1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive unknow virus inside win 7

Discussion in 'Malware and Virus Removal' started by clanbuster, 2016/02/02.

Thread Status:
Not open for further replies.
  1. 2016/02/02
    clanbuster

    clanbuster Well-Known Member Thread Starter

    Joined:
    2010/03/13
    Messages:
    12
    Likes Received:
    0
    [Inactive] unknow virus inside win 7

    This morning i found my windows 7 have many issue.
    Currently was protected by Microsoft secuirty essentials &
    Malwarebytes Anti Malware

    1) I can't key in "1234567890" instead will come out " !@#$%^&*() "
    and if using numpad will be nothing.

    2) IE, it will full highlight anything when mouse was click

    3) In folder, I will auto select all when u click

    4) Mouse cannot scroll using wheel

    I don't know how many other issue because i start scan and scan.
    Can't find any virus or Malware.

    Pls help
     
    clanbuster,
    #1
  2. 2016/02/02
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,901
    Likes Received:
    510
    Hi clanbuster. Please read this and post the requested logs in your next reply.

    Thanks.
     
    Evan Omo,
    #2


  3. to hide this advert.

  4. 2016/02/03
    clanbuster

    clanbuster Well-Known Member Thread Starter

    Joined:
    2010/03/13
    Messages:
    12
    Likes Received:
    0
    Thank you Evan.

    Enclosed the FRST.txt

     
    clanbuster,
    #3
  5. 2016/02/03
    clanbuster

    clanbuster Well-Known Member Thread Starter

    Joined:
    2010/03/13
    Messages:
    12
    Likes Received:
    0
    my addition.txt

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
    Ran by andrew (2016-02-03 15:11:27)
    Running from C:\Users\andrew\Downloads
    Windows 7 Professional Service Pack 1 (X64) (2014-09-23 03:21:06)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1116895921-1628039155-3785525970-500 - Administrator - Disabled)
    andrew (S-1-5-21-1116895921-1628039155-3785525970-1000 - Administrator - Enabled) => C:\Users\andrew
    Andrew_2 (S-1-5-21-1116895921-1628039155-3785525970-1003 - Limited - Enabled) => C:\Users\Andrew_2
    Guest (S-1-5-21-1116895921-1628039155-3785525970-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1116895921-1628039155-3785525970-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.0.501 - ABBYY Production LLC)
    Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.3.0 - Adobe Systems)
    Adobe Acrobat 9.3.0 - CPSID_52073 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_930) (Version: - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
    Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
    Adobe Creative Suite 5 Design Premium (HKLM-x32\...\{A1BC7068-C1BA-410F-8B9A-DB807C803DE2}) (Version: 5.0 - Adobe Systems Incorporated)
    Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
    Alexa Toolbar (HKLM\...\Alexa Toolbar) (Version: 11.0.2013.1018 - Alexa.com)
    Andy OS (HKLM\...\Andy OS) (Version: 0.45.5.0 - Andy OS, Inc)
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Audio (HKLM-x32\...\{38508A2F-E87F-4082-8BE5-55CCBA1F567E}) (Version: 1.00.0000 - )
    Backuptrans Android WhatsApp to iPhone Transfer 3.2.03 (HKU\S-1-5-21-1116895921-1628039155-3785525970-1000\...\Backuptrans Android WhatsApp to iPhone Transfer) (Version: 3.2.03 - Backuptrans)
    Backuptrans Android WhatsApp to iPhone Transfer 3.2.03 (HKU\S-1-5-21-1116895921-1628039155-3785525970-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Backuptrans Android WhatsApp to iPhone Transfer) (Version: 3.2.03 - Backuptrans)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Boris Graffiti 6 for Corel VideoStudio Pro X8 64-Bit (HKLM\...\{C0AC7ED4-3714-499D-849B-77396A04591C}) (Version: 6.1.0010 - Boris FX, Inc.)
    Brother BRAdmin Light 1.25.0000 (HKLM-x32\...\{DB75941E-30C4-4D97-B000-D17C764B998C}) (Version: 1.25.0000 - Brother)
    Brother MFL-Pro Suite DCP-L2540DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
    C3D (x32 Version: 1.0.0.252 - Corel Corporation) Hidden
    C3D64 (Version: 1.0.0.252 - Corel Corporation) Hidden
    C3DHelp (x32 Version: 1.0.0.252 - Corel Corporation) Hidden
    CMS (HKLM-x32\...\CMS_is1) (Version: 2.22.16 - CMS)
    Contents64 (Version: 18.5.0.23 - Corel Corporation) Hidden
    Corel MotionStudio 3D 1.0 (HKLM-x32\...\_{CC9512A6-8BF7-4FD5-BCCF-05F6FCD19961}) (Version: 1.0.0.252 - Corel Corporation)
    Corel VideoStudio Ultimate X8 (HKLM-x32\...\_{A22A80C4-F237-4B5A-825F-0731971ECBE6}) (Version: 18.5.0.23 - Corel Corporation)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
    DocuPrint CM205 f_fw (HKLM-x32\...\InstallShield_{82E36284-5E49-4800-9882-0B69D7EEAC2D}) (Version: 1.011.00 - Fuji Xerox)
    DocuPrint CM205 f_fw (x32 Version: 1.011.00 - Fuji Xerox) Hidden
    DraftSight x64 (HKLM\...\{27CADF1B-2626-46F9-ACA8-B94FB3B506DA}) (Version: 12.2.1065 - Dassault Systemes)
    FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
    foobar2000 v1.3.9 (HKLM-x32\...\foobar2000) (Version: 1.3.9 - Peter Pawlowski)
    Free FLV to MP4 Converter 1.0.28 (HKLM-x32\...\{B00D1F02-C556-48eb-9DC2-32C778B71CE2}_is1) (Version: 1.0.28 - free-videoconverter)
    Free MP4 MP3 Converter 3.0.1 (HKLM-x32\...\Free MP4 MP3 Converter) (Version: 3.0.1 - ZISUN Freeware)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
    Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
    Hotkey 2.20.23 (HKLM-x32\...\{2F385B5D-5F23-4513-B3CE-9F5E4F4B882A}) (Version: 2.20.23 - )
    ICA (x32 Version: 1.0.0.252 - Corel Corporation) Hidden
    ICA (x32 Version: 18.5.0.23 - Corel Corporation) Hidden
    iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation)
    Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{50748ecf-730e-4c86-87be-0346d4aa7aac}) (Version: 17.0.6 - Intel Corporation)
    Interenet Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}) (Version: - BullPoint) <==== ATTENTION
    Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
    IP Camera Super Client(PnP) 1.2.4.566 (HKLM-x32\...\{BE59011C-CE48-45DC-9345-73D5C20C0EBB}_is1) (Version: - Shenzhen VStarcam Technology Co., Ltd)
    IPM_C3D (x32 Version: 1.0.0.252 - Corel Corporation) Hidden
    IPM_VS_Pro64 (Version: 18.0 - Corel Corporation) Hidden
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    iZotope Audio Enhancer (HKLM-x32\...\iZotope Audio Enhancer_is1) (Version: 1.00 - iZotope, Inc.)
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    LinkChecker 8.2 (HKLM-x32\...\LinkChecker_is1) (Version: - )
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-1116895921-1628039155-3785525970-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-1116895921-1628039155-3785525970-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-1116895921-1628039155-3785525970-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MYOB ODBC Direct v9 SG (HKLM-x32\...\InstallShield_{72A73DCB-9FDF-4E33-BC93-3E4DB3FF782C}) (Version: 9.0.1 - MYOB Technology Pty Ltd)
    MYOB ODBC Direct v9 SG (x32 Version: 9.0.1 - MYOB Technology Pty Ltd) Hidden
    MYOB Payroll v3 (HKLM-x32\...\InstallShield_{4FB8443B-B34C-4F6C-BC8F-BE98D94B5CD2}) (Version: 3.0 - MYOB Asia Sdn Bhd)
    MYOB Payroll v3 (x32 Version: 3.0 - MYOB Asia Sdn Bhd) Hidden
    MYOB Premier v13 (HKLM-x32\...\InstallShield_{C79E66C4-F9D8-4956-B62D-E9A404D36E27}) (Version: 13 - MYOB Asia Sdn Bhd)
    MYOB Premier v13 (x32 Version: 13 - MYOB Asia Sdn Bhd) Hidden
    NetSurveillance (HKLM-x32\...\NetSurveillance) (Version: - )
    NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 3.0 - NewBlue)
    Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
    NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
    NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
    PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
    PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
    Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
    proDAD Adorage 3.0 (64bit) (Version: 3.0.110.2 - proDAD GmbH) Hidden
    proDAD Mercalli 2.0 (64bit) (Version: 2.0.120 - proDAD GmbH) Hidden
    proDAD Route 4.0 (64bit) (Version: 4.0.233.1 - proDAD GmbH) Hidden
    proDAD Script 4.0 (64bit) (Version: 4.0.233.1 - proDAD GmbH) Hidden
    proDAD Vitascene 2.0 (64bit) (Version: 2.0.233 - proDAD GmbH) Hidden
    QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21244 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
    Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
    Scalextric Track Designer v1.1.2 (HKLM-x32\...\Scalextric Track Designer_is1) (Version: - A-Lab Software Limited)
    Scansoft PDF Professional (x32 Version: - ) Hidden
    Setup (x32 Version: 1.0.0.252 - Corel Corporation) Hidden
    Setup (x32 Version: 18.5.0.23 - Corel Corporation) Hidden
    Share64 (Version: 18.5.0.23 - Corel Corporation) Hidden
    SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
    Simpo PDF to Word 3.0.0 (HKLM-x32\...\Simpo PDF to Word_is1) (Version: - )
    Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
    Sound Forge Audio Studio 10.0 (HKLM-x32\...\{BC208D90-4643-11E3-987B-F04DA23A5C58}) (Version: 10.0.252 - Sony)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.0 - Synaptics Incorporated)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
    VideoStudio MyDVD (HKLM-x32\...\{49D8422A-D54E-425F-8A38-54167B1174A1}) (Version: 1.0 - Corel)
    VideoStudio MyDVD (x32 Version: 1.0.086 - Corel Corporation) Hidden
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
    VMware Player (Version: 6.0.7 - VMware, Inc.) Hidden
    VMware VIX (HKLM-x32\...\{F99FC179-EA67-4BBC-8955-BDDA0CB94B88}) (Version: 1.13.7.62285 - VMware, Inc.)
    VSClassic64 (Version: 18.5.0.23 - Corel Corporation) Hidden
    VSUltimate64 (Version: 18.5.0.23 - Corel Corporation) Hidden
    Weldassistant Version 7.2.0 (HKLM-x32\...\Weldassistant_is1) (Version: Version 7.2.0 - hsk welding solutions)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
    WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1116895921-1628039155-3785525970-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\andrew\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {002CF84D-9610-4B70-BFEC-E6A11650FD20} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
    Task: {36811085-9554-4289-B94D-F806955EF080} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {46681A7A-02C1-47FC-8F7C-FB441432F361} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {4F035B67-0896-40C1-81B4-65C61D59AA77} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
    Task: {66DFFE3B-B93D-4885-8D1F-122B58A7C46C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {686AFDE4-1D61-4F6C-BA6B-B514A350E220} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
    Task: {6B87404B-72F9-4931-94A6-A6188BFA21A2} - System32\Tasks\AdobeAAMUpdater-1.0-andrew-PC-andrew => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
    Task: {7CF008DA-81E6-41A8-B734-61E8559D38C3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {96F40C09-AA2F-4081-95F5-2ECFDB021483} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {BECD8230-740F-4FB4-89F7-A387DDF08CFE} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {C33E61C3-174F-43E4-A87D-08060DCF44B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-21] (Adobe Systems Incorporated)
    Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
    Task: {EBC9ACED-A595-4DA2-8643-4E8862CEF6D6} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2014-08-19 20:43 - 2014-07-03 04:48 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-08-19 20:44 - 2014-07-03 02:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2014-09-30 23:28 - 2011-11-18 10:02 - 00023040 _____ () C:\Windows\System32\fxhk4alm.dll
    2014-09-30 23:28 - 2012-09-13 11:28 - 15071744 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\fxhk4aRC.DLL
    2013-09-05 11:25 - 2013-09-05 11:25 - 01319936 _____ () C:\Program Files\Dassault Systemes\DraftSight\bin\QtNetwork4.dll
    2013-09-05 11:25 - 2013-09-05 11:25 - 03405312 _____ () C:\Program Files\Dassault Systemes\DraftSight\bin\QtCore4.dll
    2013-12-04 10:25 - 2013-12-04 10:25 - 00566784 _____ () C:\Program Files\Dassault Systemes\DraftSight\bin\QtXml4.dll
    2012-06-20 12:21 - 2012-06-20 12:21 - 00096768 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe
    2014-08-19 20:28 - 2014-01-16 11:34 - 00023552 _____ () C:\Program Files (x86)\Hotkey\HotkeyService.exe
    2014-09-26 16:42 - 2010-03-16 07:04 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
    2014-08-19 20:16 - 2012-11-14 15:22 - 00078456 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
    2014-08-19 20:16 - 2012-11-14 15:22 - 00386168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
    2014-08-19 20:29 - 2012-11-01 11:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
    2014-08-19 20:29 - 2012-11-01 11:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
    2012-06-20 12:21 - 2012-06-20 12:21 - 00248320 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmW.exe
    2012-06-20 12:21 - 2012-06-20 12:21 - 00229376 _____ () C:\Program Files (x86)\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmwj.exe
    2015-12-28 10:26 - 2015-10-30 21:39 - 00944840 _____ () C:\Program Files\Andy\HandyAndy.exe
    2014-08-19 20:28 - 2014-01-24 16:21 - 00031736 _____ () C:\Program Files (x86)\Hotkey\hkysound.exe
    2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2015-06-24 14:28 - 2015-06-24 14:28 - 01301720 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
    2014-08-19 20:43 - 2014-07-03 04:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    2016-01-14 13:48 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
    2014-08-19 20:29 - 2012-11-01 11:19 - 00246272 _____ () C:\Windows\SysWOW64\APOMngr.DLL
    2014-09-18 20:48 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
    2014-08-19 20:19 - 2013-12-10 07:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2016-01-29 15:31 - 2016-01-28 01:39 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libglesv2.dll
    2016-01-29 15:31 - 2016-01-28 01:39 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libegl.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1116895921-1628039155-3785525970-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\andrew\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    HKU\S-1-5-21-1116895921-1628039155-3785525970-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\andrew\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    HKU\S-1-5-21-1116895921-1628039155-3785525970-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Andrew_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.2.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: AdAppMgrSvc => 2
    MSCONFIG\startupfolder: C:^Users^andrew^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
    MSCONFIG\startupreg: (default) =>
    MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe "
    MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe "
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
    MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe "
    MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
    MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
    MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    MSCONFIG\startupreg: GoogleChromeAutoLaunch_3CBE92DCCA0A34C15444B20BBB1344B9 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
    MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
    MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe "
    MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [{9914FD0B-79A1-45E5-9D63-8CFA11E50542}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{172B1867-F4A3-4FED-B53B-D4351D11A66C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{E355E711-AD4F-4592-8C97-F95F6170CC32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{7AADB142-D01D-4CDC-889C-0EA95E0F0553}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{968A25BF-D229-477E-8F5D-53A9F0E01C75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{A0DAAFD4-7D96-45FE-84D3-F3CD94712193}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{C919703B-AD2C-40C4-B8D8-EBB6E8718385}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    FirewallRules: [{CA21151B-5890-4E45-AB2B-8FD3DA7B57BB}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
    FirewallRules: [{20A2A26B-B503-4893-8979-D4E9D894C228}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
    FirewallRules: [{D272151A-7EE5-489F-9C11-43418C587A39}] => (Allow) LPort=54925
    FirewallRules: [{5364DA68-8912-4F75-AAD0-BD72E6F6A667}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{D117F7D0-1088-4147-8453-F3BCC9B56F7B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{6B90F879-68F0-4122-8965-9A8B8910150C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{2B52FA31-0BFD-4318-A610-CA30D7209E92}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{989B8DAA-5CC2-4B57-834E-5F5A761B5422}C:\windows\syswow64\msiexec.exe] => (Block) C:\windows\syswow64\msiexec.exe
    FirewallRules: [UDP Query User{65D209DD-48FF-4686-9074-0FD81E560720}C:\windows\syswow64\msiexec.exe] => (Block) C:\windows\syswow64\msiexec.exe
    FirewallRules: [{7515580F-77B2-453F-B32B-947A3A7B2C34}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
    FirewallRules: [TCP Query User{F6AC282C-DBBB-4086-870F-B105075165FA}C:\program files (x86)\ip camera super client(pnp)\superipcam.exe] => (Allow) C:\program files (x86)\ip camera super client(pnp)\superipcam.exe
    FirewallRules: [UDP Query User{DE80EBC0-DE9B-4224-8869-E81DE9137DDB}C:\program files (x86)\ip camera super client(pnp)\superipcam.exe] => (Allow) C:\program files (x86)\ip camera super client(pnp)\superipcam.exe
    FirewallRules: [TCP Query User{0C0D38DF-E180-4F39-A406-831762B0FD58}C:\users\andrew\appdata\local\temp\rar$exa0.961\app-find-vstarcam.exe] => (Allow) C:\users\andrew\appdata\local\temp\rar$exa0.961\app-find-vstarcam.exe
    FirewallRules: [UDP Query User{639E0E9E-EA57-4BBF-9721-3DFD3EF766FD}C:\users\andrew\appdata\local\temp\rar$exa0.961\app-find-vstarcam.exe] => (Allow) C:\users\andrew\appdata\local\temp\rar$exa0.961\app-find-vstarcam.exe
    FirewallRules: [{144BE406-147E-46D1-AEF2-248FB5BEDCB4}] => (Allow) C:\Users\andrew\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{790AD732-2610-45B9-873E-E491D0425FEB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{4D4FBD06-7A58-42F2-AD24-0674A4C26D3C}] => (Allow) LPort=2869
    FirewallRules: [{06076589-4341-41AD-B8DC-04DDD8B724AC}] => (Allow) LPort=1900
    FirewallRules: [TCP Query User{EB804E6D-CD8A-4BF1-9EAA-EE97B3A6795A}C:\users\andrew\desktop\find-vstarcam.exe] => (Block) C:\users\andrew\desktop\find-vstarcam.exe
    FirewallRules: [UDP Query User{56D6FEC0-F63D-4B68-84BF-1495AF60BEDE}C:\users\andrew\desktop\find-vstarcam.exe] => (Block) C:\users\andrew\desktop\find-vstarcam.exe
    FirewallRules: [{7EFD23BA-DEFE-4602-832E-156362860280}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{E1DAB0DC-7748-46A7-B1D8-083D55102F47}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{9B83ACBC-B22F-4FBF-8890-D0AFB3029C84}C:\program files (x86)\ip camera super client(pnp)\superipcam.exe] => (Allow) C:\program files (x86)\ip camera super client(pnp)\superipcam.exe
    FirewallRules: [UDP Query User{3239FDA8-E172-4BA6-8208-7F72ECCAB0B6}C:\program files (x86)\ip camera super client(pnp)\superipcam.exe] => (Allow) C:\program files (x86)\ip camera super client(pnp)\superipcam.exe
    FirewallRules: [{6F79B7FD-372A-4EE2-891B-8C7B7F10CDFF}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Light\BRAdmLight.exe
    FirewallRules: [{6CED7738-F8EF-48AC-960F-AB0FA97B01B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{E2191F3B-AB35-44B7-AE60-7A5B0ED8857D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{3D27F9AD-5709-4EDE-9F0F-7F83321943F8}C:\users\andrew\desktop\app-find-vstarcam.exe] => (Allow) C:\users\andrew\desktop\app-find-vstarcam.exe
    FirewallRules: [UDP Query User{49A46427-3E7E-4249-8EC2-87B117964FC0}C:\users\andrew\desktop\app-find-vstarcam.exe] => (Allow) C:\users\andrew\desktop\app-find-vstarcam.exe
    FirewallRules: [{E47C1661-B331-46FB-9E35-846BE2076332}] => (Allow) C:\Users\andrew\AppData\Local\Temp\Andy_45.5_x64\Setup.exe
    FirewallRules: [{FA43F2DE-ACBC-4073-9632-656D7618A50E}] => (Allow) C:\Users\andrew\AppData\Local\Temp\Andy_45.5_x64\Setup.exe
    FirewallRules: [{B317A09C-5A7B-49E2-8ADC-A08FBC9AB93A}] => (Allow) C:\Program Files\Andy\andy.exe
    FirewallRules: [{CCE6FB0E-CB07-4371-BF57-3F0DAEE1C4B9}] => (Allow) C:\Program Files\Andy\andy.exe
    FirewallRules: [{0F33BD09-63F8-48E7-8AEB-B0E36062C773}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
    FirewallRules: [{1DD18514-AF45-4800-8F17-FE7FE63352C5}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
    FirewallRules: [{67FD8D1E-FA6F-4933-86AC-A9A2A333F916}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
    FirewallRules: [{256706DD-D7C0-4616-A2CD-A1E16C02813E}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
    FirewallRules: [{CCAB3369-2E0E-48A6-ADFE-979A204BBF89}] => (Allow) C:\Users\andrew\Downloads\NetworkRepairTool\BrotherNetTool.exe
    FirewallRules: [{721919A9-099B-4B9A-9FD1-4F87DC9D7702}] => (Allow) C:\Users\andrew\Downloads\NetworkRepairTool\BrotherNetTool.exe
    FirewallRules: [TCP Query User{88EF5035-50D4-441A-ABB1-AEF034618415}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
    FirewallRules: [UDP Query User{D90298E5-52F4-4D76-8A5C-5416E7BD6CBD}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
    FirewallRules: [{743B381E-E4BF-4DD3-8EE4-3770DD05BF50}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
    FirewallRules: [{A4DEFE4B-2BB5-4474-BBC0-3C0B2A026F13}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
    FirewallRules: [TCP Query User{A25DC946-1A7E-4DFA-939E-E8268D845119}C:\users\andrew\desktop\app-find-vstarcam.exe] => (Block) C:\users\andrew\desktop\app-find-vstarcam.exe
    FirewallRules: [UDP Query User{B650CEE2-9B12-4609-86A8-5A610E3A13FD}C:\users\andrew\desktop\app-find-vstarcam.exe] => (Block) C:\users\andrew\desktop\app-find-vstarcam.exe
    FirewallRules: [{D5790847-3222-412E-B31D-54204055BD5E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Restore Points =========================


    ==================== Faulty Device Manager Devices =============

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/03/2016 03:10:28 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1 ".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

    Error: (02/03/2016 03:10:28 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1 ".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

    Error: (02/03/2016 03:02:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/03/2016 08:25:28 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1 ".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

    Error: (02/03/2016 08:25:28 AM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1 ".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

    Error: (02/03/2016 08:24:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/03/2016 08:19:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/03/2016 01:46:32 AM) (Source: System Restore) (EventID: 8193) (User: )
    Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).

    Error: (02/02/2016 10:46:23 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1 ".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

    Error: (02/02/2016 10:46:23 PM) (Source: SideBySide) (EventID: 80) (User: )
    Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1 ".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


    System errors:
    =============
    Error: (02/03/2016 03:03:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (02/03/2016 08:25:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (02/03/2016 08:20:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (02/02/2016 09:04:32 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.213.5048.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (02/01/2016 07:57:52 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.213.4968.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (02/01/2016 07:48:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (01/31/2016 08:29:42 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.213.4968.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (01/30/2016 03:04:48 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.213.4846.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (01/30/2016 02:55:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (01/30/2016 02:21:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz
    Percentage of memory in use: 15%
    Total physical RAM: 24399.29 MB
    Available physical RAM: 20657.91 MB
    Total Virtual: 48796.78 MB
    Available Virtual: 44791.5 MB

    ==================== Drives ================================

    Drive c: (Windows) (Fixed) (Total:698.54 GB) (Free:476.45 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: E795AA28)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
    clanbuster,
    #4
  6. 2016/02/03
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    [​IMG] Uninstall following unwanted program:

    Interenet Optimizer

    [​IMG] Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
     

    Attached Files:

    broni,
    #5
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...