Serndpt

Members
  • Content count

    13
  • Joined

  • Last visited

About Serndpt

  • Rank
    New Member
  1. System appears to be operating fine. I'm just a bit paranoid when I see those windows pup up of late and became concerned I'd somehow gotten a virus or something. Is it ok to uninstall the programs we used? Thanks so much for your time and patience. I'm thankful there are people like you in the world willing to help people like me
  2. ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=3b64101b0851b94e9051c92afd4d4a53 # end=init # utc_time=2015-10-26 07:08:09 # local_time=2015-10-26 02:08:09 (-0600, Central Daylight Time) # country="United States" # osver=6.1.7601 NT Service Pack 1 Update Init Update Download Update Finalize Updated modules version: 26420 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=3b64101b0851b94e9051c92afd4d4a53 # end=updated # utc_time=2015-10-26 07:10:09 # local_time=2015-10-26 02:10:09 (-0600, Central Daylight Time) # country="United States" # osver=6.1.7601 NT Service Pack 1 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=3b64101b0851b94e9051c92afd4d4a53 # engine=26420 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2015-10-26 11:29:52 # local_time=2015-10-26 06:29:52 (-0600, Central Daylight Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='Microsoft Security Essentials' # compatibility_mode=5895 16777213 100 100 11682565 68774586 0 0 # scanned=1333223 # found=60 # cleaned=0 # scan_time=15582 sh=28B29A0AA2F451EC3837933CE5B1BD353CF0DF3E ft=1 fh=d9a532cac918a019 vn="MSIL/Adware.StrongVault.A application" ac=I fn="C:\AI_RecycleBin\{B89CD067-823C-47B7-BE9A-653EEDF44297}\3\Strongvault\StrongVaultApp.exe" sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll" sh=FFA8B6510D624A55F3EB7FFD6D5221A44944681C ft=1 fh=3386eb0d6ed0e5e1 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnstub.exe" sh=1A3F14C0A66F9AF050D1F34FBACBAADC31751A07 ft=1 fh=2704a03a0f47b728 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe" sh=78D39055963B638142A26F6A1CA0858557F1553D ft=1 fh=22097666a78966a3 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe" sh=E51D31466DA5738E4D029C788B93EF7D428648A3 ft=1 fh=5cf3f026d273c9eb vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" sh=A4854C3C5A7277D3C02F88330D2023AAD3667533 ft=1 fh=818bd9cd8f0d2ffa vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup403.exe" sh=6525F85F423A8ACB9DE261FCE7C1BFDCAF0651EC ft=1 fh=e751b5239200023c vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup404.exe" sh=ADF2AD3B94EB35DC371AB7A1A49B004B7C76BFA5 ft=1 fh=f95766f30bc4ebc6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup406.exe" sh=0F97FB08E6FC4500F86E64D3285C171C6462BD61 ft=1 fh=acbbffe185c36761 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup410.exe" sh=9AA5E59F80A95BDFC48FBB4DC9F4B7212749E67D ft=1 fh=2fe225811afcde6b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup416.exe" sh=DFDA3BEB6A8E9899118BBDE16E4DE6878E323A90 ft=1 fh=dc19b4d7d4992970 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup419.exe" sh=B6B12E4F8E59C61EC67A5E17DEDA7EA5B2FEF364 ft=1 fh=65d7fe9609cd6c74 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup500(1).exe" sh=B6B12E4F8E59C61EC67A5E17DEDA7EA5B2FEF364 ft=1 fh=65d7fe9609cd6c74 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup500.exe" sh=205EA3A873C765FF2E0F78FB1834D6EB44C21BF3 ft=1 fh=a409751ddc77dac3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup501(1).exe" sh=205EA3A873C765FF2E0F78FB1834D6EB44C21BF3 ft=1 fh=a409751ddc77dac3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup501.exe" sh=74507D2AD5D69252167B682B5FA7E693E1AE0652 ft=1 fh=c644006b49a165d6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup502(1).exe" sh=74507D2AD5D69252167B682B5FA7E693E1AE0652 ft=1 fh=c644006b49a165d6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup502.exe" sh=976D24D060C8F9B655B5EC01472194B9DA6C190C ft=1 fh=1966d8d77ea974eb vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup503.exe" sh=95515E5CD54F8D3B375FAFB34E53C0C1D2E7C344 ft=1 fh=00a7bfbc17a0357b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup504.exe" sh=3032CB5B0066ACB77259EC89E9ECAFDB21C06BE6 ft=1 fh=4cc4f419610b1b22 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup505(1).exe" sh=3032CB5B0066ACB77259EC89E9ECAFDB21C06BE6 ft=1 fh=4cc4f419610b1b22 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup505.exe" sh=012CB3E628C9FAC1159A4BA01F79C6C905757FF9 ft=1 fh=2ab5bfb1b985039b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup506.exe" sh=BCA0BBDC1ECA7D7049B11DFDF06A731B0DEB0330 ft=1 fh=5d043d2b7dcbb6c6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup507(1).exe" sh=BCA0BBDC1ECA7D7049B11DFDF06A731B0DEB0330 ft=1 fh=5d043d2b7dcbb6c6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup507.exe" sh=AA7AFFCBDAF13C3872F32EACCF3BEFB92FD0FA80 ft=1 fh=02ff89afc7fa57e5 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup508(1).exe" sh=AA7AFFCBDAF13C3872F32EACCF3BEFB92FD0FA80 ft=1 fh=02ff89afc7fa57e5 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup508.exe" sh=2CF9F87AA2EA689D9B9F5CCED4C51B2595C19027 ft=1 fh=4b16eff5bfe216f3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup510(1).exe" sh=2CF9F87AA2EA689D9B9F5CCED4C51B2595C19027 ft=1 fh=4b16eff5bfe216f3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Kai\Downloads\ccsetup510.exe" sh=5C15DD22371ADF076E0A4C92CE8505B78735F5E5 ft=1 fh=3dcff3cf0eec3a86 vn="a variant of Win32/UniBlue.F potentially unwanted application" ac=I fn="C:\Users\Kai\Downloads\driverscanner.exe" sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="J:\!Kai\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DSX9429Z\ApnIC[1].0" sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="J:\!Kai\AppData\Local\Temp\AskSLib.dll" sh=023D56C5A1D2E233CF02C667450D48293071AD8C ft=0 fh=0000000000000000 vn="JS/Redirector.NCL trojan" ac=I fn="J:\!Kai\AppData\Roaming\Mozilla\Firefox\Profiles\651ic4rf.default\extensions\{b781ca5c-f9fa-4709-bfb8-6c9427f57f36}.xpi" sh=57374E3996B9C569588FA3C8775BFD59D90C4C8F ft=1 fh=d244986abfd3fdf4 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="J:\!Kai\Desktop\Downloads\frostwire-4.18.5.windows.exe" sh=E540CB01664014FCFD3454C69B5420926E82DB03 ft=1 fh=56d5d86fa88a76f2 vn="Win32/RegistryBooster potentially unwanted application" ac=I fn="J:\!Kai\Desktop\Downloads\registrybooster.exe" sh=36603EEDEA03EBD207D487261C8D1A0F9A8EA0E7 ft=1 fh=b1182b5f3d104d47 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="J:\!Kai\Desktop\Downloads\videora-ipodclassic-405-setup.exe" sh=57374E3996B9C569588FA3C8775BFD59D90C4C8F ft=1 fh=d244986abfd3fdf4 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="J:\!Kai\Desktop Folders from C\Downloads\frostwire-4.18.5.windows.exe" sh=E540CB01664014FCFD3454C69B5420926E82DB03 ft=1 fh=56d5d86fa88a76f2 vn="Win32/RegistryBooster potentially unwanted application" ac=I fn="J:\!Kai\Desktop Folders from C\Downloads\registrybooster.exe" sh=36603EEDEA03EBD207D487261C8D1A0F9A8EA0E7 ft=1 fh=b1182b5f3d104d47 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="J:\!Kai\Desktop Folders from C\Downloads\videora-ipodclassic-405-setup.exe" sh=1767EC6D9A3622D113B935987FCBAE559BE644FC ft=1 fh=30448f7e1b3967ef vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="J:\!Kai\Downloads\avira_free_antivirus_en (1).exe" sh=321D55C88A529D02A44F97BF6498451F7D4C70CE ft=1 fh=97ec66a52017a80c vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="J:\!Kai\Downloads\avira_free_antivirus_en(1).exe" sh=1767EC6D9A3622D113B935987FCBAE559BE644FC ft=1 fh=30448f7e1b3967ef vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="J:\!Kai\Downloads\avira_free_antivirus_en.exe" sh=3F3CA18A0E5DF18184D20F127C364AC5718B8759 ft=1 fh=69dd749ca0e21f7e vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="J:\!Kai\Downloads\ccsetup326pro.exe" sh=642EAE83A0B04822A1A194F3AA8FFD79AE65C1C2 ft=1 fh=61b6c1e0c1208a47 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="J:\!Kai\Downloads\cpu-z_1.57-setup-en.exe" sh=B68F52C80C2FB3D7AA70FF811E349FE1C26D6F11 ft=1 fh=7d620a497d08cf16 vn="a variant of Win32/InstallIQ.A potentially unwanted application" ac=I fn="J:\!Kai\Downloads\Media Player Installer.exe" sh=7074656A5B0F95878CEE5C66064D212D1B0E9ABF ft=1 fh=0dec4c294183a8b7 vn="Win32/FreeInstaller potentially unwanted application" ac=I fn="J:\!Kai\Downloads\OpenOfficeInstaller.exe" sh=5BCBA1C25D5BEB2AD67A91FD407CF2D36710901A ft=1 fh=00640f97360e4fc8 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="J:\!Kai\Downloads\PhotoScape_V3-6-3.exe" sh=5BCBA1C25D5BEB2AD67A91FD407CF2D36710901A ft=1 fh=00640f97360e4fc8 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="J:\!Kai\Downloads\PhotoScape_V3.6.3.exe" sh=C4425890E6D2CB946269A2559DC7AD0E03580EF7 ft=1 fh=e5c2928fd3d3f9a2 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="J:\!Kai\Downloads\Shockwave_Installer_Slim.exe" sh=C778CE6D84EBC30765D03E59354D5A28B7F90CEC ft=1 fh=b86457c69e0ddb72 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="J:\!Kai\Downloads\winamp5581_full_emusic-7plus_en-us.exe" sh=28D708F1ACA2EC3EEF0A994D02D92C061C2E12D8 ft=1 fh=ade3728bbb74c600 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="J:\!Kai\Downloads\winamp5601_full_emusic-7plus_en-us.exe" sh=C50327BB9A73FD5EEE419F280A1CAB3710A87EEE ft=1 fh=979cba7a17c4654d vn="Win32/OpenCandy potentially unsafe application" ac=I fn="J:\!Kai\Downloads\winamp5623_full_emusic-7plus_all.exe" sh=1767EC6D9A3622D113B935987FCBAE559BE644FC ft=1 fh=30448f7e1b3967ef vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="J:\Downloads\avira_free_antivirus_en (1).exe" sh=321D55C88A529D02A44F97BF6498451F7D4C70CE ft=1 fh=97ec66a52017a80c vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="J:\Downloads\avira_free_antivirus_en(1).exe" sh=1767EC6D9A3622D113B935987FCBAE559BE644FC ft=1 fh=30448f7e1b3967ef vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="J:\Downloads\avira_free_antivirus_en.exe"
  3. Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02 Ran by Kai (2015-10-25 19:35:23) Running from C:\Users\Kai\Contacts\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2013-05-16 15:27:44) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2855246755-1798518092-654647340-500 - Administrator - Disabled) Guest (S-1-5-21-2855246755-1798518092-654647340-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2855246755-1798518092-654647340-1003 - Limited - Enabled) Kai (S-1-5-21-2855246755-1798518092-654647340-1002 - Administrator - Enabled) => C:\Users\Kai ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.1.1 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated) Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated) Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1.1 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated) Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated) Alchemy Beta x64 (HKLM\...\AlchemyBeta) (Version: 3.8.1.35916 - Alchemy Viewer Project) Alchemy Viewer x64 (HKLM\...\AlchemyViewer) (Version: 3.8.2.36473 - Alchemy Viewer Project) Amazon Kindle (HKU\S-1-5-21-2855246755-1798518092-654647340-1002\...\Amazon Kindle) (Version: - Amazon) Amazon Kindle (HKU\S-1-5-21-2855246755-1798518092-654647340-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Kindle) (Version: - Amazon) Amazon MP3 Downloader 1.0.18 (HKU\S-1-5-21-2855246755-1798518092-654647340-1002\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC) Amazon MP3 Downloader 1.0.18 (HKU\S-1-5-21-2855246755-1798518092-654647340-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC) Amazon Music (HKU\S-1-5-21-2855246755-1798518092-654647340-1002\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC) Amazon Music (HKU\S-1-5-21-2855246755-1798518092-654647340-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC) AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - ) Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.170 - Atheros) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG) Blender (HKLM\...\Blender) (Version: 2.73 - Blender Foundation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Corel Painter 13 - IPM (Version: 13.0 - Corel Corporation) Hidden Corel Painter 13 - IPM Content (Version: 13.0 - Corel Corporation) Hidden Corel Painter X3 (HKLM\...\_{EF449371-6B69-49C8-B789-76A0B0E3446B}) (Version: 13.0.0.704 - Corel Corporation) CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version: - ) CtrlAltStudio-Viewer-Alpha (remove only) (HKLM-x32\...\CtrlAltStudio-Viewer-Alpha) (Version: 1.2.4.43384 - CtrlAltStudio) CtrlAltStudio-Viewer-Release (remove only) (HKLM-x32\...\CtrlAltStudio-Viewer-Release) (Version: 1.2.1.41169 - CtrlAltStudio) CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.5425 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Data Vault (Version: 4.3.5.1 - Dell Inc.) Hidden Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.1.14 - Dell) Dell System Detect (HKU\S-1-5-21-2855246755-1798518092-654647340-1002\...\73f463568823ebbe) (Version: 6.6.0.2 - Dell) Dell System Detect (HKU\S-1-5-21-2855246755-1798518092-654647340-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\73f463568823ebbe) (Version: 6.6.0.2 - Dell) Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.) Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden Easy Media Player 1.1.12 (HKLM-x32\...\Easy Media Player) (Version: 1.1.12 - Easy Media Player) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION) Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.80.0000 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation) Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.51.00 - SEIKO EPSON CORPORATION) EPSON NX510 Series Printer Uninstall (HKLM\...\EPSON NX510 Series) (Version: - SEIKO EPSON Corporation) Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.30.00 - SEIKO EPSON Corp.) EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.) EPSON WF-2630 Series Printer Uninstall (HKLM\...\EPSON WF-2630 Series) (Version: - SEIKO EPSON Corporation) Epson WF-2630 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-2630 User’s Guide_is1) (Version: 1.0 - ) EpsonNet Print (HKLM\...\{F983229B-587E-4322-BCB9-D7A49734E5CD}) (Version: 3.0.0.0 - SEIKO EPSON CORPORATION) EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION) Filter Forge 3.015 (HKLM-x32\...\Filter Forge 3_is1) (Version: - Filter Forge, Inc.) Filter Forge 4.014 (HKLM-x32\...\Filter Forge 4_is1) (Version: - Filter Forge, Inc.) Filter Forge Freepack 1 - Metals 2.013 (HKLM-x32\...\Filter Forge Freepack 1 - Metals_is1) (Version: - Filter Forge, Inc.) Filter Forge Freepack 2 - Photo Effects 2.013 (HKLM-x32\...\Filter Forge Freepack 2 - Photo Effects_is1) (Version: - Filter Forge, Inc.) Filter Forge Freepack 3 - Frames 2.013 (HKLM-x32\...\Filter Forge Freepack 3 - Frames_is1) (Version: - Filter Forge, Inc.) Filter Forge Freepack 4 - Distortions 2.013 (HKLM-x32\...\Filter Forge Freepack 4 - Distortions_is1) (Version: - Filter Forge, Inc.) Filter Forge Freepack 5 - Hearts 2.013 (HKLM-x32\...\Filter Forge Freepack 5 - Hearts_is1) (Version: - Filter Forge, Inc.) Filter Forge Freepack 6 - Patterns 2.013 (HKLM-x32\...\Filter Forge Freepack 6 - Patterns_is1) (Version: - Filter Forge, Inc.) Firebird 2.5.0.26074 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project) Firestorm SecondLife and OpenSim viewer (Version: 4.7.47323 - Phoenix Viewer Project) Hidden Firestorm-Releasex64 x64 (HKLM-x32\...\{87a36c50-4766-41e3-b23b-2354a2ff60bf}) (Version: 4.7.47323 - Phoenix Firestorm Project Inc) Flame Painter 2.5.0 Personal (64bit) (HKLM\...\Flame Painter 2.5.0 Personal (64bit)_is1) (Version: 2.5.0 - Escape Motions, s.r.o) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Gyazo 3.1.6 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.) IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation) Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation) iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.) Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden KokuaViewer (remove only) (HKLM-x32\...\KokuaViewer) (Version: - ) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla) MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project) Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower) Multimedia Card Reader (x32 Version: 1.7.915.93 - Fitipower) Hidden NexusFont 2.5 (ver 2.5.8.1582) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles) NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation) NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation) NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation) NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation) NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - ) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) OnLive (HKLM-x32\...\OnLive) (Version: - OnLive) onOne Panel for Photoshop CS6 (HKLM-x32\...\{B6556F56-796F-42F1-A761-AA02584F1E06}) (Version: - ) OpenGL Extensions Viewer 4.1 (HKLM-x32\...\GLVIEW3) (Version: 412 - ) OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation) OpenRL Runtime 1.3.1000.14 x64 (HKLM\...\{250C8D22-1757-11E3-818E-1803734DBB4F}) (Version: 1.3.1000.14 - Caustic Graphics, Inc.) Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC) Painter 13 - Contentx64 (Version: 13.0 - Corel Corporation) Hidden Painter 13 - Core (Version: 13.0 - Corel Corporation) Hidden Painter 13 - Corex64 (Version: 13.0 - Corel Corporation) Hidden Painter 13 - EN (Version: 13.0 - Corel Corporation) Hidden Painter 13 - Setup Files (Version: 13.0 - Corel Corporation) Hidden ParticleShop - Core (Version: 1.1 - Corel Corporation) Hidden ParticleShop - IPM (Version: 1.1 - Corel Corporation) Hidden ParticleShop - IPM Content (Version: 1.1 - Corel Corporation) Hidden ParticleShop (HKLM\...\_{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.1.0.549 - Corel Corporation) ParticleShop (Version: 1.1 - Corel Corporation) Hidden Perfect Effects 8 (HKLM-x32\...\{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}) (Version: 8.1.0 - onOne Software) Portrait Professional 11.3 Trial (HKLM-x32\...\PortraitProfessional11Trial_is1) (Version: 11.3 - Anthropics Technology Ltd.) puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.) QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.) Radegast 2.16 (HKLM-x32\...\Radegast) (Version: 2.16 - Radegast Development Team) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6537 - Realtek Semiconductor Corp.) SAM Broadcaster (remove only) (HKLM-x32\...\SAM3) (Version: - ) SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden Singularity (64 bit) (remove only) (HKLM-x32\...\Singularity (64 bit)) (Version: - ) Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.) Smart Photo Editor (HKLM\...\SmartPhotoEditor1_is1) (Version: 1.20 - Anthropics Technology Ltd.) Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION) <==== ATTENTION Sound Blaster Recon3D PCIe (HKLM-x32\...\{CA0A90CB-F659-4E0B-B2A2-C8CF4B752AEC}) (Version: 1.01.26 - Creative Technology Limited) Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{EC1D58F3-BD94-4CF2-87C2-832985F73E39}) (Version: 1.0 - Creative Technology Limited) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spotify (HKU\S-1-5-21-2855246755-1798518092-654647340-1002\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB) Spotify (HKU\S-1-5-21-2855246755-1798518092-654647340-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB) Stellarium 0.13.1 (HKLM\...\Stellarium_is1) (Version: 0.13.1 - Stellarium team) Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC) Topaz Fusion Express 2 (64-bit) (HKLM-x32\...\Topaz Fusion Express 2 (64-bit)) (Version: 2.1.1 - Topaz Labs) Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.1 - Topaz Labs) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.6w3 - Wacom Technology Corp.) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc) Winamp Detector Plug-in (HKU\S-1-5-21-2855246755-1798518092-654647340-1002\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Winamp Detector Plug-in (HKU\S-1-5-21-2855246755-1798518092-654647340-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Wunderlist (HKLM-x32\...\{05005782-A2CD-4EF9-B838-C3B00FED2412}) (Version: 3.2.1.1 - 6 Wunderkinder GmbH) x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version: - ) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2855246755-1798518092-654647340-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) CustomCLSID: HKU\S-1-5-21-2855246755-1798518092-654647340-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () CustomCLSID: HKU\S-1-5-21-2855246755-1798518092-654647340-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Restore Points ========================= 23-10-2015 16:47:22 Installed EPSON Scan OCR Component 23-10-2015 16:48:26 Installed EPSON Scan PDF Extensions 23-10-2015 17:12:21 Installed FAX Utility 23-10-2015 17:14:32 Installed EPSON Scan OCR Component 23-10-2015 17:15:54 Installed EPSON Scan PDF Extensions 23-10-2015 17:45:01 Installed Software Updater 23-10-2015 17:56:09 Installed Epson Event Manager ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {087CE8FE-19D2-40CF-9B70-DCF8E46EA0F7} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-09-30] (Dell Inc.) Task: {0B65482B-F934-46DE-A518-6F71198A7C2E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-01] (Dropbox, Inc.) Task: {270AB908-EF83-45F7-9C70-8A4E9B9C4764} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation) Task: {2B961315-8475-4ACE-9BEE-95E63E5BC08A} - System32\Tasks\EPSON WF-2630 Series Update {EF84BE60-9DB9-4823-BB8B-584BAEE577FA} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE [2013-11-21] (SEIKO EPSON CORPORATION) Task: {336F0952-64D2-480D-AD22-08053BCBAE44} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {3D34C430-9E95-4D20-B9DD-7966C71CCF07} - System32\Tasks\EPSON WF-2630 Series Update {500ED1AA-3CE0-40E5-87FE-F6055980A63A} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE [2013-11-21] (SEIKO EPSON CORPORATION) Task: {5E56C298-B9B8-45A0-82F1-1CC68418ACE5} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] () Task: {61609710-9FBE-4E3D-88D2-0D015F1DD6F8} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] () Task: {79986268-4566-4CB4-BFD2-042D2EEA5131} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated) Task: {81300A8E-2CC8-40E0-B838-C3BA402E438F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd) Task: {894BEF31-A1CE-4F68-865A-384FF7476CB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {9314EA16-F47C-4A75-84E3-78E784D5274C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.) Task: {D5CC51E7-792B-46B3-8BE3-753E59485CBB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-01] (Dropbox, Inc.) Task: {DF52CA2F-825E-442A-A7CF-95F6729BD4A5} - System32\Tasks\{DD749819-BE3A-47A3-858C-ED75FB98F3CF} => pcalua.exe -a C:\Users\Kai\Downloads\Get_There.exe -d C:\Users\Kai\Downloads Task: {E88A03B9-51C1-4170-9140-27E824C282C6} - System32\Tasks\AdobeAAMUpdater-1.0-Kai-PC-Kai => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-22] (Adobe Systems Incorporated) Task: {F5BF9310-3F78-4C02-BD0E-16763BB4403E} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.) Task: {FA79D552-0175-4A82-809E-24F0CEEC8503} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\EPSON WF-2630 Series Update {500ED1AA-3CE0-40E5-87FE-F6055980A63A}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE:/EXE:{500ED1AA-3CE0-40E5-87FE-F6055980A63A} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\EPSON WF-2630 Series Update {EF84BE60-9DB9-4823-BB8B-584BAEE577FA}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE:/EXE:{EF84BE60-9DB9-4823-BB8B-584BAEE577FA} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2014-10-22 23:03 - 2015-04-08 16:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-08-14 17:00 - 2013-06-06 12:31 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2015-07-22 01:02 - 2015-07-22 01:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2013-05-22 13:17 - 2013-05-22 13:17 - 00400704 _____ () C:\Users\Kai\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe 2014-07-13 17:46 - 2015-07-21 00:02 - 05887808 _____ () C:\Users\Kai\AppData\Local\Amazon Music\Amazon Music Helper.exe 2013-05-10 02:28 - 2012-01-26 21:49 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE 2012-01-10 15:41 - 2015-03-29 20:24 - 00568392 _____ () C:\Program Files (x86)\puush\puush.exe 2015-07-22 01:02 - 2015-07-22 01:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll 2013-05-10 02:21 - 2012-01-21 06:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll 2015-04-21 09:20 - 2015-06-24 06:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-22 15:32 - 2015-07-22 15:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2015-10-25 18:51 - 2015-10-25 18:51 - 00071168 _____ () c:\users\kai\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpza0iyo.dll 2015-06-01 01:13 - 2015-09-23 18:07 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll 2015-06-01 01:13 - 2015-09-23 18:07 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-07-30 18:31 - 2015-09-23 18:07 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-06-01 01:13 - 2015-09-23 18:07 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1 AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2 AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3 AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2855246755-1798518092-654647340-1002\...\dell.com -> dell.com IE trusted site: HKU\S-1-5-21-2855246755-1798518092-654647340-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\dell.com -> dell.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2855246755-1798518092-654647340-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2855246755-1798518092-654647340-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 209.18.47.61 - 209.18.47.62 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{DF773D2B-98AE-42D6-BD13-1B2B395B12F8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{7688A8C3-D735-4939-81D8-4E1BD244E13C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe FirewallRules: [{DCFA442A-320A-4EA3-BEBD-407C27A4ED10}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE FirewallRules: [{421F8408-2BD6-43DF-B012-EECFF6931973}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{E9484F68-4CE0-49AB-938E-FB003C978D9C}] => (Allow) LPort=2869 FirewallRules: [{DF350843-82B9-409D-930F-BFE0AE17F111}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{32BF67FE-409A-4078-8060-617DE1B8B9D5}C:\users\kai\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kai\appdata\roaming\spotify\spotify.exe FirewallRules: [uDP Query User{F91743ED-96D8-4A4A-9507-E3A7506DE613}C:\users\kai\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kai\appdata\roaming\spotify\spotify.exe FirewallRules: [{EDB70108-815D-466E-B7C9-B874DB5CFAB0}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{00C357BC-AAA3-4760-AFAD-BBD0DF71F0D4}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{C8E3B306-29C2-4526-B6E9-6A4D168E0A2D}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe FirewallRules: [{A1EEDD90-9346-46D0-8028-112F786E64BC}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe FirewallRules: [{4CB22A91-E878-4D3D-847F-920032A1D685}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{9DE3D66B-E335-45FA-A156-8A959D49AC0E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6BCBF2CA-204C-4542-8E21-50AC8CD219FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0A241B17-A5B9-409C-A2DD-4362D4CC09C4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{88616D6D-4EA4-4289-97F3-EAB9D75713E9}C:\users\kai\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kai\appdata\roaming\spotify\spotify.exe FirewallRules: [uDP Query User{A123A4A5-F803-4CCE-A4B1-6E6C27A8C08B}C:\users\kai\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kai\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{24D69C52-815E-4040-A17A-8B7B52A7F697}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [uDP Query User{F5332E06-7718-4208-B97C-E349F6FC8F44}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{CCAEED73-092E-4787-A6DE-B7AEB6572F36}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{6B4A12BD-F1AB-4C84-968E-E1F19DE079B7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [TCP Query User{9B9F1B50-F208-4103-A643-27FB2D3494AE}C:\program files\singularity\slvoice.exe] => (Allow) C:\program files\singularity\slvoice.exe FirewallRules: [uDP Query User{768524E5-D5E5-4FE1-B766-F0654B8B8FC9}C:\program files\singularity\slvoice.exe] => (Allow) C:\program files\singularity\slvoice.exe FirewallRules: [TCP Query User{4EA83DD6-4BDA-4C11-B26F-C6505659D4C6}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe FirewallRules: [uDP Query User{C4BF64AC-D3CB-42BD-99D5-B1BE6A35BEF0}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe FirewallRules: [TCP Query User{0DC7BBB6-DF1E-4D33-8635-FD9A39E9C5F8}C:\program files (x86)\black dragon\slvoice.exe] => (Allow) C:\program files (x86)\black dragon\slvoice.exe FirewallRules: [uDP Query User{A838B295-2B4D-41DB-ABDB-BAC2227762A0}C:\program files (x86)\black dragon\slvoice.exe] => (Allow) C:\program files (x86)\black dragon\slvoice.exe FirewallRules: [TCP Query User{0439B8E7-09A0-43F9-88B2-7FF59CDFD083}C:\program files (x86)\black dragon\slvoice.exe] => (Allow) C:\program files (x86)\black dragon\slvoice.exe FirewallRules: [uDP Query User{2727002C-06F6-4D42-B6AD-E98A6635BF05}C:\program files (x86)\black dragon\slvoice.exe] => (Allow) C:\program files (x86)\black dragon\slvoice.exe FirewallRules: [TCP Query User{404E8A62-C781-4F6D-A1D6-AC256331F5BE}C:\program files\singularity\slvoice.exe] => (Allow) C:\program files\singularity\slvoice.exe FirewallRules: [uDP Query User{6FDF99FB-1441-419F-A680-EB44DE942726}C:\program files\singularity\slvoice.exe] => (Allow) C:\program files\singularity\slvoice.exe FirewallRules: [{5CFD3831-B07D-489B-AB08-38AF6C3DE01B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{1687535C-7F73-40DB-9490-C94EF0E5D42F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [TCP Query User{7147C229-5379-4647-9436-FEBC2639138D}C:\program files (x86)\ctrlaltstudio-viewer-release\slvoice.exe] => (Allow) C:\program files (x86)\ctrlaltstudio-viewer-release\slvoice.exe FirewallRules: [uDP Query User{5CC6D9B3-724C-42AC-9D38-E99169AE4722}C:\program files (x86)\ctrlaltstudio-viewer-release\slvoice.exe] => (Allow) C:\program files (x86)\ctrlaltstudio-viewer-release\slvoice.exe FirewallRules: [TCP Query User{82E9EE6F-401F-4C6E-992D-16627193B21B}C:\program files\alchemybeta\slvoice.exe] => (Allow) C:\program files\alchemybeta\slvoice.exe FirewallRules: [uDP Query User{6648781C-EFF2-4B6C-975C-D8196D3870E0}C:\program files\alchemybeta\slvoice.exe] => (Allow) C:\program files\alchemybeta\slvoice.exe FirewallRules: [TCP Query User{F4040725-9704-4706-805D-FCA7A42B010B}C:\program files (x86)\kokuaviewer\slvoice.exe] => (Allow) C:\program files (x86)\kokuaviewer\slvoice.exe FirewallRules: [uDP Query User{4462FCE1-597B-4506-89A2-9499CC8892C3}C:\program files (x86)\kokuaviewer\slvoice.exe] => (Allow) C:\program files (x86)\kokuaviewer\slvoice.exe FirewallRules: [{172F4063-1CAF-4786-BE55-FC17694199B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{52787C91-2D19-48FB-92F1-FDC1B40D3A5F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{53FC6423-DD77-4820-A7FA-9CEE27B92B8C}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe FirewallRules: [{E52A3B5B-035F-42A2-802D-83924E864661}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe FirewallRules: [TCP Query User{AEAA6E71-BD36-4927-BB2F-190ECBA40AFD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [uDP Query User{8C7BFF29-7A58-4B68-8D60-B703C3A212C4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{5A507CCA-2981-4BBA-823E-88716BF2AD62}C:\program files (x86)\exodusviewer\slvoice.exe] => (Allow) C:\program files (x86)\exodusviewer\slvoice.exe FirewallRules: [uDP Query User{770A1B47-5C84-4DF7-B581-FE1186CBADE2}C:\program files (x86)\exodusviewer\slvoice.exe] => (Allow) C:\program files (x86)\exodusviewer\slvoice.exe FirewallRules: [TCP Query User{9637CB10-7A31-4BF8-949E-F42D918704E2}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe] => (Allow) C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe FirewallRules: [uDP Query User{2B0517FB-0CD8-43A0-A087-6BDA207B55A9}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe] => (Allow) C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe FirewallRules: [TCP Query User{F66E6900-F467-4446-A40C-10AB33ED3D7D}C:\program files (x86)\spacialaudio\sambc\sambc.exe] => (Allow) C:\program files (x86)\spacialaudio\sambc\sambc.exe FirewallRules: [uDP Query User{46F0838C-11B0-496C-9DF5-1B0A7610EEC3}C:\program files (x86)\spacialaudio\sambc\sambc.exe] => (Allow) C:\program files (x86)\spacialaudio\sambc\sambc.exe FirewallRules: [TCP Query User{E38A56A4-CDFB-414D-B372-D223C1A307C8}C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe] => (Allow) C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe FirewallRules: [uDP Query User{6128465C-D331-4387-86EA-638D5A8EDEAB}C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe] => (Allow) C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe FirewallRules: [{33F59500-3337-43C3-996F-687375620E31}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe FirewallRules: [{5F413D6B-B4DA-453B-A860-481E0EC27A16}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe FirewallRules: [{CA90443E-834A-4B7C-8347-321621C773EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{69542DB2-9A24-4545-9A81-183CA9DEDBF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{96762F0B-A6B9-47EA-9A72-EF8155156DBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F8FA2F06-BEE4-47C5-894F-8F69217C8A39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{8902D993-1C68-4528-B7A6-ED95CA08B062}C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe] => (Allow) C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe FirewallRules: [uDP Query User{D47F2AE7-54E2-4E61-864A-65D300A550B6}C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe] => (Allow) C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe FirewallRules: [TCP Query User{DBF708F1-67E4-42DC-B294-15AF188EA485}C:\program files (x86)\spacialaudio\sambc\sambc.exe] => (Allow) C:\program files (x86)\spacialaudio\sambc\sambc.exe FirewallRules: [uDP Query User{C3F56148-158D-44F6-9586-B0A14D496820}C:\program files (x86)\spacialaudio\sambc\sambc.exe] => (Allow) C:\program files (x86)\spacialaudio\sambc\sambc.exe FirewallRules: [{BB98F583-674A-4D47-823E-692A1CC15F26}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{1F98854B-E834-4E70-8DAF-BBB950C9A446}C:\program files\firestorm-releasex64\slvoice.exe] => (Allow) C:\program files\firestorm-releasex64\slvoice.exe FirewallRules: [uDP Query User{6E533258-7C6A-4CEF-832F-726C6E86EEEC}C:\program files\firestorm-releasex64\slvoice.exe] => (Allow) C:\program files\firestorm-releasex64\slvoice.exe FirewallRules: [{3F067076-813D-41D9-A219-814F842B6608}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{ED5B60D8-126F-4FEF-87EA-4093D7EA59FA}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe FirewallRules: [{96CB62D0-1EE6-4DFC-8D96-4B92A1E9A30A}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe FirewallRules: [{C8B57067-2853-40F1-933B-869BA175048A}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{388BA3C3-C946-46A0-A18C-F70B83FA572F}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{0B416001-50C1-4538-A31A-4829591529E9}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{A9DABA57-9E82-4348-A8C8-2E5AE35E455B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{588B4742-CA9A-466A-BCFD-9E5844F4EE2A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/25/2015 06:47:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/25/2015 03:20:33 AM) (Source: SideBySide) (EventID: 63) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error: (10/24/2015 04:38:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/24/2015 02:12:40 AM) (Source: SideBySide) (EventID: 63) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error: (10/23/2015 06:00:51 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2015 05:11:23 PM) (Source: MsiInstaller) (EventID: 10005) (User: Kai-PC) Description: Product: EpsonNet Print -- The same version of EpsonNet Print is already installed. Installation will close. Error: (10/23/2015 05:07:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/23/2015 02:00:06 AM) (Source: SideBySide) (EventID: 63) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error: (10/22/2015 02:11:31 AM) (Source: SideBySide) (EventID: 63) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error: (10/21/2015 12:41:06 AM) (Source: SideBySide) (EventID: 63) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. System errors: ============= Error: (10/25/2015 07:23:02 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (10/25/2015 07:22:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (10/25/2015 07:22:16 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (10/25/2015 07:00:41 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: The ScRegSetValueExW call failed for FailureCommand with the following error: %%5 Error: (10/25/2015 06:56:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: The ScRegSetValueExW call failed for Start with the following error: %%5 Error: (10/25/2015 06:56:35 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (10/25/2015 06:56:33 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (10/25/2015 06:56:32 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (10/25/2015 06:54:57 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (10/25/2015 06:54:53 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. ==================== Memory info =========================== Processor: Intel® Core i7-3770 CPU @ 3.40GHz Percentage of memory in use: 41% Total physical RAM: 12248.88 MB Available physical RAM: 7189.55 MB Total Virtual: 24495.95 MB Available Virtual: 19101.23 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1841.3 GB) (Free:1646.89 GB) NTFS Drive d: (WF-2630) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS Drive i: (USB DISK) (Removable) (Total:7.2 GB) (Free:5.41 GB) FAT32 Drive j: (My Book) (Fixed) (Total:931.48 GB) (Free:369.6 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 346670F2) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=21.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=1841.3 GB) - (Type=07 NTFS) ======================================================== Disk: 5 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00073856) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 6 (MBR Code: Windows XP) (Size: 7.2 GB) (Disk ID: BFC06415) Partition 1: (Not Active) - (Size=7.2 GB) - (Type=0C) ==================== End of Addition.txt ============================
  4. I had to google bittorrent-- did not know what it was. To my knowledge, I don't have pirated software on this computer. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10/25/2015 Scan Time: 6:53 PM Logfile: Administrator: Yes Version: 2.2.0.1024 Malware Database: v2015.10.25.04 Rootkit Database: v2015.10.23.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Kai Scan Type: Threat Scan Result: Completed Objects Scanned: 501934 Time Elapsed: 34 min, 17 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) =============== Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02 Ran by Kai (administrator) on KAI-PC (25-10-2015 19:34:53) Running from C:\Users\Kai\Contacts\Desktop Loaded Profiles: Kai & (Available Profiles: Kai) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://dell13.msn.com -> Found [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2855246755-1798518092-654647340-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell13.msn.com -> Found [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2855246755-1798518092-654647340-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell13.msn.com -> Found [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2855246755-1798518092-654647340-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell13.msn.com -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: ST2000DM001-1CH SCSI Disk Device +++++ --- User --- [MBR] c16c09748c25b06da7d6f24e7ad8a28e [bSP] 3814cc8c18e68ed04ac8a7ee9cacf6cc : HP|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 81920 | Size: 22188 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 45522944 | Size: 1885492 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK Error reading LL2 MBR! ([1] Incorrect function. ) +++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive5: WD My Book 1130 USB Device +++++ --- User --- [MBR] 239b5737c9ccec8839686058d9a1eff8 [bSP] fcdf32c80a56a79906373c34b09dd153 : Windows XP MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953836 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK Error reading LL2 MBR! ([32] The request is not supported. )
  5. I have recently noticed a small pop up window appear and was able yesterday to actually see the header on the window. It was "schtasks.exe". This is a new bit of oddity for me so I googled and discovered it could be some type of malware or trojan. I've run a complete scan with Malwarebytes and Avira. Neither detected any issues. Searching my harddrive for the 'schtasks.exe' file I see 4 with that file name and 4 'schtasks.exe.mui', located in various folders on my C: drive, and with various file sizes. This is a Gyazo screen capture of the search results: https://gyazo.com/7f2ac3d20fc2be16036e603cb925e2d7 Am I infected? if so, how does one go about cleaning this up? Thanks for any assistance.