That's fine, your machine appears to be free from malware.


Some general scans just for heads-up and/or in the case I'm going blind:


51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Install the progam and select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.


ESETOnline.png Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.
Click there Run ESET Online Scanner.

If using Internet Explorer:

  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:

  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.

To perform the scan:

  • Make sure that Enable detecion of potentially unwanted applications is checked.
  • In the Advanced Settings dropdown menu:
    • Make sure that Remove found threats is unchecked.
    • Scan archives is checked.
    • Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
    • Use custom proxy settings is unchecked.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.

Please include this logfile in your next reply.
Don't forget to re-enable previously switched-off protection software!


  • 0

Advertisements


#26
ThatOneDude

ThatOneDude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

Here's the logs you requested:

 

Malwarebytes log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/9/2014
Scan Time: 2:25:43 PM
Logfile: Malwarebytes log.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.09.09.06
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sonny
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 318961
Time Elapsed: 38 min, 34 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 2
PUP.Optional.Ibryte, C:\$Recycle.Bin\S-1-5-21-383688522-2780381096-3143111068-1000\$RKQRGVL.exe, Quarantined, [6d2cb811b7c4999d1a97a176bf42728e], 
PUP.Optional.Babylon.A, C:\Users\Sonny\Downloads\Babylon9_setup.exe, Quarantined, [45544f7acdae4fe7f500849a1ae6c739], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
ESET log:
 
[email protected] as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=133049c3102ef545b13438e06a3e9d61
# engine=20079
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-10 08:28:53
# local_time=2014-09-10 01:28:53 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton 360'
# compatibility_mode=3598 16777213 87 100 184197 160913829 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 36498097 161881183 0 0
# compatibility_mode_1='ESET NOD32 Antivirus 7.0'
# compatibility_mode=8220 16777213 100 100 0 30798675 0 0
# scanned=210675
# found=3
# cleaned=0
# scan_time=33158
# nod_component=V3 Build:0x30000000
sh=DA7ED73C1312FC41A4AE0D3DF87B63164E5AD7F2 ft=1 fh=92e095eebb5dea3f vn="a variant of Win32/AirAdInstaller.A potentially unwanted application" ac=I fn="C:\$Recycle.Bin\S-1-5-21-383688522-2780381096-3143111068-1000\$RM7UD1B.exe"
sh=DFF21EBBC7456895BD74715F8440E1A364CAE942 ft=1 fh=86126381f90d2a41 vn="a variant of Win32/AirAdInstaller.A potentially unwanted application" ac=I fn="C:\$Recycle.Bin\S-1-5-21-383688522-2780381096-3143111068-1000\$RPQ78MB.exe"
sh=B18CF92A555D5CAF79DE4EC6249FB52F52AE119E ft=1 fh=2ff28a8d9bf980d0 vn="a variant of Win32/AirAdInstaller.A potentially unwanted application" ac=I fn="C:\$Recycle.Bin\S-1-5-21-383688522-2780381096-3143111068-1000\$RYOL6K5.exe"

  • 0

#27
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Some minor junkware. Let's kick them off :)



5204fb054866c-TFC_nieuw_25x25.png Clean Temporary Files with TFC

Please download TFC by OldTimer and save it to your desktop.

  • Right-click on 5204fb054866c-TFC_nieuw_25x25.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Close any open programs and save your current work.
  • Click the Start button to begin. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a couple of minutes.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

This tool doesn't generate any report. Instead I recommend to keep it for good maintenance of your machine.



51c9d14017fa0-SecurityCheck.PNG Scan with Security Check

Please download Security Check by Screen317 and save it to your desktop.

  • Right-click on 51c9d14017fa0-SecurityCheck.PNG icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow onscreen instructions inside the black box. This scan won't take long.
  • Soon a notepad document called checkup.txt will open automaticaly.

Please include the content of that document.


  • 0

#28
ThatOneDude

ThatOneDude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts

So what should I do with the other programs I had to download earlier (such as FRST and Malwarebytes)? Keep them or remove them?

 

I'm not entirely sure if TFC was able to finish its work before my computer rebooted. Part way through the scan windows told me it was going to reboot in a minute and while TFC was scanning my computer screen went black and my computer started up again. Is this how it is supposed to work with TFC?

 

Here's the log you requested:

 

 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Norton Security Suite   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 McAfee SiteAdvisor    
 Adobe Flash Player 15.0.0.152  
 Adobe Reader 9 Adobe Reader out of Date! 
 Google Chrome 37.0.2062.103  
 Google Chrome 37.0.2062.120  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 9% 
````````````````````End of Log`````````````````````` 

  • 0

#29
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

TFC is meant only to clean temporary files/locations and it can't do any harm. If you feel it couldn't finish its job, just re-run it :)
I will remove my toys now, but MBAM is the one you should keep. It's a very good app.


updates.png Update outdated software

Staying always updated is crucial, not only for your operating system, but also for any third-party installed software.
Your logs clearly indicate that some of your software needs updating.

Adobe_Reader_v9-0_icon.png Updating Adobe manually

  • Visit Adobe website.
  • You will see a download option there for the newest Adobe Acrobat version.
  • In the center part you will be prompted to install McAfee Security Scan Plus as a free program. This is foistware. Remember to leave the box for McAfee UNCHECKED.
  • Click on Install, save the file to a convenient location, double-click it and follow the prompts.

Remember to keep it always updated.


51a5ce45263de-delfix.png Clean with DelFix

Please download DelFix by Xplode and save it to your desktop.

  • Right-click on 51a5ce45263de-delfix.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Ensure that Remove disinfection tools, Purge system restore and Reset system settings are checked.
  • Push Run.
  • When finished, it will display a notepad report.

Include it for my review.
Please also manually reboot your machine after posting your logfile.


  • 0

#30
ThatOneDude

ThatOneDude

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Thank you again for helping me. I definitely wouldn't have been able to do it without you! I will take your advice and keep Malwarebytes Anti-Malware on my computer. Thanks again for all your help!
 
Here's the log you requested:
 
# DelFix v10.8 - Logfile created 11/09/2014 at 00:16:09
# Updated 29/07/2014 by Xplode
# Username : Sonny - SONNY-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Sonny\Downloads\FRST-OlderVersion
Deleted : C:\TDSSKiller.3.0.0.40_05.09.2014_16.56.51_log.txt
Deleted : C:\TDSSKiller.3.0.0.40_05.09.2014_17.20.51_log.txt
Deleted : C:\Users\Sonny\Desktop\adwcleaner_3.309 - Shortcut.lnk
Deleted : C:\Users\Sonny\Desktop\aswMBR - Shortcut.lnk
Deleted : C:\Users\Sonny\Desktop\FRST64 - Shortcut.lnk
Deleted : C:\Users\Sonny\Desktop\SecurityCheck.exe - Shortcut.lnk
Deleted : C:\Users\Sonny\Desktop\tdsskiller - Shortcut.lnk
Deleted : C:\Users\Sonny\Desktop\TFC.exe - Shortcut.lnk
Deleted : C:\Users\Sonny\Downloads\Addition.txt
Deleted : C:\Users\Sonny\Downloads\adwcleaner_3.309.exe
Deleted : C:\Users\Sonny\Downloads\aswMBR.exe
Deleted : C:\Users\Sonny\Downloads\aswMBR.txt
Deleted : C:\Users\Sonny\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Users\Sonny\Downloads\FRST.txt
Deleted : C:\Users\Sonny\Downloads\FRST64.exe
Deleted : C:\Users\Sonny\Downloads\MBR.dat
Deleted : C:\Users\Sonny\Downloads\SecurityCheck.exe
Deleted : C:\Users\Sonny\Downloads\tdsskiller.exe
Deleted : C:\Users\Sonny\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
 
~ Cleaning system restore ...
 
Deleted : RP #276 [Windows Update | 08/28/2014 06:37:36]
Deleted : RP #277 [Windows Update | 09/04/2014 04:13:13]
Deleted : RP #278 [Windows Update | 09/05/2014 00:01:02]
Deleted : RP #279 [Windows Update | 09/05/2014 08:07:10]
Deleted : RP #280 [Windows Update | 09/05/2014 19:13:25]
Deleted : RP #281 [Windows Update | 09/10/2014 09:12:26]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########

  • 0






Similar Topics


Also tagged with one or more of these keywords: Norton, Infostealer.Sinfula.b, malware removal

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP