Solved gzflt.sys is corrupt, preventing windows from starting

jonnydy2j · 2015/05/31

[Solved] gzflt.sys is corrupt, preventing windows from starting

Hi all,

I have a problem where my laptop will not boot into Windows. If I let it try and boot it will start the startup recovery and this will firstly try finding a problem and then sit there trying to repair the problem indefinatly. I have left it on this stage for 24 hours without any change.

The next time it tries to boot it will tell me that gzflt.sys is corrupt and that it cannot be repaired.

I have tried booting into safe mode and get the same problems.

If I boot into the recovery section and initiate a startup repair it finds no faults with the system.

I have run the avira recovery boot cd which found 3 infected files and removed them but this did not fix the problem.

I have searched the internet looking for a solution to this and have not been able to find one. I have found a number of posts on this website that deal with this problem so I have downloaded and run FRST64.exe as detailed from the command prompt in the recovery tools section.

It has however only generated a FRST.txt log file which is posted below.

Any help with this problem would be greatly appriciated as I would like to recover the system rather than salvage any files and reinstall windows.

Many Thanks

Jon

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by SYSTEM on MININT-LVQVANM on 01-06-2015 07:02:18
Running from d:\
Platform: Windows 7 Ultimate (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-03-30] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [309760 2009-04-26] (Alps Electric Co., Ltd.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2010-01-27] (LogMeIn, Inc.)
HKLM\...\Run: [MacDrive 8 application for Digidesign] => C:\Program Files\Mediafour\MacDrive 8\MacDriveD.exe [228864 2010-06-02] (Mediafour Corporation)
HKLM\...\Run: [MCTDUtil] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [FDispPos] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1734848 2013-11-21] (Bitdefender)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1779952 2009-07-07] ()
HKLM-x32\...\Run: [DellSupportCenter] => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-04-02] (Nero AG)
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128232 2009-02-04] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Google Desktop Search] => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-02-08] (Google)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-05] (Apple Inc.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [DigidesignMMERefresh] => C:\Program Files (x86)\Digidesign\Pro Tools\MMERefresh.exe
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [98488 2011-04-23] (Sensible Vision )
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [307200 2011-06-14] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [S7UB Start] => C:\Program Files (x86)\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [102453 2010-06-02] (SIEMENS AG)
HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EASEUS\Todo Backup\bin\EuWatch.exe [69000 2011-04-22] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Tray] => C:\Program Files (x86)\EASEUS\Todo Backup\bin\TrayNotify.exe [733576 2011-04-25] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-11-01] (Research In Motion Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-20] (Apple Inc.)
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2011-04-23] ()
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\Jonathan\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\Jonathan\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\Jonathan\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKU\Jonathan\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\Jonathan\...\Run: [Hobbyist Software VLC Streamer] => "C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe" /startup
HKU\Jonathan\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\Jonathan\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\Jonathan\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1317256 2013-08-11] (Autodesk, Inc.)
HKU\Jonathan\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-11] (Bitdefender)
HKU\Jonathan\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1000488 2013-11-18] (Bitdefender)
HKU\Jonathan\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-11] (Bitdefender)
HKU\Jonathan\...\Run: [RemoteGateway] => C:\Program Files (x86)\RemoteGateway 4\RemoteGateway.exe [1049352 2013-10-15] (HexBeerium)
HKU\Jonathan\...\Policies\Explorer: []
HKU\Nichola\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2011-02-08] (Google)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-11-03]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-11-03]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-08-07]
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk [2014-01-20]
ShortcutTarget: Logitech Touch Mouse Server.lnk -> C:\Program Files (x86)\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
Startup: C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2011-01-17]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_73e1f0dede412369\AESTSr64.exe [89600 2009-03-30] (Andrea Electronics Corporation)
S2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1542792 2011-10-28] (SIEMENS AG)
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2013-07-09] (Autodesk)
S2 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
S2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-07] (CrypKey (Canada) Ltd.)
S3 dnWhoDisp; C:\Program Files (x86)\Rockwell Software\RSLINX\dnwhodisp.exe [73728 2002-04-28] ()
S2 EASEUS Agent; C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe [56200 2011-04-22] (CHENGDU YIWO Tech Development Co., Ltd)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
S2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project)
S3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project)
S2 GManager; C:\Windows\system32\GManager.exe [310648 2011-08-31] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-02-08] (Google)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2011-01-18] ()
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-02-12] (LogMeIn, Inc.)
S2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-02-12] (LogMeIn, Inc.)
S2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-11-08] (LogMeIn, Inc.)
S2 MacDrive8ServiceD; C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe [167424 2010-06-07] (Mediafour Corporation)
S2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
S2 MCTUISvr; C:\Program Files (x86)\MCT\VGA0007\Utility\MCTUISvr.exe [199296 2011-08-09] ()
S2 MELSOFT Mediative Server; C:\Program Files (x86)\MELSOFT\MSF\Common\MMS\MMSserve.exe [1466368 2012-04-11] (Mitsubishi Electric Corporation)
S2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [67400 2011-04-01] (Microsoft Corporation)
S4 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57966424 2010-09-17] (Microsoft Corporation)
S2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703584 2011-09-16] (SEIKO EPSON CORPORATION)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S2 RSLinx; C:\Program Files (x86)\Rockwell Software\RSLINX\RSLINX.EXE [1503504 2004-01-12] (Rockwell Software, Inc.)
S2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [139864 2011-11-03] (SIEMENS AG)
S2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [229976 2011-11-03] (SIEMENS AG)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [430424 2010-09-17] (Microsoft Corporation)
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_73e1f0dede412369\STacSV64.exe [268288 2009-03-30] (IDT, Inc.)
S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
S4 VLC media player; C:\Program Files (X86)\VIDEOLAN\VLC\VLC.exe [126464 2013-12-08] (VideoLAN)
S2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [423536 2011-08-19] (VMware, Inc.)
S2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [423536 2011-08-19] (VMware, Inc.)
S2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [423536 2011-08-19] (VMware, Inc.)
S4 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1507248 2013-11-15] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 DigiRefresh; C:\Program Files (x86)\Digidesign\Pro Tools\MMERefresh.exe -s [X]
S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-02-11] (BitDefender)
S3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-02-11] (BitDefender)
S1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
S1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S1 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr.sys [74352 2011-03-14] (VMware, Inc.)
S3 CprDrvr; C:\Windows\System32\DRIVERS\CprDrvr.sys [174200 2011-07-12] ()
S3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259072 2011-04-19] (SIEMENS AG)
S0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [42888 2011-04-22] ()
S3 EUDISK; C:\Windows\system32\drivers\eudisk.sys [193928 2011-04-22] (CHENGDU YIWO Tech Development Co., Ltd)
S0 EUFS; C:\Windows\System32\drivers\eufs.sys [26504 2011-04-22] (CHENGDU YIWO Tech Development Co., Ltd)
S3 evserial; C:\Windows\System32\DRIVERS\evserial.sys [67072 2010-04-19] (ELTIMA Software)
S3 EZSocketGOT; C:\Windows\System32\drivers\EZSocketGOT.sys [257536 2011-05-22] (Jungo)
S3 HMI; C:\Windows\System32\drivers\g3usb.sys [13144 2011-08-09] (Red Lion Controls Inc.)
S1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 ITECIRfilter; C:\Windows\System32\DRIVERS\ITECIRfilter.sys [28264 2011-03-21] (ITE Tech. Inc. )
S3 leafnets; C:\Windows\System32\DRIVERS\leafnets.sys [29696 2008-04-24] (Leaf Networks)
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [40608 2009-11-09] (http://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [32256 2009-06-24] (http://libusb-win32.sourceforge.net)
S2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2010-01-27] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
S3 mctkmd; C:\Windows\system32\drivers\mctkmd64.sys [133248 2011-12-16] (Magic Control Technology Corporation)
S0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
S0 MDFSYSNT; C:\Windows\System32\Drivers\MDFSYSNT.sys [306280 2010-05-18] (Mediafour Corporation)
S0 MDPMGRNT; C:\Windows\System32\DRIVERS\MDPMGRNT.SYS [32352 2010-05-05] (Mediafour Corporation)
S1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2011-10-20] (SIEMENS AG)
S3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2011-10-20] (SIEMENS AG)
S3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121344 2011-05-05] (SIEMENS AG)
S3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [195584 2011-09-29] (SIEMENS AG)
S3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [152576 2011-05-05] (SIEMENS AG)
S3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2011-05-05] (SIEMENS AG)
S3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [260096 2011-05-05] (SIEMENS AG)
S3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [192000 2011-09-29] (SIEMENS AG)
S3 s7oupc2x64; C:\Windows\System32\DRIVERS\s7oupc2x64.sys [28672 2011-09-29] (SIEMENS AG)
S2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [193024 2011-09-29] (SIEMENS AG)
S2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2011-06-16] (SIEMENS AG)
S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.)
S2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [179288 2011-10-11] (SIEMENS AG)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203672 2013-06-04] (DEVGURU Co., LTD.(www.devguru.co.kr))
S2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [45616 2011-02-17] (Oracle Corporation)
S3 VSBC; C:\Windows\System32\DRIVERS\evsbc.sys [32768 2010-04-19] (ELTIMA Software)
S3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [120832 2011-04-19] (SIEMENS AG)
S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)
S2 WinRing0_1_2_0; C:\Users\Jonathan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys [14544 2011-01-12] (OpenLibSys.org)
S3 xVGAUSB64; C:\Windows\System32\drivers\xvgausb64.sys [73344 2011-12-23] (Magic Control Technology Corp.)
S0 gzflt; No ImagePath
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 mfehidk01; \Device\mfehidk01.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S3 RsiKtControl; \SystemRoot\system32\RSIKT.SYS [X]
S3 RSSERIAL; \SystemRoot\SYSTEM32\RSSERIAL.SYS [X]
S3 RS_SS_NT; \SystemRoot\SYSTEM32\RS_SS_NT.SYS [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 VirtualBackplane; \SystemRoot\System32\Drivers\VirtualBackplane.sys [X]
S3 WPRO_40_1123; system32\drivers\WPRO_40_1123.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-01 07:01 - 2015-06-01 07:02 - 00000000 ____D () C:\FRST

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Some files in TEMP:
====================
C:\Users\Jonathan\AppData\Local\Temp\AcDeltree.exe
C:\Users\Jonathan\AppData\Local\Temp\AskSLib.dll
C:\Users\Jonathan\AppData\Local\Temp\Bonjour64Setup.exe
C:\Users\Jonathan\AppData\Local\Temp\converter.exe
C:\Users\Jonathan\AppData\Local\Temp\exie.exe
C:\Users\Jonathan\AppData\Local\Temp\expb.exe
C:\Users\Jonathan\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Jonathan\AppData\Local\Temp\install_reader11_uk_mssd_aaa_aih.exe
C:\Users\Jonathan\AppData\Local\Temp\JavaIC.dll
C:\Users\Jonathan\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Jonathan\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Jonathan\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jonathan\AppData\Local\Temp\latest-win.exe
C:\Users\Jonathan\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Jonathan\AppData\Local\Temp\msscct32.dll
C:\Users\Jonathan\AppData\Local\Temp\pyl9652.tmp.exe
C:\Users\Jonathan\AppData\Local\Temp\simaticn.exe
C:\Users\Jonathan\AppData\Local\Temp\VLCStreamerSetup.exe
C:\Users\Jonathan\AppData\Local\Temp\VLCStreamerSetup_2.50.exe

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points =========================

Restore point made on: 2014-03-22 00:36:16

==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 4090.89 MB
Available physical RAM: 3252.16 MB
Total Pagefile: 4089.04 MB
Available Pagefile: 3333.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:430.59 GB) (Free:40.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Removable) (Total:14.42 GB) (Free:0.68 GB) FAT32
Drive e: (RECOVERY) (Fixed) (Total:15 GB) (Free:6.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (Ubuntu-Live-Custom) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 30000000)
Partition 1: (Not Active) - (Size=180 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=430.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 GB) - (Type=01)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.4 GB) (Disk ID: A0A7AD70)
Partition 1: (Not Active) - (Size=14.4 GB) - (Type=0C)

LastRegBack: 2014-03-19 16:55

==================== End of log ============================

broni · 2015/06/01

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.

If you're stuck, or you're not sure about certain step, always ask before doing anything else.

Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.

Never run more than one scan at a time.

Keep updating me regarding your computer behavior, good, or bad.

The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.

If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.

I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

============================

gzflt.sys is BitDefender file and I've seen this boot issue caused by BitDefender before.

Let's see what we can do about it.

Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7/8: Now please enter System Recovery Options.
On Windows XP: Now please boot into the OTLPE CD.
Run [color= "#0000FF"]FRST(FRST64)[/color] and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

See if you can boot normally.

jonnydy2j · 2015/06/01

Hi Broni

I have complete your instructions as detailed in your post.

I tried to boot the computer and it hung on a blank screen for 30 minutes. I powered off and then tried to boot it up again. This time it booted into windows but seemed to take a long time to boot. I cant compare it accuratly to how long it normally takes as I havent used the computer for probably over a year. It does seem slower booting up and logging into windows.

Attached is the log as requested

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by SYSTEM at 2015-06-02 05:45:45 Run:1
Running from d:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\Jonathan\...\Policies\Explorer: []
ShortcutTarget: Dropbox.lnk -> (No File)
S2 DigiRefresh; C:\Program Files (x86)\Digidesign\Pro Tools\MMERefresh.exe -s [X]
S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]
S4 LMIRfsClientNP; No ImagePath
S0 gzflt; No ImagePath
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 mfehidk01; \Device\mfehidk01.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S3 RsiKtControl; \SystemRoot\system32\RSIKT.SYS [X]
S3 RSSERIAL; \SystemRoot\SYSTEM32\RSSERIAL.SYS [X]
S3 RS_SS_NT; \SystemRoot\SYSTEM32\RS_SS_NT.SYS [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 VirtualBackplane; \SystemRoot\System32\Drivers\VirtualBackplane.sys [X]
S3 WPRO_40_1123; system32\drivers\WPRO_40_1123.sys [X]
C:\Users\Jonathan\AppData\Local\Temp\AcDeltree.exe
C:\Users\Jonathan\AppData\Local\Temp\AskSLib.dll
C:\Users\Jonathan\AppData\Local\Temp\Bonjour64Setup.exe
C:\Users\Jonathan\AppData\Local\Temp\converter.exe
C:\Users\Jonathan\AppData\Local\Temp\exie.exe
C:\Users\Jonathan\AppData\Local\Temp\expb.exe
C:\Users\Jonathan\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Jonathan\AppData\Local\Temp\install_reader11_uk_mssd_aaa_aih.exe
C:\Users\Jonathan\AppData\Local\Temp\JavaIC.dll
C:\Users\Jonathan\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Jonathan\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Jonathan\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jonathan\AppData\Local\Temp\latest-win.exe
C:\Users\Jonathan\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Jonathan\AppData\Local\Temp\msscct32.dll
C:\Users\Jonathan\AppData\Local\Temp\pyl9652.tmp.exe
C:\Users\Jonathan\AppData\Local\Temp\simaticn.exe
C:\Users\Jonathan\AppData\Local\Temp\VLCStreamerSetup.exe
C:\Users\Jonathan\AppData\Local\Temp\VLCStreamerSetup_2.50.exe

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\FAStartup => value Removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value Removed successfully
HKU\Jonathan\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value Removed successfully
ShortcutTarget: Dropbox.lnk -> (No File) not found.
DigiRefresh => Service Removed successfully
WPFFontCache_v0400 => Service Removed successfully
LMIRfsClientNP => Service Removed successfully
gzflt => Service Removed successfully
hwdatacard => Service Removed successfully
mfehidk01 => Service Removed successfully
PCDSRVC{1E208CE0-FB7451FF-06020101}_0 => Service Removed successfully
RsiKtControl => Service Removed successfully
RSSERIAL => Service Removed successfully
RS_SS_NT => Service Removed successfully
Synth3dVsc => Service Removed successfully
tsusbhub => Service Removed successfully
VGPU => Service Removed successfully
VirtualBackplane => Service Removed successfully
WPRO_40_1123 => Service Removed successfully
C:\Users\Jonathan\AppData\Local\Temp\AcDeltree.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\AskSLib.dll => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\Bonjour64Setup.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\converter.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\exie.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\expb.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\FNP_ACT_InstallerCA.dll => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\install_reader11_uk_mssd_aaa_aih.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\JavaIC.dll => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\latest-win.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\msscct32.dll => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\pyl9652.tmp.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\simaticn.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\VLCStreamerSetup.exe => Moved successfully.
C:\Users\Jonathan\AppData\Local\Temp\VLCStreamerSetup_2.50.exe => Moved successfully.

==== End of Fixlog 05:45:48 ====

broni · 2015/06/01

The good news is that you're back in business.

Firstly I want you to reinstall BitDefender.
Create fresh restore point first.
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Then...

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.

Press Scan button.

It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

jonnydy2j · 2015/06/02

FRST.TXT

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Jonathan (administrator) on JONATHAN-PC on 01-06-2015 23:45:24
Running from C:\Users\Jonathan\Desktop
Loaded Profiles: Jonathan (Available Profiles: Jonathan & Nichola)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_73e1f0dede412369\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_73e1f0dede412369\AESTSr64.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
() C:\Windows\System32\GManager.exe
(Rockwell Software Inc.) C:\Program Files (x86)\Rockwell Software\RSCOMMON\RSOBSERV.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe
() C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
() C:\Program Files (x86)\MCT\VGA0007\Utility\MCTUISvr.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Mitsubishi Electric Corporation) C:\Program Files (x86)\MELSOFT\MSF\Common\MMS\MMSserve.exe
(Mitsubishi Electric Corporation) C:\Program Files (x86)\MELSOFT\MSF\Common\MMS\MMSserve.exe
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Rockwell Automation Inc.) C:\Program Files (x86)\Common Files\Rockwell\RNADiagnosticsSrv.exe
(Rockwell Software, Inc.) C:\Program Files (x86)\Rockwell Software\RSLINX\RSLINX.EXE
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\RsvcHost.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 8\MacDriveD.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Magic Control Technology Corporation) C:\Program Files (x86)\Common Files\DesktopUtil\MCTDUtil.exe
(Magic Control Technology Corporation) C:\Program Files (x86)\Common Files\DesktopUtil\FDispPos.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(HexBeerium) C:\Program Files (x86)\RemoteGateway 4\RemoteGateway.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Dropbox, Inc.) C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\Dropbox.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\S7UBTOOX\S7ubTstx.exe
(Logitech, Inc.) C:\Program Files (x86)\Logitech Touch Mouse Server\iTouch-Server-Win.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup\bin\EuWatch.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup\bin\TrayNotify.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\S7UBTOOX\S7ubtoox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Common Files\Siemens\SQLANY\dbsrv9.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.126.0\SeaPort.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-03-30] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [309760 2009-04-27] (Alps Electric Co., Ltd.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2010-01-27] (LogMeIn, Inc.)
HKLM\...\Run: [MacDrive 8 application for Digidesign] => C:\Program Files\Mediafour\MacDrive 8\MacDriveD.exe [228864 2010-06-02] (Mediafour Corporation)
HKLM\...\Run: [MCTDUtil] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [FDispPos] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-03-12] (Bitdefender)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1779952 2009-07-07] ()
HKLM-x32\...\Run: [DellSupportCenter] => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-04-03] (Nero AG)
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128232 2009-02-04] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Google Desktop Search] => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-02-08] (Google)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [DigidesignMMERefresh] => C:\Program Files (x86)\Digidesign\Pro Tools\MMERefresh.exe
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [98488 2011-04-23] (Sensible Vision )
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [307200 2011-06-15] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [S7UB Start] => C:\Program Files (x86)\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [102453 2010-06-03] (SIEMENS AG)
HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EASEUS\Todo Backup\bin\EuWatch.exe [69000 2011-04-22] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Tray] => C:\Program Files (x86)\EASEUS\Todo Backup\bin\TrayNotify.exe [733576 2011-04-25] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-11-02] (Research In Motion Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [FAStartup] => [X]
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2011-04-23] ()
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Run: [Hobbyist Software VLC Streamer] => "C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe" /startup
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1317256 2013-08-12] (Autodesk, Inc.)
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Run: [RemoteGateway] => C:\Program Files (x86)\RemoteGateway 4\RemoteGateway.exe [1049352 2013-10-16] (HexBeerium)
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-01-15] (Bitdefender)
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\MountPoints2: {48ec9152-ef7c-11df-8d70-00265ee5abee} - G:\AutoRun.exe
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\MountPoints2: {48ec91de-ef7c-11df-8d70-00265ee5abee} - H:\AutoRun.exe
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\MountPoints2: {769b9610-0d44-11e0-b223-0026b905f556} - I:\AutoRun.exe
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\MountPoints2: {b675cee1-a350-11e0-b9ad-0022fba6fe3a} - G:\AutoRun.exe
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\MountPoints2: {db0d9759-4445-11e0-85c3-08002700f8dc} - G:\AutoRun.exe
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\MountPoints2: {db0d976c-4445-11e0-85c3-08002700f8dc} - G:\AutoRun.exe
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\MountPoints2: {ff8d8e53-55a4-11e2-ac52-00265ee5abee} - D:\Enterprise_Launcher.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1317256 2013-08-12] (Autodesk, Inc.)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe "
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe "
HKU\S-1-5-18\...\RunOnce: [{90120000-0030-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90120000-006E-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
AppInit_DLLs-x32: C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2011-02-08] (Google)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk [2013-07-09]
ShortcutTarget: AutoCAD Startup Accelerator.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2009-11-03]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-09-03]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2009-11-03]
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-11-03]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-11-03]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-08-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk [2014-01-21]
ShortcutTarget: Logitech Touch Mouse Server.lnk -> C:\Program Files (x86)\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
Startup: C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2011-01-17]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: [ "DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ "DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ "DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ "DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ "DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ "DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ "DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ "DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [{6570C58B-C08B-46AD-AA82-2369B0D1B627}] -> MacDrive volume icons => No File
ShellIconOverlayIdentifiers-x32: [ "DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ "DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ "DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ "DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ "DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ "DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ "DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ "DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\SysWOW64\AcSignIcon.dll [2005-03-05] (Autodesk)
ShellIconOverlayIdentifiers-x32: [MountOverlayIcon] -> {0F49CF41-FD97-4942-9F2A-35E8B489E7FB} => C:\Program Files (x86)\WinMount\WinMTExt.dll [2010-10-20] (WinMount International Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-271332308-4134518789-2522140791-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60468
HKU\S-1-5-21-271332308-4134518789-2522140791-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/USCON/2
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-271332308-4134518789-2522140791-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-271332308-4134518789-2522140791-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-271332308-4134518789-2522140791-1000 -> {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = http://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60468
SearchScopes: HKU\S-1-5-21-271332308-4134518789-2522140791-1000 -> {5941D31B-87A5-4F4C-B450-94943ACC82BC} URL = http://uk.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-271332308-4134518789-2522140791-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=KVVPYlV4ZKGH8s_JVNoqbZMTVDM?q={searchTerms}
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.126.0\amd64\BingExt.dll [2014-02-27] (Microsoft Corporation.)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2011-04-23] (Sensible Vision )
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-22] (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Co.)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-28] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.126.0\BingExt.dll [2014-02-27] (Microsoft Corporation.)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2011-04-23] (Sensible Vision )
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-28] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Co.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.126.0\amd64\BingExt.dll [2014-02-27] (Microsoft Corporation.)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.126.0\BingExt.dll [2014-02-27] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKU\S-1-5-21-271332308-4134518789-2522140791-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-271332308-4134518789-2522140791-1000 -> No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} https://a248.e.akamai.net/f/248/147...ager/versions/activex/dlm-activex-2.2.6.0.cab
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.euro.dell.com/systemprofiler/DellSystemLite.CAB
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\2g3777af.default
FF DefaultSearchEngine: Secure Search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Homepage: hxxp://dell.uk.msn.com/?pc=MDDC
FF Keyword.URL: hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
FF NetworkProxy: "no_proxies_on ", "*.local "
FF NetworkProxy: "type ", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-06-02] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-22] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-12-20] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll [2011-04-01] (Microsoft Corp)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-06-02] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-28] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-12-20] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll [2011-04-01] (Microsoft Corp)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-07-03] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npEModelPlugin.dll [2009-10-14] (Dassault SystÃ¨mes SolidWorks Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-03-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-03-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-03-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-03-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-03-22] (Apple Inc.)
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\2g3777af.default\Extensions\LogMeInClient@logmein.com [2011-05-01]
FF Extension: LogMeIn, Inc. Rescue Technician Console - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\2g3777af.default\Extensions\TechnicianConsole@logmeinrescue.com [2011-09-20]
FF Extension: Lilium - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\2g3777af.default\Extensions\{67606F08-B5B6-11DA-8221-61D57407C2F7} [2011-01-09]
FF Extension: YouTube to MP3 - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\2g3777af.default\Extensions\youtube2mp3@mondayx.de.xpi [2011-07-07]
FF Extension: FlashGot - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\2g3777af.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-05-20]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-06-01]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-24]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2011-10-21]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-09-03]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-06-01]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_73e1f0dede412369\AESTSr64.exe [89600 2009-03-30] (Andrea Electronics Corporation)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1542792 2011-10-28] (SIEMENS AG) [File not signed]
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2013-07-09] (Autodesk)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
S3 dnWhoDisp; C:\Program Files (x86)\Rockwell Software\RSLINX\dnwhodisp.exe [73728 2002-04-29] () [File not signed]
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [File not signed]
R2 EASEUS Agent; C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe [56200 2011-04-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [File not signed]
R2 GManager; C:\Windows\system32\GManager.exe [310648 2011-08-31] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-02-08] (Google)
R3 Harmony; C:\Program Files (x86)\Rockwell Software\RSCOMMON\RSOBSERV.EXE [118784 2003-05-06] (Rockwell Software Inc.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2011-01-18] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [417640 2015-05-27] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [234856 2015-05-27] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-11-08] (LogMeIn, Inc.)
R2 MacDrive8ServiceD; C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe [167424 2010-06-07] (Mediafour Corporation) [File not signed]
R2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
R2 MCTUISvr; C:\Program Files (x86)\MCT\VGA0007\Utility\MCTUISvr.exe [199296 2011-08-09] ()
R2 MELSOFT Mediative Server; C:\Program Files (x86)\MELSOFT\MSF\Common\MMS\MMSserve.exe [1466368 2012-04-11] (Mitsubishi Electric Corporation) [File not signed]
R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [67400 2011-04-01] (Microsoft Corporation)
S4 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57966424 2010-09-17] (Microsoft Corporation)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703584 2011-09-16] (SEIKO EPSON CORPORATION)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OpcEnum; C:\Windows\SysWOW64\OpcEnum.exe [90112 2004-02-21] (OPC Foundation) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
R2 RSLinx; C:\Program Files (x86)\Rockwell Software\RSLINX\RSLINX.EXE [1503504 2004-01-12] (Rockwell Software, Inc.) [File not signed]
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [139864 2011-11-03] (SIEMENS AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [229976 2011-11-03] (SIEMENS AG)
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2011-09-17] (SolidWorks) [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [430424 2010-09-17] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_73e1f0dede412369\STacSV64.exe [268288 2009-03-30] (IDT, Inc.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
S4 VLC media player; C:\Program Files (X86)\VIDEOLAN\VLC\VLC.exe [126464 2013-12-09] (VideoLAN) [File not signed]
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [79872 2012-06-09] (VMware, Inc.) [File not signed]
R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [423536 2011-08-19] (VMware, Inc.)
R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [423536 2011-08-19] (VMware, Inc.)
R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [423536 2011-08-19] (VMware, Inc.)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-03-16] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-01-14] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-01-23] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-01-14] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2014-12-15] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-01-09] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr.sys [74352 2011-03-15] (VMware, Inc.)
S3 CprDrvr; C:\Windows\System32\DRIVERS\CprDrvr.sys [174200 2011-07-13] ()
R3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259072 2011-04-19] (SIEMENS AG)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [36232 2011-04-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [42888 2011-04-22] () [File not signed]
R3 EUDISK; C:\Windows\system32\drivers\eudisk.sys [193928 2011-04-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [17800 2011-04-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R0 EUFS; C:\Windows\System32\drivers\eufs.sys [26504 2011-04-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 evserial; C:\Windows\System32\DRIVERS\evserial.sys [67072 2010-04-19] (ELTIMA Software)
R3 EZSocketGOT; C:\Windows\System32\drivers\EZSocketGOT.sys [257536 2011-05-22] (Jungo)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-02-24] (BitDefender LLC)
S3 HMI; C:\Windows\System32\drivers\g3usb.sys [13144 2011-08-09] (Red Lion Controls Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 ITECIRfilter; C:\Windows\System32\DRIVERS\ITECIRfilter.sys [28264 2011-03-22] (ITE Tech. Inc. )
S3 leafnets; C:\Windows\System32\DRIVERS\leafnets.sys [29696 2008-04-25] (Leaf Networks)
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [40608 2009-11-10] (http://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [32256 2009-06-24] (http://libusb-win32.sourceforge.net) [File not signed]
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2010-01-27] (LogMeIn, Inc.)
R3 mctkmd; C:\Windows\system32\drivers\mctkmd64.sys [133248 2011-12-16] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
R0 MDFSYSNT; C:\Windows\System32\Drivers\MDFSYSNT.sys [306280 2010-05-18] (Mediafour Corporation)
R0 MDPMGRNT; C:\Windows\System32\DRIVERS\MDPMGRNT.SYS [32352 2010-05-05] (Mediafour Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-05-10] (Apple Inc.) [File not signed]
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2011-10-20] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2011-10-20] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121344 2011-05-06] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [195584 2011-09-29] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [152576 2011-05-06] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2011-05-06] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [260096 2011-05-06] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [192000 2011-09-29] (SIEMENS AG)
S3 s7oupc2x64; C:\Windows\System32\DRIVERS\s7oupc2x64.sys [28672 2011-09-29] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [193024 2011-09-29] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2011-06-16] (SIEMENS AG)
S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.)
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [179288 2011-10-11] (SIEMENS AG)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203672 2013-06-05] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [45616 2011-02-17] (Oracle Corporation)
R3 VSBC; C:\Windows\System32\DRIVERS\evsbc.sys [32768 2010-04-19] (ELTIMA Software)
R3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [120832 2011-04-19] (SIEMENS AG)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
R2 WinRing0_1_2_0; C:\Users\Jonathan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys [14544 2011-01-12] (OpenLibSys.org)
S3 xVGAUSB64; C:\Windows\System32\drivers\xvgausb64.sys [73344 2011-12-23] (Magic Control Technology Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-02 14:23 - 2015-06-02 14:24 - 02868848 _____ () C:\Users\Jonathan\Downloads\bitdefender_tsecurity.exe
2015-06-01 23:45 - 2015-06-01 23:46 - 00049897 _____ () C:\Users\Jonathan\Desktop\FRST.txt
2015-06-01 23:42 - 2015-06-01 23:42 - 00584851 _____ () C:\ProgramData\1433197734.bdinstall.bin
2015-06-01 23:39 - 2015-06-01 23:39 - 00000684 ____H () C:\bdr-cf01
2015-06-01 23:38 - 2015-06-01 23:38 - 00002124 _____ () C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2015-06-01 23:38 - 2015-06-01 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-06-01 23:38 - 2015-01-09 11:59 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-06-01 23:38 - 2014-12-15 18:04 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2015-06-01 23:38 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-06-01 23:37 - 2015-06-01 23:44 - 00000000 ____D () C:\Users\Jonathan\AppData\Roaming\Bitdefender
2015-06-01 23:37 - 2015-06-01 23:39 - 00253404 ____H () C:\bdr-ld01
2015-06-01 23:37 - 2015-06-01 23:39 - 00009216 ____H () C:\bdr-ld01.mbr
2015-06-01 23:37 - 2015-01-23 16:30 - 00262544 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-06-01 23:37 - 2015-01-14 13:13 - 00677104 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-06-01 23:37 - 2015-01-14 13:07 - 01306464 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-06-01 23:37 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2015-06-01 23:37 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2015-06-01 23:29 - 2015-02-24 17:52 - 00160544 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-06-01 23:29 - 2014-10-15 17:14 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-06-01 23:22 - 2015-06-01 23:22 - 00248166 _____ () C:\ProgramData\1433251455.bdinstall.bin
2015-06-01 23:21 - 2015-06-01 23:21 - 02108928 _____ (Farbar) C:\Users\Jonathan\Desktop\FRST64.exe
2015-06-01 16:01 - 2015-06-01 23:45 - 00000000 ____D () C:\FRST

jonnydy2j · 2015/06/02

FRST.TXT Part 2

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-02 13:49 - 2014-01-03 21:34 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-02 12:39 - 2010-11-21 16:51 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-06-02 12:08 - 2013-07-09 12:38 - 00000000 ____D () C:\Users\Jonathan\AppData\Roaming\Autodesk
2015-06-02 09:42 - 2012-05-19 11:00 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-02 09:42 - 2012-05-19 11:00 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-02 09:42 - 2011-06-19 10:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-02 09:12 - 2010-11-21 16:51 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-06-02 09:10 - 2010-11-21 16:52 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2015-06-02 09:10 - 2010-11-21 16:51 - 00003460 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-06-02 08:50 - 2010-11-21 16:51 - 00004280 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-06-02 08:46 - 2012-03-19 16:05 - 00001033 _____ () C:\Users\Jonathan\Desktop\Dropbox.lnk
2015-06-02 08:46 - 2012-03-19 16:01 - 00000000 ____D () C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-02 08:46 - 2010-12-20 00:01 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{187F15C8-1104-4E4F-9108-676DF6FF1CFC}
2015-06-02 08:45 - 2011-01-05 16:11 - 00001024 _____ () C:\.rnd
2015-06-02 08:45 - 2010-08-05 18:42 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2015-06-02 08:44 - 2014-01-03 21:34 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-02 08:44 - 2014-01-03 21:34 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-02 08:38 - 2010-12-19 19:18 - 00000000 ____D () C:\Users\Jonathan
2015-06-01 23:42 - 2012-05-19 11:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-01 23:41 - 2014-01-16 21:31 - 00000000 ____D () C:\ProgramData\Bitdefender
2015-06-01 23:38 - 2009-07-14 05:51 - 01759031 _____ () C:\Windows\setupact.log
2015-06-01 23:37 - 2014-01-16 21:31 - 00000000 ____D () C:\Program Files\Bitdefender
2015-06-01 23:32 - 2014-01-17 08:27 - 00499454 _____ () C:\Windows\system32\perfh011.dat
2015-06-01 23:32 - 2014-01-17 08:27 - 00158604 _____ () C:\Windows\system32\perfc011.dat
2015-06-01 23:32 - 2014-01-17 07:51 - 00482546 _____ () C:\Windows\system32\prfh0404.dat
2015-06-01 23:32 - 2014-01-17 07:51 - 00151594 _____ () C:\Windows\system32\prfc0404.dat
2015-06-01 23:32 - 2014-01-17 06:35 - 00465274 _____ () C:\Windows\system32\prfh0804.dat
2015-06-01 23:32 - 2014-01-17 06:35 - 00156096 _____ () C:\Windows\system32\prfc0804.dat
2015-06-01 23:32 - 2014-01-17 06:03 - 00833302 _____ () C:\Windows\system32\perfh00A.dat
2015-06-01 23:32 - 2014-01-17 06:03 - 00196378 _____ () C:\Windows\system32\perfc00A.dat
2015-06-01 23:32 - 2014-01-17 05:36 - 00801366 _____ () C:\Windows\system32\prfh0416.dat
2015-06-01 23:32 - 2014-01-17 05:36 - 00185174 _____ () C:\Windows\system32\prfc0416.dat
2015-06-01 23:32 - 2014-01-17 05:04 - 00831588 _____ () C:\Windows\system32\perfh013.dat
2015-06-01 23:32 - 2014-01-17 05:04 - 00190536 _____ () C:\Windows\system32\perfc013.dat
2015-06-01 23:32 - 2014-01-17 04:34 - 00816308 _____ () C:\Windows\system32\prfh0816.dat
2015-06-01 23:32 - 2014-01-17 04:34 - 00190214 _____ () C:\Windows\system32\prfc0816.dat
2015-06-01 23:32 - 2014-01-17 03:43 - 00696186 _____ () C:\Windows\system32\perfh008.dat
2015-06-01 23:32 - 2014-01-17 03:43 - 00149084 _____ () C:\Windows\system32\perfc008.dat
2015-06-01 23:32 - 2014-01-17 03:13 - 00580846 _____ () C:\Windows\system32\perfh014.dat
2015-06-01 23:32 - 2014-01-17 03:13 - 00132264 _____ () C:\Windows\system32\perfc014.dat
2015-06-01 23:32 - 2014-01-17 02:17 - 00828016 _____ () C:\Windows\system32\perfh015.dat
2015-06-01 23:32 - 2014-01-17 02:17 - 00193842 _____ () C:\Windows\system32\perfc015.dat
2015-06-01 23:32 - 2014-01-17 01:58 - 00750244 _____ () C:\Windows\system32\perfh01D.dat
2015-06-01 23:32 - 2014-01-17 01:58 - 00179502 _____ () C:\Windows\system32\perfc01D.dat
2015-06-01 23:32 - 2014-01-17 01:40 - 00511184 _____ () C:\Windows\system32\perfh012.dat
2015-06-01 23:32 - 2014-01-17 01:40 - 00156888 _____ () C:\Windows\system32\perfc012.dat
2015-06-01 23:32 - 2014-01-17 01:19 - 00772046 _____ () C:\Windows\system32\perfh00E.dat
2015-06-01 23:32 - 2014-01-17 01:19 - 00209622 _____ () C:\Windows\system32\perfc00E.dat
2015-06-01 23:32 - 2014-01-17 01:03 - 00828252 _____ () C:\Windows\system32\perfh010.dat
2015-06-01 23:32 - 2014-01-17 01:03 - 00184388 _____ () C:\Windows\system32\perfc010.dat
2015-06-01 23:32 - 2014-01-17 00:47 - 00596160 _____ () C:\Windows\system32\perfh006.dat
2015-06-01 23:32 - 2014-01-17 00:47 - 00136060 _____ () C:\Windows\system32\perfc006.dat
2015-06-01 23:32 - 2014-01-17 00:28 - 00811788 _____ () C:\Windows\system32\perfh019.dat
2015-06-01 23:32 - 2014-01-17 00:28 - 00188082 _____ () C:\Windows\system32\perfc019.dat
2015-06-01 23:32 - 2014-01-17 00:08 - 00755584 _____ () C:\Windows\system32\perfh005.dat
2015-06-01 23:32 - 2014-01-17 00:08 - 00178830 _____ () C:\Windows\system32\perfc005.dat
2015-06-01 23:32 - 2009-07-14 06:13 - 15371396 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-06-01 23:29 - 2014-01-16 21:31 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-06-01 23:29 - 2012-03-19 16:05 - 00000000 ___RD () C:\Users\Jonathan\Dropbox
2015-06-01 23:29 - 2012-03-19 15:58 - 00000000 ____D () C:\Users\Jonathan\AppData\Roaming\Dropbox
2015-06-01 23:27 - 2010-12-19 20:40 - 01158993 _____ () C:\Windows\WindowsUpdate.log
2015-06-01 23:25 - 2014-02-12 19:54 - 00001006 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-06-01 23:25 - 2014-02-12 19:53 - 00000990 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-06-01 23:25 - 2014-01-03 21:34 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-01 23:25 - 2011-01-05 16:10 - 00000000 ____D () C:\ProgramData\VMware
2015-06-01 23:24 - 2012-08-30 11:36 - 00002728 _____ () C:\Windows\system32\GManager.ini
2015-06-01 23:24 - 2010-07-14 20:19 - 00027404 _____ () C:\Windows\error.log
2015-06-01 23:24 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-01 23:23 - 2010-12-19 20:16 - 00685248 _____ () C:\Windows\PFRO.log
2015-06-01 23:23 - 2010-07-14 20:19 - 00006524 _____ () C:\Windows\errord.log
2015-06-01 23:22 - 2010-12-19 19:13 - 00018288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-01 23:22 - 2010-12-19 19:13 - 00018288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-01 23:21 - 2010-08-05 18:43 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-05-27 17:17 - 2010-08-05 18:42 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-05-27 17:17 - 2010-08-05 18:42 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-05-27 17:17 - 2010-08-05 18:42 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll

==================== Files in the root of some directories =======

2010-12-22 20:01 - 2010-12-22 20:21 - 0000132 _____ () C:\Users\Jonathan\AppData\Roaming\Adobe BMP Format CS5 Prefs
2011-01-03 16:01 - 2010-07-09 17:41 - 0053248 _____ () C:\Users\Jonathan\AppData\Roaming\chrtmp
2005-04-08 03:16 - 2010-12-18 00:06 - 0074588 ____H () C:\Users\Jonathan\AppData\Roaming\Jonathanlog.dat
2012-09-21 20:53 - 2012-11-02 10:56 - 0000308 _____ () C:\Users\Jonathan\AppData\Roaming\Rim.Desktop.Exception.log
2012-09-21 19:11 - 2012-09-21 19:11 - 0001153 _____ () C:\Users\Jonathan\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-09-21 20:53 - 2012-11-02 10:56 - 0000308 _____ () C:\Users\Jonathan\AppData\Roaming\Rim.DesktopHelper.Exception.log
2011-10-23 10:38 - 2011-10-23 10:38 - 0000012 ___SH () C:\Users\Jonathan\AppData\Roaming\windata.xfd
2010-07-11 19:51 - 2012-10-12 15:49 - 0000600 _____ () C:\Users\Jonathan\AppData\Roaming\winscp.rnd
2011-02-09 00:40 - 2011-10-29 22:54 - 0037376 _____ () C:\Users\Jonathan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-02-06 15:09 - 2011-02-06 15:09 - 0000096 _____ () C:\Users\Jonathan\AppData\Local\fusioncache.dat
2012-03-18 23:44 - 2012-03-18 23:44 - 0000600 _____ () C:\Users\Jonathan\AppData\Local\PUTTY.RND
2011-10-17 12:36 - 2012-07-18 12:55 - 0000000 _____ () C:\Users\Jonathan\AppData\Local\Temptable.xml
2010-12-20 10:45 - 2010-12-22 00:42 - 0000110 _____ () C:\Users\Jonathan\AppData\Local\Win7_tmp1.htm
2015-06-01 23:42 - 2015-06-01 23:42 - 0584851 _____ () C:\ProgramData\1433197734.bdinstall.bin
2015-06-01 23:22 - 2015-06-01 23:22 - 0248166 _____ () C:\ProgramData\1433251455.bdinstall.bin
2011-10-16 07:10 - 2012-09-03 11:20 - 0006791 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Jonathan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpulfrnz.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-02 09:40

==================== End of log ============================

jonnydy2j · 2015/06/02

ADDITIONS.TXT Part 1

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Jonathan at 2015-06-02 00:06:48
Running from C:\Users\Jonathan\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

1ACF066000F44848AAB8 (S-1-5-21-271332308-4134518789-2522140791-1016 - Limited - Enabled)
Administrator (S-1-5-21-271332308-4134518789-2522140791-500 - Administrator - Disabled)
ASPNET (S-1-5-21-271332308-4134518789-2522140791-1013 - Limited - Enabled)
Guest (S-1-5-21-271332308-4134518789-2522140791-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-271332308-4134518789-2522140791-1018 - Limited - Enabled)
Jonathan (S-1-5-21-271332308-4134518789-2522140791-1000 - Administrator - Enabled) => C:\Users\Jonathan
Nichola (S-1-5-21-271332308-4134518789-2522140791-1021 - Limited - Enabled) => C:\Users\Nichola
___VMware_Conv_SA___ (S-1-5-21-271332308-4134518789-2522140791-1020 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7000E809a (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
7000E809a_eDocs (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
7000E809a_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
7-Zip 9.15 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0915-000001000000}) (Version: 9.15.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Kindle (HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Amazon Kindle) (Version: - Amazon)
AMD Catalyst Install Manager (HKLM\...\{3D42871F-4A1E-82E5-9494-3012BA3084F2}) (Version: 3.0.842.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0213.2137 - )
AutoCAD 2006 - English (HKLM-x32\...\{5783F2D7-4001-0409-0002-0060B0CE6BBA}) (Version: 16.2.54.10 - Autodesk)
AutoCAD Electrical 2014 Language Pack - English (Version: 11.0.57.0 - Autodesk) Hidden
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 5.1 - Autodesk, Inc.)
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk Vault 2014 Service Pack 1 (Client) (HKLM\...\Autodesk Vault Basic 2014 (Client)_Autodesk Vault 2014 Service Pack 1 (Client)) (Version: - Autodesk, Inc.)
Autodesk Vault Basic 2014 (Client) (HKLM\...\Autodesk Vault Basic 2014 (Client)) (Version: 18.1.8.0 - Autodesk)
Autodesk Vault Basic 2014 (Client) (Version: 18.1.8.0 - Autodesk) Hidden
Autodesk Vault Basic 2014 (Client) English Language Pack (Version: 18.0.86.0 - Autodesk) Hidden
Bing Bar (HKLM-x32\...\{A302C3E1-A26A-4141-BC1E-2C4F90D2153F}) (Version: 7.3.126.0 - Microsoft Corporation)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.22.0.1521 - Bitdefender)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.32 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.32 - Research In Motion Ltd.) Hidden
BlackBerry Device Software v7.1.0 for the BlackBerry 9790 smartphone (HKLM-x32\...\{245F0601-3D08-4FB1-A9FB-20B34B3D8BE2}) (Version: 7.1.0.336 (Platform 9.16.0.102) - Research In Motion Ltd.)
BlackBerry Device Software v7.1.0 for the BlackBerry 9790 smartphone (HKLM-x32\...\{8DE4FAFC-BEFF-4D19-9B56-23AD6926DA23}) (Version: 7.1.0.523 (Platform 9.16.0.128) - Research In Motion Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
ccc-core-static (x32 Version: 2009.0213.2138.38808 - ATI) Hidden
Combined Community Codec Pack 2008-01-24 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2008-01-24 00:00 - CCCP Project)
Common Components3 (x32 Version: 1.00.0001 - MITSUBISHI) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Composer (HKLM-x32\...\Composer) (Version: - )
coverXP (remove only) (HKLM-x32\...\coverXP) (Version: - )
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DataTransfer (HKLM-x32\...\{10CCB691-12D1-4FF8-9B4E-6F3E45F482EA}) (Version: 2.01B - MITSUBISHI ELECTRIC CORPORATION)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.36 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0029 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5744.02 - Dell Inc.)
Dell Support Center (Version: 3.0.5744.02 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.102.101.219 - ALPS ELECTRIC CO., LTD.)
Dell Video Chat (HKLM-x32\...\Dell Video Chat) (Version: 6.1 (6751) - SightSpeed Inc.)
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Digidesign HFS+ Disk Support (HKLM\...\{5984CE26-CF4A-4564-9511-D49589C8FE9E}) (Version: 8.0.6.52 - Digidesign, A Division of Avid Technology, Inc.)
DL22258964 (HKLM\...\Autodesk Vault Basic 2014 (Client)_DL22258964) (Version: - Autodesk, Inc.)
Drive ES SlaveOM (x32 Version: 05.05.0000 - Siemens AG) Hidden
Dropbox (HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DWGeditor (x32 Version: 18.00.5035 - SolidWorks) Hidden
EASEUS Todo Backup Professional 2.5 (HKLM-x32\...\EASEUS Todo Backup Professional 2.5_is1) (Version: 2.5.0.1 - CHENGDU YIWO Tech Development Co., Ltd)
E-Designer 7 (HKLM-x32\...\{B7FEEEC2-76AD-493E-9ACA-CD3B155778BA}) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-2530 Series Printer Uninstall (HKLM\...\EPSON WF-2530 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
eSupportQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FastAccess (HKLM\...\{C7663280-83B4-4E21-838C-ACEEB4C61FA2}) (Version: 2.4.97.1 - Sensible Vision)
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Firebird 2.5.0.26074 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
GP-Pro EX 3.0 (HKLM-x32\...\{EE304098-FA06-431B-8C5D-F6CA2A5F9E8C}) (Version: 3.01.203 - Digital Electronics Corporation)
GT Designer3 (HKLM-x32\...\{08A028CB-C02D-4EB6-A8D6-A3A340A0CBA7}) (Version: 1.54G - MITSUBISHI ELECTRIC CORPORATION)
GT Designer3 (x32 Version: 1.00.00 - MITSUBISHI ELECTRIC CORPORATION) Hidden
GX Developer (HKLM-x32\...\SWnD5-GPPW) (Version: - )
GX IEC Developer 7.04 (HKLM-x32\...\{44E61F59-4A17-489E-BA9A-0C8E7332A343}) (Version: 7.04 - Mitsubishi Electric Europe b.v.)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 7000 E809a Series (HKLM\...\{44E1D9AA-2A0E-48B8-BA26-136C2149C8AD}) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IIS 7.5 Express (HKLM-x32\...\{22025051-1991-48EB-8BE8-7A3329DAE7ED}) (Version: 7.5.1070 - Microsoft Corporation)
Integrated Webcam Driver (1.06.03.0309) (HKLM\...\Creative OA001) (Version: 1.06.03.0309 - Creative Technology Ltd.)
iPhone Configuration Utility (HKLM-x32\...\{B90FCEB7-2B0C-4D27-95B5-54238DF059ED}) (Version: 3.6.2.300 - Apple Inc.)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Java(TM) SE Development Kit 6 Update 27 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160270}) (Version: 1.6.0.270 - Oracle)
JDownloader (HKLM-x32\...\JDownloader) (Version: - AppWork UG (haftungsbeschrÃ¤nkt))
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Logitech Touch Mouse Server 1.0 (HKLM-x32\...\Logitech Touch Mouse Server) (Version: 1.0 - Logitech Inc.)
LogMeIn (HKLM-x32\...\{4475560E-9418-4908-A158-472D873AE139}) (Version: 4.1.1310 - LogMeIn, Inc.)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 6.0.0.0 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (HKLM-x32\...\{5BDFAB82-060E-438B-AB4F-A2331B2294C0}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - VWD Express 2010 Tools Update (HKLM-x32\...\{21E7A706-31FF-46AA-A294-FA4A8917B59F}) (Version: 3.0.20406.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - VWD Express 2010 Tools (HKLM-x32\...\{3CFFC382-6C23-42CB-8B1E-625F9F84E362}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Default Manager (HKLM-x32\...\{61BEA823-ECAF-49F1-8378-A59B3B8AD247}) (Version: 2.1.54.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft Office 2003 Primary Interop Assemblies (HKLM-x32\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2003 (HKLM-x32\...\{90510409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{E016AA48-A21B-4728-9BD0-E3AAE23BEE5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{C0C690C8-F335-4BA4-A2AD-675EAD1DFA90}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{C9F697B9-FAC8-4B76-9D3D-40FA3BFA4F9E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{dde2682b-961a-41ea-8d44-6005991b7947}) (Version: 11.0.60610.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{01db25f3-1b76-4d97-88c8-1c90634d88fb}) (Version: 11.0.60610.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Web Developer 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Web Developer 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Web Deploy 2.0 (HKLM\...\{5134B35A-B559-4762-94A4-FD4918977953}) (Version: 2.0.1070 - Microsoft Corporation)
Microsoft Web Platform Installer 3.0 (HKLM\...\{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}) (Version: 3.0.5 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - )
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
MotionLab (HKLM-x32\...\MotionLab) (Version: - )
Mozilla Firefox 27.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-GB)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.0.0.12 - SEIKO EPSON CORPORATION) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11800.21.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NiGraphInstaller (x32 Version: 1.00.0000 - Your Company Name) Hidden
NORD CON 2.1.2 (HKLM-x32\...\NORD CON 2.1) (Version: 2.1 - NORD DRIVESYSTEMS)
NuGet (HKLM-x32\...\{A5630CB0-6D3C-4C93-9A51-03BEB835A982}) (Version: 1.2.103.0 - Microsoft Corporation)
Oracle VM VirtualBox 4.1.4 (HKLM\...\{D21540A9-37AC-40FC-8106-15A4C1A2DD1A}) (Version: 4.1.4 - Oracle Corporation)
Parker Isysnet Analog Module Profiles (x32 Version: 5.01.2.0 - Parker Hannifin Corporation) Hidden
Parker Isysnet ASCII Module Profile (x32 Version: 1.01.15.0 - Parker Hannifin Corporation) Hidden
Parker Isysnet Discrete Module Profiles (x32 Version: 4.01.2.0 - Parker Hannifin Corporation) Hidden
Parker Isysnet Discrete Module Profiles 2 (x32 Version: 1.03.2.0 - Parker Hannifin Corporation) Hidden
Parker Isysnet Discrete Module Profiles 3 (x32 Version: 1.02.1.0 - Parker Hannifin Corporation) Hidden
Payroll for Windows (x32 Version: 6 - Sage Group PLC) Hidden
PhotoView 360 (x32 Version: 18.00.5035 - SolidWorks Corporation) Hidden
PID Calculation Program (HKLM-x32\...\PID Calculation Program) (Version: - )
PKZIP Server for Windows 12.40.0008 (HKLM-x32\...\{134A51EB-1BBB-4249-BAF5-494C3D186A06}) (Version: 12.40.0008 - PKWARE, Inc)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
PL-2303 Vista Driver Installer-ATEN (HKLM-x32\...\{23C08587-19F4-4BBC-9078-26CF8EB02256}) (Version: 3.1.7.0 - ATEN)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.2.5024 - Dell Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
Programmer's Notepad 2 (HKLM-x32\...\{52CF142B-7B0E-41E7-98F5-B834122523E7}_is1) (Version: 2.2.0.2240 - Simon Steele)
Quickset (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.2.8 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RemoteGateway 4 (HKLM-x32\...\{C2FAA135-4348-4982-8BA2-E5B6207EC0C9}) (Version: 4.1.4 - HexBeerium)
Revo Uninstaller Pro 3.0.8 (HKLM\...\Revo Uninstaller Pro PREACTIVATED by .:sHaRe:. @~1067B756_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
River Past Video Cleaner Pro (HKLM\...\Video Cleaner Pro) (Version: 7.7.16 - River Past)
Rockwell Automation 1732 Discrete Module Profiles (x32 Version: 1.02.4.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 Analog Module Profiles (x32 Version: 5.01.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 ASCII Module Profiles (x32 Version: 1.02.7.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 Discrete Module Profiles (x32 Version: 4.03.0.0 - Rockwell Software, Inc.) Hidden
Rockwell Automation 1734 Discrete Module Profiles 2 (x32 Version: 1.02.5.0 - Rockwell Software, Inc.) Hidden
Rockwell Automation 1734 Specialty Module Profiles (x32 Version: 1.03.0.0 - Rockwell Software, Inc.) Hidden
Rockwell Automation 1738 Analog Module Profiles (x32 Version: 5.01.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 ASCII Module Profiles (x32 Version: 1.02.7.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 Discrete Module Profiles (x32 Version: 4.03.0.0 - Rockwell Software, Inc.) Hidden
Rockwell Automation 1738 Discrete Module Profiles 2 (x32 Version: 1.02.5.0 - Rockwell Software, Inc.) Hidden
Rockwell Automation 1738 Discrete Module Profiles 3 (x32 Version: 1.02.6.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 Specialty Module Profiles (x32 Version: 1.03.0.0 - Rockwell Software, Inc.) Hidden
Rockwell Automation 1756 CNet Comms Module Profiles (x32 Version: 1.02.572.0 - Rockwell Software, Inc.) Hidden
Rockwell Automation 1756 ENet Comms Module Profiles (x32 Version: 1.02.572.0 - Rockwell Software, Inc.) Hidden
Rockwell Automation 1756 HART Module Profiles (x32 Version: 2.02.3.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Analog Module Profiles (x32 Version: 1.04.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Analog Module Profiles (x32 Version: 5.00.1392.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 ASCII Module Profiles (x32 Version: 1.04.1.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Boolean Module Profiles (x32 Version: 1.02.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Controller Module Profiles (x32 Version: 5.00.1392.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Discrete Module Profiles (x32 Version: 5.00.1392.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Embedded Module Profiles (x32 Version: 1.02.3.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Specialty Module Profiles (x32 Version: 5.00.1392.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1791DS Discrete Module Profiles (x32 Version: 5.00.1392.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Drives PowerFlex 4 Module Profiles (x32 Version: 1.03.25.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Drives PowerFlex 7 2 Module Profiles (x32 Version: 1.03.25.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Drives PowerFlex 7 Module Profiles (x32 Version: 1.03.25.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Drives SCANport Module Profiles (x32 Version: 1.03.25.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Generic Safety Module Profiles (x32 Version: 5.00.1392.0 - Rockwell Automation, Inc.) Hidden
Roulette Winner (HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\4d577e9844087e75) (Version: 1.0.0.4 - Bettor Software)
Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
RSLinx (HKLM-x32\...\{34540622-805E-4CC7-98CF-65A43E99CF4D}) (Version: 2.42.00 - Rockwell Software, Inc.)
RSLogix 5000 Compare v3 (HKLM-x32\...\{7159B8D9-0527-4C33-875F-E5FBA8FC435D}) (Version: 3.0 - Rockwell Software)
RSLogix 5000 DeviceNet Tag Generator (HKLM-x32\...\{B100A292-14C5-4E41-AE27-0229BFBFDA9F}) (Version: 1.0.77 - Rockwell Automation)
RSLogix 5000 Faceplates (HKLM-x32\...\{4E8B1FF0-BE42-42F0-84C3-030399C548A1}) (Version: 2.23.00 - Rockwell Automation)
RSLogix 5000 IEC61131-3 Translation Tool (HKLM-x32\...\{517AA455-8CC9-4281-87A4-865E71947DC9}) (Version: 1.0.0 - Rockwell Automation, Inc.)
RSLogix 5000 Module Profile Core (x32 Version: 5.00.1392.0 - Rockwell Software, Inc.) Hidden
RSLogix 5000 Module Profile Setup Utility (x32 Version: 5.00.1392.0 - Rockwell Software, Inc.) Hidden
RSLogix 5000 Online Books v17.00.00 (HKLM-x32\...\{20010017-D5FD-11DA-A128-000C29473C90}) (Version: 17.00.00 - Rockwell Automation, Inc.)
RSLogix 5000 Setup Installer (x32 Version: 3.01.0000 - Rockwell Automation, Inc.) Hidden
RSLogix 5000 Start Page Media v17.00.05 (HKLM-x32\...\{10050017-D5FD-11DA-A128-000C29473C90}) (Version: 17.00.05 - Rockwell Automation, Inc.)
RSLogix 5000 System Updates (x32 Version: 17.06.3008 - Rockwell Automation, Inc.) Hidden
RSLogix 5000 v16.00.00 (HKLM-x32\...\{30010016-EC33-11D6-A408-F6139379CBFB}) (Version: 16.00.00 - Rockwell Automation, Inc.)
RSLogix 5000 v17.00.00 (CPR 9 SR 1) (HKLM-x32\...\{30010017-EC33-11D6-A408-F6139379CBFB}) (Version: 17.00.00 - Rockwell Automation, Inc.)
RSLogix5000 Data Preserved Download Tool (HKLM-x32\...\{D1596264-A65A-42C3-84C7-54D2D446E992}) (Version: 1.1.2 - Rockwell Software)
S7-200 Explorer V2.0.0.27 (HKLM-x32\...\{2A645578-D36C-4E6C-9DEC-B71BC17EAB74}) (Version: 2.0.0.0 - Siemens)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.25.0 - SAMSUNG Electronics Co., Ltd.)
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Service Pack 2 for SQL Server 2008 (KB2285068) (64-bit) (HKLM\...\KB2285068) (Version: 10.2.4000.0 - Microsoft Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Siemens Automation License Manager (Version: 05.01.0100 - Siemens AG) Hidden
Siemens Automation License Manager V5.1 + SP1 (HKLM\...\{8D2E0408-8D61-4A53-B0DB-2AD670A38624}LicenseManager) (Version: 05.01.0100 - Siemens AG)
SIMATIC STEP 7 (x32 Version: 05.05.0200 - Siemens AG) Hidden
SIMATIC STEP 7 V5.5 + SP2 (HKLM-x32\...\{7B427E8E-F76D-4C8C-B155-7F24DF46DB67}STEP7) (Version: 05.05.0200 - Siemens AG)
SIMATIC Device Drivers (Version: 01.00.0200 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (x32 Version: 20.00.0200 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (Version: 05.05.0100 - Siemens AG) Hidden
SIMATIC S7-PCT (x32 Version: 02.03.0000 - Siemens AG) Hidden
SIMATIC S7-PCT V2.3 (HKLM-x32\...\{06AF0F82-E926-48A6-8C5F-ECB195DB2CB4}S7PCT) (Version: 02.03.0000 - Siemens AG)
Skins (x32 Version: 2009.0213.2138.38808 - ATI) Hidden
SMAC Control Center version 1.1B3 (HKLM-x32\...\SMAC Control Center_is1) (Version: 1.1B3 - )
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Software package (HKLM-x32\...\Software package CM1208F_UJ440E R5.00_is1) (Version: - Electrum Automation AB)
SolidWorks 2010 x64 Edition SP0 (HKLM-x32\...\SolidWorks Installation Manager 20100-40000-1100-100) (Version: 18.0.0.5035 - SolidWorks Corporation)
SolidWorks 2010 x64 Edition SP0 (Version: 18.100.5035 - SolidWorks) Hidden
SolidWorks eDrawings 2010 (x32 Version: 10.0.727 - Dassault SystÃ¨mes SolidWorks Corp.) Hidden
SolidWorks Explorer 2010 SP0 x64 Edition (Version: 18.00.5035 - SolidWorks Corporation) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.5.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
STEP 7 MicroWIN V4.0.9.25 (HKLM-x32\...\{EA5E7DD4-D9AC-406B-9233-9B3E65C1DBA2}) (Version: 4.0.9 - Siemens)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Superior Drummer 64 bit (HKLM\...\{22029AEE-38DF-4E35-AEF4-FE8CA3F6667F}) (Version: 2.2.3 - Toontrack)
Superior Drummer Installer (HKLM-x32\...\{009AC76E-1A66-4682-82B7-417E77F3C648}) (Version: 2.2.3 - Toontrack)
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tag Data Monitor Tool (HKLM-x32\...\{8A8C5496-0460-489E-8CB9-8F62E09F033D}) (Version: 2.0.1 - Rockwell Automation)
Tag Import Utility (HKLM-x32\...\{B4BC22FF-9599-4FB4-9F3D-C8D7A19800D4}) (Version: 4.0.24 - Rockwell Automation)
Tag Upload Download Tool (HKLM-x32\...\{BA35560D-EE87-40BD-A84B-48F4CD939D38}) (Version: 2.6.1 - Rockwell Automation)
TD Keypad Designer V1.0.9.25 (HKLM-x32\...\{3A3DCADC-703E-4D52-A40B-0A4A3381E503}) (Version: 1.0.9 - Siemens)
TJ1 Device Driver (x32 Version: 1.6.1.0 - Omron) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
UltraISO Premium V9.6 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USB 2.0 VGA Device (Multiple) 11.06.1223.0153 (HKLM-x32\...\{04A1E855-4EBF-417D-87FF-2F085CA534A0}) (Version: 11.06.1223.0153 - )
USB DataTransfer Driver (HKLM-x32\...\{D430A2CA-5814-4E83-B5FF-BB616CFFC0AB}) (Version: 1.01.000 - Digital Electronics Corporation)
VBA (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.1.1.1524 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.1.1.1524 - PACE Anti-Piracy, Inc.)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VLC Streamer 2.64 (HKLM-x32\...\VLC Streamer_is1) (Version: - )
VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Player (HKLM-x32\...\VMware_Player) (Version: 4.0.4.30409 - VMware, Inc)
VMware Player (x32 Version: 4.0.4.30409 - VMware, Inc.) Hidden
VMware vCenter Converter Standalone (HKLM-x32\...\{EDF0C1D5-D980-48F9-BA19-0ECEDEF8C5D4}) (Version: 5.0.0.470252 - VMware, Inc.)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
WBBSetup (HKLM-x32\...\{B044FEA2-E95B-4FDF-A882-1ACE6E153541}) (Version: 5.0.0.0 - Warez-BB)
WCF RIA Services V1.0 SP1 (HKLM-x32\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software 6.1.0.4402 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.1.0.4402 - Dell)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Red Lion Controls (HMI) USB (01/13/2010 1.0.0.6) (HKLM\...\BEA29C59F1C197E983C09C30CB847015F2B4535D) (Version: 01/13/2010 1.0.0.6 - Red Lion Controls)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinMount V3.5.0114 (HKLM-x32\...\WinMount_is1) (Version: 3.5.0114 - WinMount)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WinSCP 4.2.7 (HKLM-x32\...\winscp3_is1) (Version: 4.2.7 - Martin Prikryl)
Xvid 1.1.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{07474513-7B58-45c7-B3E6-13A3669B1AFD}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe" No File
CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-271332308-4134518789-2522140791-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

02-06-2015 09:47:36 Scheduled Checkpoint
02-06-2015 14:12:11 Before BitDefender Install

jonnydy2j · 2015/06/02

ADDITIONS.TXT Part 2

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 13:34 - 2011-12-06 17:32 - 00000884 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activation.guitar-pro.com
119.42.146.34 www.warez-bb.org

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {180E7792-6687-4D9E-AC35-B9A3B548C053} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-11-18] (PC-Doctor, Inc.)
Task: {1E659B2C-3BDC-4CC6-9E88-3585B6FDB3B8} - System32\Tasks\{842D17F1-841D-4F62-A5CB-4CBCEF7495D8} => pcalua.exe -a C:\Users\Jonathan\Downloads\ps121v2_v2_0_2\Setup.exe -d C:\Users\Jonathan\Downloads\ps121v2_v2_0_2
Task: {27E40A77-2DF5-4D32-A25B-A0E44C2AF64A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {36F25687-58FA-4CC7-BDA4-796A2C0A3C60} - System32\Tasks\{D29EDF51-344F-4F8D-BC93-BA3DC5FAA392} => pcalua.exe -a "C:\Users\Jonathan\Downloads\JDownloader\Advanced Archive Password Recovery Pro 4 50 Portable\Advanced Archive Password Recovery Pro v4.50 Portable.exe" -d "C:\Users\Jonathan\Downloads\JDownloader\Advanced Archive Password Recovery Pro 4 50 Portable "
Task: {3CACD308-6A27-4962-BEF6-45E0AD1DA96F} - System32\Tasks\{0C6D54CE-9C99-4B2B-8340-ECFA23A04788} => pcalua.exe -a C:\Users\Jonathan\Downloads\VirtualBox-4.1.4-74291-Win.exe -d "C:\Program Files (x86)\Mozilla Firefox "
Task: {40E5AD00-5BFA-4C63-A61D-F74182D988B7} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {456A3F85-5F5C-4C3B-B008-F4C9C2F515A7} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-11-18] (PC-Doctor, Inc.)
Task: {51F4B764-2D06-4830-989E-B7DAED08A996} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {5890832B-B785-435F-9934-323A0AF8EAB0} - System32\Tasks\{0FABF02E-5AEE-4439-96BE-8E4C92AB91B1} => pcalua.exe -a E:\Install.exe -d E:\
Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {7B10AD89-AAC0-48C5-94C5-73B75DAE273C} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-11-18] (PC-Doctor, Inc.)
Task: {9A3EBBE9-69FE-4E59-A0BA-2946D36C9C15} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-02] (Adobe Systems Incorporated)
Task: {AC521FDA-D304-4B8C-94A7-A636A4BB0829} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-03] (Google Inc.)
Task: {B592540D-E518-41E2-85B1-5E40628ACE1A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CEB41B1F-BFBE-4B4A-9308-2F3133C67687} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: {D687EEC0-5CB0-46E2-AECC-C3A6B8B84800} - System32\Tasks\{0E3DBAD8-D5F6-493D-BFA9-1AA959E6BFC8} => pcalua.exe -a "C:\Users\Jonathan\Downloads\JDownloader\WinMount v3 5 0114 Incl Keygen-Lz0\lzdxdng3\Linezer0\Lz0\keygen.exe" -d "C:\Users\Jonathan\Downloads\JDownloader\WinMount v3 5 0114 Incl Keygen-Lz0\lzdxdng3\Linezer0\Lz0 "
Task: {DBA7AF84-9CA2-4BED-9F52-754CCA3AB43E} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-20] (Microsoft Corporation)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {EBF51757-DB5D-45FE-81F9-771478980DD2} - System32\Tasks\{3B381AEC-A8B2-4E69-9EFE-D23241EDC390} => pcalua.exe -a C:\Users\Jonathan\Downloads\VMware-player-3.1.3-324285.exe -d "C:\Program Files (x86)\Mozilla Firefox "
Task: {FB98F29C-A7C1-42DB-A1D6-7476FCBA0112} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-03] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

==================== Loaded Modules (Whitelisted) ==============

2012-08-31 16:24 - 2012-03-11 14:56 - 00086608 _____ () C:\Windows\System32\cpwmon64.dll
2011-03-10 01:43 - 2011-03-10 01:43 - 00774144 _____ () C:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Scpwin64.dll
2012-08-30 11:36 - 2011-08-31 14:06 - 00310648 _____ () C:\Windows\system32\GManager.exe
2012-08-30 11:36 - 2011-05-03 18:13 - 00199296 _____ () C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
2012-08-30 11:35 - 2011-08-09 23:10 - 00199296 _____ () C:\Program Files (x86)\MCT\VGA0007\Utility\MCTUISvr.exe
2011-06-14 18:24 - 2011-06-14 18:24 - 00824320 _____ () C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\sn_regbase.dll
2010-07-06 20:24 - 2009-08-16 17:06 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2013-02-05 01:21 - 2013-02-05 01:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-05 01:21 - 2013-02-05 01:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2013-02-05 01:21 - 2013-02-05 01:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-05 01:21 - 2013-02-05 01:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2009-07-07 10:23 - 2009-07-07 10:23 - 01779952 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2010-12-19 19:39 - 2010-12-19 19:39 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2009-02-13 15:31 - 2009-02-13 15:31 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-09-08 13:53 - 2011-09-08 13:53 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-06-01 23:38 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-06-01 23:37 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-06-01 23:38 - 2015-03-24 12:55 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-06-01 23:38 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-06-01 23:45 - 2015-06-01 23:45 - 00790368 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttpbr.mdl
2015-06-01 23:45 - 2015-06-01 23:45 - 00711064 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttpdsp.mdl
2015-06-01 23:45 - 2015-06-01 23:45 - 02683520 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttpph.mdl
2015-06-01 23:45 - 2015-06-01 23:45 - 01326504 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttprbl.mdl
2011-04-23 22:18 - 2011-04-23 22:18 - 00097464 _____ () C:\Windows\system32\FAIEExtension.DLL
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-05 10:11 - 2011-04-22 18:25 - 00050056 _____ () C:\Program Files (x86)\EASEUS\Todo Backup\bin\CodeLog.dll
2012-09-05 10:11 - 2008-11-25 17:18 - 01291264 _____ () C:\Program Files (x86)\EASEUS\Todo Backup\bin\libxml2.dll
2012-09-05 10:11 - 2004-10-05 03:08 - 00055808 _____ () C:\Program Files (x86)\EASEUS\Todo Backup\bin\zlib1.dll
2011-09-08 09:09 - 2011-09-08 09:09 - 03379200 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9e4806f1\mscorlib.dll
2011-09-08 09:09 - 2011-09-08 09:09 - 01953792 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_6c5c0a64\system.dll
2011-09-08 09:09 - 2011-09-08 09:09 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_78ae9cdf\system.xml.dll
2009-11-03 20:02 - 2009-08-17 09:29 - 00115952 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2009-11-03 20:02 - 2009-08-17 09:29 - 00128240 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2011-08-19 20:53 - 2011-08-19 20:53 - 00085616 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\mspack.dll
2011-08-19 20:52 - 2011-08-19 20:52 - 01234544 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\libxml2.dll
2011-08-19 20:51 - 2011-08-19 20:51 - 00541808 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\sqlite3.dll
2012-06-09 02:36 - 2012-06-09 02:36 - 01229464 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2009-07-07 10:24 - 2009-07-07 10:24 - 00268528 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-07-07 10:23 - 2009-07-07 10:23 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2009-07-07 10:24 - 2009-07-07 10:24 - 00095472 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2009-07-07 10:24 - 2009-07-07 10:24 - 00140528 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2009-07-07 10:23 - 2009-07-07 10:23 - 00017648 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2011-02-08 23:00 - 2011-02-08 23:01 - 00034816 _____ () C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
2015-06-01 23:29 - 2015-06-01 23:29 - 00043008 _____ () c:\users\jonathan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpulfrnz.dll
2015-03-04 22:45 - 2015-03-04 22:45 - 00750080 _____ () C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 22:45 - 2015-03-04 22:45 - 00047616 _____ () C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 22:45 - 2015-03-04 22:45 - 00865280 _____ () C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 22:45 - 2015-03-04 22:45 - 00200704 _____ () C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939
AlternateDataStreams: C:\ProgramData\TEMPDE29E40
AlternateDataStreams: C:\Users\Jonathan\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.25.0-retail.exe:BDU
AlternateDataStreams: C:\Users\Jonathan\Downloads\touchmouse1.0_x64.exe:BDU
AlternateDataStreams: C:\Users\Jonathan\Downloads\Universal-USB-Installer-1.9.5.2.exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => " "=" "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => " "= "Driver "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => " "=" "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => " "= "Driver "

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\internet -> internet
IE trusted site: HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-271332308-4134518789-2522140791-1000\...\mcafee.com -> hxxps://mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-271332308-4134518789-2522140791-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8 - 8.8.4.4

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4E1D0423-92F3-4444-813E-144A1A75BE00}] => (Allow) C:\Program Files (x86)\LimeWire\LimeWire.exe
FirewallRules: [{7FCECC85-03C1-4ED4-BA92-685AD0F9D233}] => (Allow) C:\Program Files (x86)\LimeWire\LimeWire.exe
FirewallRules: [{DE2AD45B-BCB1-4F8A-B501-8AD24931023E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{C3E99AFF-57EE-44C9-84AD-C4BC396D8010}] => (Allow) LPort=1900
FirewallRules: [{C6F74F53-1200-43AD-9A71-C22D3CBBDB27}] => (Allow) LPort=2869
FirewallRules: [{757482A4-F3A2-46A9-83EA-3860D69473BE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1B2B16DA-62CB-47A5-BCD0-F49BA1DF414C}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{7D8D2EDF-C3EA-4F65-B766-9EAD9BF59F85}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{5B1FFC06-7DA5-4DF2-99B3-4C35354B0B0E}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{E5AE3DE6-7AF2-4F7A-8042-AB3D4996638A}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{767F4629-2AB6-4836-AAB5-54FD53E7B6E3}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{C0948C68-B7E0-4E8A-94D6-4CFD4B656527}] => (Allow) svchost.exe
FirewallRules: [{BB55DE25-6EE0-4D45-B130-7BB680F72FB7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D4CE6318-550D-4DF3-8ED5-0B24E4C3E6B1}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
FirewallRules: [{D0059C7A-C62C-40AA-A4B1-81B50411E3A0}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe
FirewallRules: [{2352D06B-9C70-4023-9FDE-5CDAC7B8EB48}] => (Allow) C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
FirewallRules: [{3E4262A5-8B03-4DC7-8C72-1A59DEE33B32}] => (Allow) C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
FirewallRules: [{F3897A95-6E48-49E3-9DC0-8EEC9D1F88B1}] => (Allow) C:\Program Files (x86)\NETGEAR ReadyNAS\Remote\bin\ReadyNASRemote.exe
FirewallRules: [{F31EC978-63BE-4B63-A480-70439ACA1E60}] => (Allow) C:\Program Files (x86)\NETGEAR ReadyNAS\Remote\bin\ReadyNASRemote.exe
FirewallRules: [{595910B8-F84D-4AC3-9238-F228CA9235AD}] => (Allow) C:\ProgramData\TVersity\Media Server\MediaServer.exe
FirewallRules: [{42843B78-A6F0-4D02-BAFE-B6D01EBFDD7E}] => (Allow) C:\ProgramData\TVersity\Media Server\MediaServer.exe
FirewallRules: [{7BBFB185-C13D-4898-8600-8A205D68BB84}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLogix 5000\ENU\v17\Bin\RS5000.Exe
FirewallRules: [{80E5264F-C47B-49CA-9C49-8A55AD73A6CA}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLogix 5000\ENU\v17\Bin\RS5000.Exe
FirewallRules: [{3CEAABCA-4308-4775-8030-660437E19ADB}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLogix 5000\ENU\v16\Bin\RS5000.Exe
FirewallRules: [{1DACF963-8DD0-4CB9-8F87-52CA1E53D57C}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLogix 5000\ENU\v16\Bin\RS5000.Exe
FirewallRules: [{902DCED9-E5AC-43F2-99E9-AFCDCEB3BF05}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EBE389FD-72C1-42D6-AF94-BEBD902C1C99}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{28220830-48FD-4CC4-8491-A1B82D9E7B63}] => (Allow) LPort=2392
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{B14D4709-8D49-4BFC-BD40-F06131666256}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{5802D015-208A-4D70-B50C-9ADFD456529D}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{20B2C06D-6908-426F-B2AD-C83272D29501}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{93189006-9967-496C-B3FD-FC14703EB204}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CBBD5A63-60D0-4D98-985B-935921357685}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9EAD097B-419D-4782-8B6D-C423600490D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{2CB5AEA2-2C59-4E78-80E6-EF120EA7AEA3}C:\webserver\mongoose-2.11.exe] => (Allow) C:\webserver\mongoose-2.11.exe
FirewallRules: [UDP Query User{3360BA89-8D5C-4C03-95A8-3B0861CD8E62}C:\webserver\mongoose-2.11.exe] => (Allow) C:\webserver\mongoose-2.11.exe
FirewallRules: [TCP Query User{9CE0DB4A-4681-47D2-877F-BA6288C2EAAF}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{DFC61272-4F5B-435A-A101-3F6338BD752D}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{7CB9A47B-29D7-43FB-A462-B433D612DCDD}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{72750EA8-6866-49A3-BAD7-1879D9A8A802}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{FD13A490-E521-4A60-AF7E-56BABB099293}] => (Allow) LPort=5353
FirewallRules: [{12FECB5E-A42B-4B6F-92F9-61830017910B}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{F2E10045-730F-4CDC-ADFD-474F2CECDC21}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{9DBD1459-F6A6-4E83-8A99-571CF22766F1}] => (Allow) LPort=43283
FirewallRules: [{E77362E0-8EBC-4095-AD78-D77B2693BAE4}] => (Allow) CprManager.exe
FirewallRules: [{DF807EDB-07F7-438D-A6AE-E13B5DDDB9C4}] => (Allow) C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AC810FFC-244D-4A86-B6C5-036B22F90C53}] => (Allow) C:\Users\Jonathan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E0393057-F5CA-4219-9BFE-90BE931C9922}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\SQLANY\Dbsrv9.exe
FirewallRules: [{963D0D2A-9002-40C2-9DC1-7A49F47C8976}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\SQLANY\Dbeng9.exe
FirewallRules: [{E5454B3B-2F6B-4EA6-8CD4-48039C7CC5DE}] => (Allow) C:\Windows\system32\S7otbxsx.exe
FirewallRules: [{8D8B5159-6C41-4891-850B-1214B54581AF}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7INF\S7usiapx.exe
FirewallRules: [{F22B57B1-7F28-4BE0-9D99-B080E6731104}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7BIN\S7tgtopx.exe
FirewallRules: [{CD97B4B1-B523-4BC7-9083-4A1AF82D1F6D}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
FirewallRules: [{B42E3920-1CE2-4780-9F83-BDC52800DBF0}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe
FirewallRules: [{37DB4EC7-20E4-4C12-AEDE-23AAE8298BCC}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Streamer\mDNSResponder.exe
FirewallRules: [{FEF0255C-92C7-45E0-A043-4949B3F0C9E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe\Bonjour\mDNSResponder.exe
FirewallRules: [{8C0AE40F-DDFA-4F9D-B39E-2BDE498A2BF5}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{8B2251D3-EBFA-487D-B645-713B3BE81854}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{F099CA56-13E4-4D99-AA02-251DF64ABB47}] => (Allow) LPort=9089
FirewallRules: [{1274C5B3-5833-4344-9520-C70C850D960F}] => (Allow) C:\Users\Jonathan\AppData\Local\Temp\7zS1654\OJ7000vE809a_Full_14\setup\hpznui40.exe
FirewallRules: [{907AAFC4-DF5F-41A0-8FA6-6E72AF6CF157}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{D99131A0-3F7A-4277-872D-9967ED72038A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{A4D96B46-4BE9-4747-B105-495A552D77EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{81FBA1B0-AEB7-4266-A6D9-54A3DDD9FE84}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{C38328C4-C1B6-4795-9D3A-2FD2EEEA92AA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A9534475-3F6B-4186-B17D-7EE9E47186C0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{F8075196-45D8-4CCF-9CA8-88E785E47749}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{96D5CF2A-0DC4-420F-8A03-D1604E771A62}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{AF7A4C8B-A869-41F6-8545-96A65832F8FE}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{EFF4909F-3FE3-4C16-8767-97D6DB411836}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{88FD518A-1D10-4A83-9F0C-5A68EB633C9A}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{0E393FDA-08DA-4D7A-9FE0-2E36DEE1CEE8}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{0ED57CE4-D8C4-4A7E-BD47-3DDB88C786C4}] => (Allow) LPort=4481
FirewallRules: [{305C59F2-9C47-462C-B59F-C9688D514D14}] => (Allow) LPort=4481
FirewallRules: [{7C173153-EAD8-4509-8257-139517B8DE98}] => (Allow) LPort=4482
FirewallRules: [{30CA856E-2733-4304-84D7-00BEDA1A68D0}] => (Allow) LPort=4482
FirewallRules: [{3E1F34C8-9DC0-4139-B567-E353A48B34A8}] => (Allow) C:\MELSEC\MXChange\MXCserve.exe
FirewallRules: [{2BE98678-3A93-4CA8-9E72-09141AD0334D}] => (Allow) C:\MELSEC\MXChange\MXCserve.exe
FirewallRules: [{FE6FC117-2D6F-43BB-8059-342DFFEFEB36}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B30D4C31-38D5-44FA-9993-6E2DDE191108}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{8B5F6F36-999B-4843-9B72-FCA248B683FD}] => (Allow) C:\Users\Jonathan\AppData\Local\Temp\EPSON WF-2530 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe
FirewallRules: [{438D288D-2CB2-4F24-A02A-33E17E2E7CB5}] => (Allow) C:\Users\Jonathan\AppData\Local\Temp\EPSON WF-2530 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe
FirewallRules: [{503AED5D-3378-4DFC-B8DD-5287DE87C542}] => (Allow) C:\Program Files (x86)\Logitech Touch Mouse Server\iTouch-Server-Win.exe
FirewallRules: [{98F2C00C-4A2E-48C4-89C3-4562DAF81A31}] => (Allow) C:\Program Files (x86)\Logitech Touch Mouse Server\iTouch-Server-Win.exe
FirewallRules: [{60DA8A2A-C071-4881-B70B-AFAF2CEDE175}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{D7C10425-DE80-464C-A505-295196AF991B}C:\program files (x86)\remotegateway 4\remotegateway.exe] => (Block) C:\program files (x86)\remotegateway 4\remotegateway.exe
FirewallRules: [UDP Query User{79C0737E-5888-46D6-A21C-C12D926EB4A4}C:\program files (x86)\remotegateway 4\remotegateway.exe] => (Block) C:\program files (x86)\remotegateway 4\remotegateway.exe

==================== Faulty Device Manager Devices =============

Name: Officejet 7000 E809a
Description: Officejet 7000 E809a
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action ", and then click "Enable Device ". This starts the Enable Device wizard. Follow the instructions.

Name: HP Color LaserJet CP3525
Description: HP Color LaserJet CP3525
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action ", and then click "Enable Device ". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action ", and then click "Enable Device ". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/01/2015 11:25:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2015 00:42:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2015 08:46:46 AM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Acquisition of genuine ticket failed (hr=0xC004C533) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f

Error: (06/02/2015 08:46:46 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: License acquisition failure details.
hr=0xC004C533

Error: (06/02/2015 08:43:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/22/2014 09:33:11 AM) (Source: MsiInstaller) (EventID: 11500) (User: Jonathan-PC)
Description: Product: TightVNC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (03/13/2014 11:29:01 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (5160) Asapi: (22:29:01:2210)(5160) ASAPI-Global - Fatal -- 261 Engine has shut down!

Error: (03/13/2014 04:34:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/13/2014 04:02:16 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary gzflt.

System Error:
The system cannot find the file specified.
.

Error: (03/09/2014 11:39:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary gzflt.

System Error:
The system cannot find the file specified.
.

System errors:
=============
Error: (06/02/2015 02:26:24 PM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be changed by -54342 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->23.101.187.68:123) is working properly.

Error: (06/02/2015 02:25:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Bitdefender Desktop Parental Control service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/02/2015 01:57:26 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{DF45B968-9F66-430C-ADE0-562CDAC85BF0}.
The backup browser is stopping.

Error: (06/02/2015 00:42:19 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (06/02/2015 00:42:19 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (06/02/2015 00:38:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:11:03 PM on ‎6/‎2/‎2015 was unexpected.

Error: (06/02/2015 08:44:47 AM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be changed by -54346 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->104.209.134.106:123) is working properly.

Error: (06/02/2015 08:41:12 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (06/02/2015 08:41:11 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (06/02/2015 08:38:58 AM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be changed by -54347 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->23.101.187.68:123) is working properly.

Microsoft Office:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-07-10 13:45:31.144
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-10 13:45:31.141
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-10 13:45:31.139
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-10 13:45:31.136
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-10 13:05:32.173
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-10 13:05:32.171
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-10 13:05:32.168
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-10 13:05:32.166
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-07-09 15:04:14.270
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\SETD78.tmp because the set of per-page image hashes could not be found on the system.

Date: 2013-07-09 15:04:14.268
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\SETD78.tmp because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz
Percentage of memory in use: 70%
Total physical RAM: 4090.89 MB
Available physical RAM: 1219.45 MB
Total Pagefile: 8179.97 MB
Available Pagefile: 3647.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:430.59 GB) (Free:41.13 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Ubuntu-Live-Custom) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS
Drive j: () (Removable) (Total:1.86 GB) (Free:1.85 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 30000000)
Partition 1: (Not Active) - (Size=180 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=430.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 GB) - (Type=01)

========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================

jonnydy2j · 2015/06/02

For some reason FRST.TXT Part 1 and ADDITIONS.TXT Part 2 posts both told me that they require moderator approval before they will be posted. If you do not get these posts please let me know and I will repost them for you.

Jon

broni · 2015/06/02

I got it.
Logs looks clean so unless you see some other issues I'd assume BitDefender was your culprit.

jonnydy2j · 2015/06/02

The only issue I have at the minute is how slow the machine is but as long as it is clean I can work on that. There is a lot things on there that can be taken off.

Many thanks for your help Broni

broni · 2015/06/03

You're very welcome

Log in or Sign up

Solved gzflt.sys is corrupt, preventing windows from starting

jonnydy2j Inactive Thread Starter

broni Moderator Malware Analyst

Attached Files:

fixlist.txt

jonnydy2j Inactive Thread Starter

broni Moderator Malware Analyst

jonnydy2j Inactive Thread Starter

jonnydy2j Inactive Thread Starter

jonnydy2j Inactive Thread Starter

jonnydy2j Inactive Thread Starter

jonnydy2j Inactive Thread Starter

broni Moderator Malware Analyst

jonnydy2j Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved gzflt.sys is corrupt, preventing windows from starting

jonnydy2j Inactive Thread Starter

broni Moderator Malware Analyst

Attached Files:

fixlist.txt

jonnydy2j Inactive Thread Starter

broni Moderator Malware Analyst

jonnydy2j Inactive Thread Starter

jonnydy2j Inactive Thread Starter

jonnydy2j Inactive Thread Starter

jonnydy2j Inactive Thread Starter

jonnydy2j Inactive Thread Starter

broni Moderator Malware Analyst

jonnydy2j Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches