All the Programs are Freezing. I opened Control Panel and it freeze with a white screen and i can't do anything ! I open Task Manager and Icons of Processes are not displayed and there are about 4000 Processes going on ! (Bluestacks Log Rotator has hundreds of processes). I Scaned my PC for virus with three antiviruses and no viruses were found. I can't end any Process in Task Manager. I downloaded third party manager but no luck. UTorrent also freeze at startup. What to do !

Hi all,

I believe I have adware on my computer, whenever I go into my browser, random ads show up that are by things like "youtubeadblocker" and "CutThePrice" I tried to remove CutThePrice but it said that an error had ocurred. So I went into the program files, and I deleted the cuttheprice folders, but I probably did it incorrectly, because there may have been an uninstall file. I am also not sure about whether this is the cause of the adware, but the browsers I use crash constantly. Google Chrome, and Mozilla Firefox both crash, I do not know whether it is due to 2 conflicting applications, but that is not the cause (my opinion), because Google Chrome have been crashing before I even got Firefox.

Help would be greatly appreciated,

Thank you!

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz, x64 Family 6 Model 15 Stepping 6
Processor Count: 2
RAM: 1790 Mb
Graphics Card: NVIDIA GeForce 7100 / NVIDIA nForce 630i, 256 Mb
Hard Drives: C: Total - 73123 MB, Free - 21051 MB;
Motherboard: SAMSUNG ELECTRONICS CO.,LTD, Samsung DeskTop System
Antivirus: Panda Antivirus Pro 2014, Updated and Enabled




I found a similar problem to mine but it was for XP and the instructions did not work for me as I don't seem to have Application Data (from Windows "C") or even when I punch it in the Search box. I only noticed that I had no sound on UTube after downloading Spark (an ad which was at the top of Tech Support Guy website). After I downloaded it free, they wanted money so I didn't go for it. I have since deleted their program but I still have no sound. I'm not really blaming them as it could be sheer coincidence. At any rate, I did have sound on UTube and now I don't. My computer has sound (on opening and closing it) but none on UTube. Help. Thanks.


Midser

This is the error I get when I try to turn off windows defender and I have tried everything to fix it. "The class is not configured to support Elevated activation." "Error code 0x080080017". I finally decided to make a thread about it here. I hope someone is able to help me out with this problem. I've looked everywhere on the internet for learning how to fix this issue but nothing seemed to help. Thank you for any advice in advanced. Also if I have tried it and it did not work, I will say so. :)

When I boot my PC the Ram is running at 45%+ once I open my Browser it rises to 75 -80% and then quickly reaches 98% over an hour or two meaning I have to reboot and start again.

My browser can be slow and I often see that it is hanging to read or transfer data from "google-analytics.com" or "double.click.net"

I have run Malwarebytes and found nothing amiss. I have run Temporary File Cleaner and removed a fair amount of old gunk.

Here is some further info

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Genuine Intel(R) CPU 2140 @ 1.60GHz, x86 Family 6 Model 15 Stepping 2
Processor Count: 2
RAM: 1013 Mb
Graphics Card: Intel(R) G33/G31 Express Chipset Family, 128 Mb
Hard Drives: C: Total - 235280 MB, Free - 96854 MB;
Motherboard: Dell Inc., 0CU409

Log file:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:57:42, on 23/07/2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

FIREFOX: 39.0 (x86 en-GB)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Anvisoft\Cloud System Booster\CloudSystemBooster.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Ruiware\WinPatrol\winpatrol.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Anvisoft\Cloud System Booster\CSBSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\brian\My Documents\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute

CS3/contributeieplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft

Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft

Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo

Print\EPTBL.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute

CS3/contributeieplugin.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo

Print\EPTBL.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CloudSystemBooster] "C:\Program Files\Anvisoft\Cloud System Booster\CloudSystemBooster.exe" /hide

/autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WinPatrol] C:\Program Files\Ruiware\WinPatrol\winpatrol.exe
O4 - HKCU\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cis.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe

-update pepperplugin (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe

-update pepperplugin (User 'Default user')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program

Files\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

http://update.microsoft.com/windowsu...?1237578540875
O17 - HKLM\System\CS6\Services\Tcpip\..\{0A58BF97-68EF-40E5-BDB1-94675BDF8B2A}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS7\Services\Tcpip\..\{0A58BF97-68EF-40E5-BDB1-94675BDF8B2A}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft

Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} -

C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program

Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue

CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated -

C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Anvi Cloud System Booster Speed Service (AnviCsbSvc) - Anvisoft - C:/Program Files/Anvisoft/Cloud System

Booster/CSBSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program

Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet

Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet

Security\cmdvirth.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet

Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

(file missing)
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

(file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD

DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee

Security Scan\3.11.149\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance

Service\maintenanceservice.exe
O23 - Service: Nielsen Update (NielsenUpdate) - Unknown owner - C:\Program

Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio

Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 10771 bytes
Antivirus: COMODO Antivirus, Updated: Yes, On-Demand Scanner: Enabled

I have tried to download FRST64 but I get an error message saying it is not a valid win 32 application.

So I shall leave myself in your capable hands and hopefully you won't tell me that my PC belongs in a museum

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz, x64 Family 6 Model 15 Stepping 6
Processor Count: 2
RAM: 1790 Mb
Graphics Card: NVIDIA GeForce 7100 / NVIDIA nForce 630i, 256 Mb
Hard Drives: C: Total - 73123 MB, Free - 19528 MB;
Motherboard: SAMSUNG ELECTRONICS CO.,LTD, Samsung DeskTop System
Antivirus: Panda Antivirus Pro 2014, Updated and Enabled


I have no sound on UTube. My computer has sound as I hear it when it comes on and goes off. I checked a similar problem on this website which mentioned going into Application Data, but my computer couldn't seem to find this under Windows "C" or when entered in the Search Box at the Start menu. Also, I think it was for Windows 8 and since I have Windows 7 Home Premium, it's probably a different name?


Would appreciate any help you can give me. Thanks.


Midser

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 6058 Mb
Graphics Card: Intel(R) HD Graphics 3000, -1988 Mb
Hard Drives: C: Total - 565477 MB, Free - 307005 MB; D: Total - 29690 MB, Free - 29590 MB;
Motherboard: LENOVO, Emerald Lake
Antivirus: AVG AntiVirus Free Edition 2015, Updated and Enabled

Hello,

Recently I've noticed my computer starting to run very slowly. I thought that maybe it was in time of need of a clean up. I ran all my maintenance programs, ADwcleaner, temp file cleaner, ccleaner and my avg virus scan. I also tried deleting some programs as it looked like I had almost 100 processes running. It seemed to help a little bit.

Then last night I went to use google chrome, and the icon is there, but it doesn't work. then I tried restarting my computer and it froze having to load using the startup program and finally using a system restore point. The google chrome still doesn't work and I don't know if I have an undetected virus or not causing these problems. The computer isn't working as well as it did a month ago even. I also ran the online trendmicro housecall program.

Could someone please take a look at my computer and let me know their thoughts?

Thanks

Sorry - think I've managed to solve via a system restore. Thanks.

OK next step
Please download Farbar Recovery Scan Tool and save it to your Desktop or downloads folder .

Note: You need to download and run the 64 bit version

• Right click to run as administrator. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Why are you asking for the Product Key? It is not needed on the above instructions. The Product Key is usually in a sticker affixed to the computer. Is this a known brand computer such as, Dell, HP, etc.......?

FRST ADDITION:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:26-07-2015
Ran by Tu Wei at 2015-07-26 21:13:39
Running from C:\Users\Tu Wei\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1496139827-2270205386-719297574-500 - Administrator - Disabled)
Guest (S-1-5-21-1496139827-2270205386-719297574-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1496139827-2270205386-719297574-1005 - Limited - Enabled)
Tu Wei (S-1-5-21-1496139827-2270205386-719297574-1001 - Administrator - Enabled) => C:\Users\Tu Wei

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Titanium Maximum Security (Disabled - Up to date) {5D349EF8-873B-C657-917F-F1D93E101A7C}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Titanium Maximum Security (Disabled - Up to date) {E6557F1C-A101-C9D9-ABCF-CAAB459750C1}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1496139827-2270205386-719297574-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
360随身WiFi (HKLM-x32\...\360AP) (Version: 2.0.0.1057 - 360互联网安全中心)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
AliIM Plugins for Browser (HKU\S-1-5-21-1496139827-2270205386-719297574-1001\...\AliIM Plugins for Browser) (Version: 1.0 - Alibaba(China) Co., Ltd)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple 應用程式支援 (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
AuthenTec TrueSuite (HKLM\...\{1E1771A5-9BDA-4F91-ACEA-9798BCF8CFDD}) (Version: 5.2.0.675 - AuthenTec, Inc.)
AuthenTec WinBio FingerPrint Software (HKLM\...\{403EB04F-20E8-4C55-B989-4040340B3040}) (Version: 3.2.1.1030 - AuthenTec, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1496139827-2270205386-719297574-1001\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
FastStone Image Viewer 4.8 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.8 - FastStone Soft)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Freemake Video Converter version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKU\S-1-5-21-1496139827-2270205386-719297574-1001\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-1496139827-2270205386-719297574-1001\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® PROSet/無線 WiFi 軟體 (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KKMAN (HKLM-x32\...\KKMAN) (Version: 3.2 - 願境網訊股份有限公司(KKBOX Co., Ltd))
K-Lite Codec Pack 8.8.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.8.0 - )
KUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
LINE (HKLM-x32\...\LINE) (Version: 4.1.1.423 - LINE Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Media Gallery (HKLM\...\{0EB7792D-EFA2-42AB-9A22-F33D9458E974}) (Version: 2.1.0.13300 - Sony Corporation)
Media Go (HKLM-x32\...\{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}) (Version: 2.0.317 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (繁體中文) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1028) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
ParetoLogic Data Recovery (HKLM-x32\...\{B1C2398C-6FAB-46D1-806C-5942F0829994}) (Version: 1.1.0 - ParetoLogic)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.2.0.35625 - Grinding Gear Games)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayMemories Home (HKLM-x32\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.1.01.14210 - Sony Corporation)
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.5.15.13232 - Sony Computer Entertainment Inc.)
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PYV_x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
QQ International (HKLM-x32\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.91.1369.0 - Tencent Technology(Shenzhen) Company Limited)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
RegCure Pro (HKLM-x32\...\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}) (Version: 3.2.16.0 - ParetoLogic, Inc.) <==== ATTENTION!
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
SILKYPIX Developer Studio 3.1 SE (HKLM-x32\...\InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 3.1 SE (x32 Version: 3 - Ichikawa Soft Laboratory) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13307 - Skype Technologies S.A.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
SlingPlayer (HKLM-x32\...\InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}) (Version: 1.5.1335 - Sling Media)
SlingPlayer (x32 Version: 1.5.1335 - Sling Media) Hidden
SmartCard Reader Driver Installation (HKLM-x32\...\InstallShield_{C6D91586-9F98-4CFD-9BC3-FC0800911005}) (Version: 1.2.4.16 - 您的公司名稱)
SmartCard Reader Driver Installation (x32 Version: 1.2.4.16 - 您的公司名稱) Hidden
Snap.Do Engine (HKU\S-1-5-21-1496139827-2270205386-719297574-1001\...\{b597cadb-3cba-4cb4-876a-28ff6992798a}) (Version: 11.140.1.20709 - ReSoft Ltd.) <==== ATTENTION
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TimeLineRemove 0.9 (HKLM-x32\...\TimeLineRemove_is1) (Version: 0.9 - TimeLineRemove)
TrackID(TM) with BRAVIA (x32 Version: 1.2.0.09270 - Sony Corportaion) Hidden
Trend Micro Titanium (Version: 7.0 - Trend Micro Inc.) Hidden
Trend Micro Titanium Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 7.0 - Trend Micro Inc.)
TriDef 3D (Sony) 2.0.5 (HKLM-x32\...\experience-sony-bundle) (Version: 2.0.5 - Dynamic Digital Depth Australia Pty Ltd)
V3DPx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VAIO - Media Gallery - VAIO Personalization Manager Update (HKLM\...\{50A7190B-5DA6-4A51-B275-3D413E617BA6}) (Version: 4.2.5.07160 - Sony Corporation)
VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325 (HKLM\...\{34EB42BE-F4D3-44C1-B28E-9740115DB72C}) (Version: 1.0.00.01300 - Sony Corporation)
VAIO - PlayMemories Home Plug-in (HKLM\...\{886C0C18-F905-49B2-90BA-EFC0FEDF27C6}) (Version: 2.0.00.14200 - Sony Corporation)
VAIO - PlayStation®3 隨附的遠端鍵盤 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.0.09210 - Sony Corporation)
VAIO - TrackID™ 隨附的 BRAVIA (HKLM-x32\...\{2F41EF61-A066-4EBF-84F8-21C1B317A780}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - 遠端鍵盤 (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO 3D Portal (HKLM-x32\...\{C14EAE86-C526-4E00-B245-CFF86233C3D2}) (Version: 1.2.0.10131 - Sony Corporation)
VAIO Care (HKLM\...\{D9FFE40D-1A85-4541-992C-5EF505F391A4}) (Version: 8.4.2.12041 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.2.2.16060 - Sony Corporation)
VAIO CPU 風扇診斷 (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.9.0.13190 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate (x32 Version: 2.4.1.09230 - Sony Corporation) Hidden
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.5.2.02090 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 1.0.0.12300 - Sony Corporation)
VAIO Gesture Control (x32 Version: 1.0.0.12300 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.3.0.12280 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.1.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.14.1.07010 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.7.1.06040 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO 手冊 (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.3.0.12300 - Sony Corporation)
VAIO 資料還原工具 (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.9.0.13190 - Sony Corporation)
VBMx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Microsoft) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC Streamer 5.04 (HKLM-x32\...\VLC Streamer_is1) (Version: - )
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinX HD Video Converter Deluxe 5.0.2 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)
台北富邦銀行帳單瀏覽程式 (HKLM-x32\...\{F6FD0A21-EF80-4941-BC62-50A5A9E24746}) (Version: 4.20.0000 - 台北富邦銀行)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{00249E9F-88FF-45d5-82DB-A1BEE06E123C}\InprocServer32 -> C:\Windows\system32\shdocvw.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tu Wei\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tu Wei\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1496139827-2270205386-719297574-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

24-07-2015 21:27:43 Checkpoint by HitmanPro
26-07-2015 16:27:09 RegCure Pro Backup
26-07-2015 16:59:14 JRT Pre-Junkware Removal
26-07-2015 17:24:24 JRT Pre-Junkware Removal
26-07-2015 20:23:19 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02525070-0BC8-406A-BC6D-480EFA1BB45F} - System32\Tasks\snf => C:\ProgramData\ExtTag\e4fbamcd.exe [2015-07-25] ()
Task: {0DC3BD4C-AE58-4BDF-B4E6-B80AD588FCA9} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-21] (Sony Corporation)
Task: {111DDEDD-4970-4381-B8F4-1621BC77E517} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {1268376A-7C91-431D-AF10-9233B824F665} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-24] (Adobe Systems Incorporated)
Task: {145B3C92-DFB7-4286-B444-F06A21EE7CB3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1496139827-2270205386-719297574-1001Core => C:\Users\Tu Wei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {1C619F56-F947-4626-96C6-BD803140C4E7} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-03-29] (Sony Corporation)
Task: {250B5D1A-A896-45C0-A98B-8D9051F85B3D} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {26BB5B05-08E1-4D43-92E5-E33AE9FFECA4} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {274B3047-6BA8-489B-815E-DEF9BD14524B} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2012-01-10] (Sony Corporation)
Task: {357A088D-89B0-4F38-B1BF-BEC43BF818B5} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3687E660-9E1C-49F8-8AED-A2476912D22F} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {3F5512D5-55F4-423D-BA9D-23F46AF19A9C} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-21] (Sony Corporation)
Task: {488D88D1-3748-4487-8B7D-92313B93C683} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1496139827-2270205386-719297574-1001UA => C:\Users\Tu Wei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {4AA9D819-F9A1-40BB-9B48-D98553478C0C} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-02-24] (Sony Corporation)
Task: {53F45BC4-07E8-474B-B72A-1EB4BBEE05E9} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {5D09369C-BA55-4F08-AF2A-0E41C7691801} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {6B60ADC8-5F31-4ED2-B786-7EC50FE9D1AD} - System32\Tasks\360safe\360APMainProg => C:\Program Files (x86)\360\360AP\360AP.exe [2015-06-29] (360.cn)
Task: {6D0FB745-A368-484D-A06F-1A8200123F52} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {774EBACF-607A-4EC7-8820-38A1D57EA2AA} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {8D40F372-75C2-421C-8800-6B64116DF42D} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-12-27] (Sony Corporation)
Task: {912828AD-75A4-439E-91F9-86D7DC9EC980} - System32\Tasks\SpyHunter4Startup => C:\Users\TUWEI~1\AppData\Local\Temp\RarSFX0\SpyHunter4.exe <==== ATTENTION
Task: {91B546FE-C12D-4D4A-8670-CAAB059137E9} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-04-06] (Sony Corporation)
Task: {93B7A442-5CF1-46F6-8B46-7A3F5E0E6AA4} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {93CB68A7-5AF1-4969-A117-6D9B641C1CA7} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {9A4D531B-A6C3-40A8-9B27-4DE5C3B1544F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-18] (Piriform Ltd)
Task: {A354C2D9-D020-4728-B01A-6266789768F5} - System32\Tasks\Titanium BTC => C:\Program Files\Trend Micro\Titanium\plugin\TMDC\TMDC.exe [2014-08-06] (Trend Micro Inc.)
Task: {A5A99BE4-E30D-4369-A019-08A2B9DF6075} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {A7EFC49A-54F6-4802-B182-1243A5F525A6} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2012-01-10] (Sony Corporation)
Task: {A90BD654-1F16-40ED-9E7F-B02C5A084E1D} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {A9271D0C-8025-4E7D-A1EC-CC13A3F09F33} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {B5E43993-DF8C-4662-870E-836C7A85D2A7} - \ProPCCleaner_Popup No Task File <==== ATTENTION
Task: {C325F7BE-94E6-4381-8B6E-867E94867BD2} - System32\Tasks\snp => C:\ProgramData\ExtTag\e4fbamcd.exe [2015-07-25] ()
Task: {CC38F8C6-9980-4644-AA28-C5355A1BB4A1} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {CFA25D8D-DC43-40B9-BC64-151640FC1C49} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {D223D8F6-4B18-478A-857A-322383D72D13} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {D8102CF1-5AE7-4D90-8E77-9F31F6CBB172} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2012-01-10] (Sony Corporation)
Task: {DDC28C18-EDBC-4853-B2B4-EF0B1EE05EAA} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2011-12-27] (Sony Corporation)
Task: {E2928140-BFC1-48F5-8A27-3ADE7C5BAA0E} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-03-29] (Sony Corporation)
Task: {E9CC9F4A-B95C-439D-B764-A75684689E79} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => net
Task: {EDACABCE-BA07-4C0F-8BDE-2BB15A1CEB21} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {F08F5641-CF43-4E3F-8BCB-C17713EF6776} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-04-06] (Sony Corporation)
Task: {F5530F5D-86AA-4FAE-B868-81E20C26FADC} - \ProPCCleaner_Start No Task File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1496139827-2270205386-719297574-1001Core.job => C:\Users\Tu Wei\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1496139827-2270205386-719297574-1001UA.job => C:\Users\Tu Wei\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-05-15 04:05 - 2013-06-21 18:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-02-20 04:57 - 2012-02-20 04:57 - 00087880 _____ () C:\Program Files\AuthenTec TrueSuite\ssutil.dll
2012-02-20 04:57 - 2012-02-20 04:57 - 00556360 _____ () C:\Program Files\AuthenTec TrueSuite\DataManager.dll
2013-01-04 16:49 - 2012-11-30 18:18 - 00258224 _____ () C:\Users\Tu Wei\AppData\Roaming\MegaCloud\MegaCloudShellExtx64.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-04-05 10:04 - 2012-04-04 04:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-15 03:41 - 2015-07-26 03:06 - 00020288 _____ () C:\Program Files\CCleaner\branding.dll
2013-11-01 14:59 - 2013-11-01 14:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-01-20 20:17 - 2014-01-20 20:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-26 19:45 - 2015-07-26 19:45 - 00043008 _____ () c:\users\tuwei~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm0a_bk.dll
2015-03-05 05:45 - 2015-03-19 15:15 - 00750080 _____ () C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-05 05:45 - 2015-03-19 15:15 - 00047616 _____ () C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-05 05:45 - 2015-03-19 15:15 - 00865280 _____ () C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-05 05:45 - 2015-03-19 15:15 - 00200704 _____ () C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-05 05:45 - 2015-03-19 15:15 - 00010240 _____ () C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-05 05:45 - 2015-03-19 15:15 - 00726016 _____ () C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-05 05:45 - 2015-03-19 15:15 - 00010240 _____ () C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2012-05-15 04:36 - 2012-04-06 14:37 - 00021128 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2015-07-25 21:55 - 2015-07-25 21:55 - 01162752 _____ () C:\ProgramData\ExtTag\du1nyzex.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-11-28 05:06 - 2014-11-28 05:06 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\50ac882adf9224ba 736ae207768122c4\IsdiInterop.ni.dll
2012-05-15 03:58 - 2012-05-02 20:53 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-05-15 04:07 - 2012-03-23 16:47 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1496139827-2270205386-719297574-1001\...\ebill.ba.org.tw -> hxxps://ebill.ba.org.tw
IE trusted site: HKU\S-1-5-21-1496139827-2270205386-719297574-1001\...\fisc.com.tw -> hxxps://fisc.com.tw
IE trusted site: HKU\S-1-5-21-1496139827-2270205386-719297574-1001\...\gov.tw -> hxxps://pfiles.tax.nat.gov.tw
IE trusted site: HKU\S-1-5-21-1496139827-2270205386-719297574-1001\...\paytax.nat.gov.tw -> hxxps://paytax.nat.gov.tw


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1496139827-2270205386-719297574-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tu Wei\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Checker => 2
MSCONFIG\Services: ExtTag => 2
MSCONFIG\Services: Intel(R) ME Service => 2
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: QRX61 => 2
MSCONFIG\startupfolder: C:^Users^Tu Wei^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BePCSC => C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: GarenaPlus => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: SmartMon => C:\Program Files (x86)\EmvSmartCardReader\SmartMON.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Tu Wei\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AE244612-7FAD-46F4-9B52-89E1682D8AD5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{7378281C-7D74-417C-BB16-02F79B6A3FFC}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{A952712E-9872-41B1-8DA2-D6E150264DF6}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{B7A77258-85ED-4456-8233-C73E290CA70B}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{AE2FC8C2-2F76-4922-98CA-A608EA598551}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{39DC1EC0-1AB7-40EA-A526-B6F340C5481A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{166B27E9-FE12-45F3-A6B2-C898DDCE86DB}] => (Allow) LPort=2869
FirewallRules: [{5D10F408-4801-4AD4-88DB-D72F921676BC}] => (Allow) LPort=1900
FirewallRules: [{3D441816-2914-4774-91B9-AB77945D781A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B03C9B78-7FA5-4C64-935A-DAD9803CE795}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{409B49AA-B33D-4742-B446-384410D9BF61}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{78C001B1-9A2A-411D-87C6-3DA5642A6B55}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{52E8C440-9E0A-412C-A226-C3CA8A55C525}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D53B6B71-331A-4D06-9B21-93AF389F80AF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{073BEF57-156B-4DFA-B48F-3F8DFA54BF8B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3BE983EE-20B4-4A88-98EF-8BCCA4E089AC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{7BED94C9-7ADF-4C0C-BF90-91B6093EF0E6}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{71CF614C-5C50-4BEC-9365-51CF1EF8D084}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{D3542106-D67E-481A-AB54-8DE466C42615}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{7E374658-1D42-4AA1-B93F-2F5A4D324A2E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{49985A43-C9C2-4B52-B1A1-39B0F70F9B5A}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{FDCEA323-F417-4ACF-9212-47FB882D8E5C}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{92DF1C38-E118-4B02-BFC1-A81E0B184D94}] => (Allow) LPort=8370
FirewallRules: [{E4B9A098-518B-423B-9755-CBAACD1D566A}] => (Allow) LPort=8370
FirewallRules: [{EC017DA0-71AC-4856-A4D6-5F59769C3CA3}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{3865C0E0-244B-4FCF-9BFF-DFC6D74A2D31}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{17414DE5-B236-4B70-8297-823B2A65AF44}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{BDEE85AB-9DB4-481A-8B35-53E1F350B7F3}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5B1B8E2F-8433-4DFB-A871-316A9A6BCAEC}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{E5A0A1CB-7B30-4BF4-96BE-97DFEC105820}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{E3169FD8-04D9-42D9-89AD-B7F21C35365F}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{9D9E46AC-ADFE-45C6-8F56-7BBCB810B267}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{94CD6032-0B1A-4ACA-A89D-D39D636D8EA3}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{3D96DB1B-933B-44D8-AD32-BA92B14E5E16}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{6724EA81-4A3E-4C29-BF29-1BBDDF0AEE1C}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{49E8B858-DF27-436B-955B-0EBCD7147CD2}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{3C279B9A-A362-4076-A989-5560A9D95998}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [{E0D0002E-CE3D-4065-AFC3-98186ACEF72F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{90B7E957-612A-4DC8-999E-6CAA1B68251B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{6FB17F79-1315-47FA-A777-85A11DB97C6D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{86ABA188-56C6-4149-9C47-C9DD93D3C31C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{F857765D-D2EF-4620-955F-C4D806C4C63B}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{82C63B30-7251-4B79-9986-85A5CFB8D3E1}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [{C5F6EC85-0AF6-4F71-9249-7AB5D45F0DEF}] => (Block) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [{637820FC-15B7-44D8-A6BC-8E909919A4DB}] => (Block) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [{5F01FDB6-FF27-44E6-BBF8-A33AE9DA1EB9}] => (Allow) C:\Users\Tu Wei\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D38DCB1B-31AC-4E25-97F1-AD53C896BE60}] => (Allow) C:\Users\Tu Wei\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{69DD2755-7089-4A4D-8F17-4AE362FE90BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{88F785D8-53C0-4F92-BC9F-03C84CF13F3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1D9441D5-8561-4C0C-A427-0B6CD5E3FAE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{130C83F4-E8F1-416F-9E2B-2ED17BA768E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7D17C4EA-BF9D-4AEF-8408-4DB253C1F2A8}] => (Allow) C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FDC6BC51-E6E2-4F70-9C5A-FD15DE0390E9}] => (Allow) C:\Users\Tu Wei\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{21834655-B01D-4B8A-A302-13A0D445538E}C:\users\tu wei\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\tu wei\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{0843596C-5BD6-48E0-BF72-079FB0A0C610}C:\users\tu wei\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\tu wei\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{6E0753B1-9DCA-42E2-B4D2-D6FFB127FE3C}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{0D7CE84C-D0F2-41B9-A083-3E05058F6405}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{D780F481-68F2-4A6B-BB30-376C2E239FD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F4AE5C1B-F035-4EF4-B47F-196A1E5CC7E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{ABA16DEF-DEE3-4473-9B7A-B3282657B647}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0B779F9B-C02B-4561-97E3-EDEA73274694}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7E67F87-34CD-4381-894B-465B1D0E1A70}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8C8F715E-9754-4C3A-B50D-65E7F8D65574}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9D394F52-7C07-4DF4-ADF1-00A0191166CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AB05BCD4-29C2-4A1E-98BD-61B35D0F44F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{ED512462-9B6A-4BF4-8A54-7F62587843FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{97CC90C3-F05C-4863-ADBE-F1FA035E7948}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E6F8BD03-5D4F-4387-86AD-3E9986CD01F6}] => (Allow) C:\Program Files (x86)\360\360AP\360AP.exe
FirewallRules: [{2F37AEA6-A54C-46F6-AA28-54DDDB7B2C12}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe\Bonjour\mDNSResponder.exe
FirewallRules: [{D11AC70D-F4A2-4EC2-8C72-96BAB211799C}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{A67EAF4D-9F64-438B-B1F9-E3C0772913B4}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{59DF33B2-8300-4984-AE62-E53B41116845}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{606C539B-3F09-41E3-89FD-9E746233F371}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{60C9761C-A75E-4221-8470-08E1ADF52EF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FDE7DB9E-0296-41FC-8AE0-09502490F607}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7284F8C0-F51C-4C72-939E-32E39E9CA4DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AD36E824-B27A-4882-B2E5-B74B4E26EF83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B7647F30-7DA3-40D1-B62C-3CF7FA493215}] => (Allow) C:\Program Files (x86)\360\360AP\LiveUpdate360.exe
FirewallRules: [{594EDAAD-6B73-467E-BE34-AEAF45C1A1A6}] => (Allow) C:\Program Files (x86)\360\360AP\LiveUpdate360.exe
FirewallRules: [{3FF85416-3FA7-40B8-9225-56869F0E4933}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{F019368A-5CE1-482E-B161-AA3C30B0BC47}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{ABD0E00F-38DA-44F8-8C7E-8AD6F3686035}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{AC3BEBD4-FEEA-486B-ACBF-7CB2ED4F4955}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{265CDC5E-A303-4F7B-A89B-3B9BF20F1377}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{3105A704-4D51-4FEE-8BB7-363698EBC4FD}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{4E67724B-B512-43FD-A4BC-91C8D7BD362D}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{552D1100-81F2-4077-9420-AED16C9C78B3}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{E96A0905-67DD-4978-9B7A-0F2571D5BE05}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ADD8E301-7FCC-4F2C-B4FE-30A781A070D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B8DC0399-6158-46F3-9FA9-46DBE3E55839}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A122B09F-5E3D-490B-94C6-DE03E6275FD0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{AFEDFF77-7220-4267-A653-D6B81DB5275E}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{B6D10CD6-6F06-44CF-9D2E-81B0362237E4}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{D9A13B16-8FA8-4F72-A17D-4B29E91B375C}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{7ADC86B6-DF49-4999-A941-4BC89CFE9D58}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{4CE9B774-9D61-48B4-BDC9-CA57F058316B}] => (Allow) C:\Program Files (x86)\360\360AP\LiveUpdate360.exe
FirewallRules: [{F325BC39-02D1-4A59-AB19-E55C67FED3F6}] => (Allow) C:\Program Files (x86)\360\360AP\LiveUpdate360.exe
FirewallRules: [{3EB4F434-C504-4C1E-A187-173AE1BE86C6}] => (Allow) LPort=50000
FirewallRules: [{5213F027-EE95-4DAF-A1D2-2C63B032F5DE}] => (Allow) LPort=50001
FirewallRules: [{49AFDA16-897A-444E-A579-12A4D76CB770}] => (Allow) LPort=6001
FirewallRules: [{E8A2469B-713C-4B83-814F-6402CBCBBC6A}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{A41336E2-FC76-4766-B186-34FED1DC5101}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{5B22BE10-AA7E-48B6-8733-6806E0BC9CE7}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe
FirewallRules: [{E112403C-52BF-4BA8-B1A6-7CCAF10B5125}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Streamer\mDNSResponder.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\NetDragon\91 Mobile\iPhone\iPhone PC Suite.exe] => Enabled:iPhone PC Suite.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/26/2015 07:45:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2015 07:43:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000007fe7ebfad21
Faulting process id: 0x4b0
Faulting application start time: 0xVCAgent.exe0
Faulting application path: VCAgent.exe1
Faulting module path: VCAgent.exe2
Report Id: VCAgent.exe3

Error: (07/26/2015 07:43:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threadi ng.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading. DispatcherFrame)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run()
at VCAgent.App.Main()

Error: (07/26/2015 06:26:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2015 06:24:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threadi ng.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading. DispatcherFrame)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run()
at VCAgent.App.Main()

Error: (07/26/2015 05:16:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2015 05:11:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mbam.exe version 2.3.55.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 14fc

Start Time: 01d0c782b0f1059b

Termination Time: 3

Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Report Id: 4b6a8db7-3376-11e5-be4d-30f9edead3a2

Error: (07/26/2015 05:08:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2015 04:33:49 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/26/2015 04:33:49 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4400}. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (07/26/2015 09:12:23 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/26/2015 08:45:25 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/26/2015 08:15:25 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/26/2015 08:00:14 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/26/2015 06:56:19 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/26/2015 06:55:21 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/26/2015 06:41:19 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/26/2015 06:38:50 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/26/2015 06:31:49 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (07/26/2015 06:25:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll


Microsoft Office:
=========================
Error: (07/26/2015 07:45:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2015 07:43:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c0000005000007fe7ebfad2 14b001d0c78e37dba95aC:\Program Files\Sony\VAIO Care\VCAgent.exeunknown84d91942-338b-11e5-bc6c-30f9edead3a2

Error: (07/26/2015 07:43:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threadi ng.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading. DispatcherFrame)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run()
at VCAgent.App.Main()

Error: (07/26/2015 06:26:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2015 06:24:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threadi ng.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading. DispatcherFrame)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run()
at VCAgent.App.Main()

Error: (07/26/2015 05:16:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2015 05:11:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe2.3.55.014fc01d0c782b0f1059b3C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe4b6a8db7-3376-11e5-be4d-30f9edead3a2

Error: (07/26/2015 05:08:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2015 04:33:49 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (07/26/2015 04:33:49 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
4400


CodeIntegrity Error:
===================================
Date: 2015-05-10 23:52:49.299
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\MHIKEY11x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-10 23:52:49.249
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\MHIKEY11x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-10 23:52:48.782
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\MHIKEY11x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-10 23:52:48.735
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\MHIKEY11x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-10 23:39:47.336
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\MHIKEY11x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-10 23:39:47.290
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\MHIKEY11x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-10 23:38:06.704
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\MHIKEY11x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-10 23:38:06.657
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\MHIKEY11x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-10 23:32:44.236
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\MHIKEY11x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-05-10 23:32:44.205
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\MHIKEY11x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 37%
Total physical RAM: 8091.28 MB
Available physical RAM: 5019.15 MB
Total Virtual: 16180.76 MB
Available Virtual: 12554.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:580.06 GB) (Free:178.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: FAE8A523)

Partition: GPT Partition Type.

==================== End of log ============================

HI ! I have come to this forum today to ask for some help or guidance. My internet has been slow in the past but I believe this may just be my service and not my computer. Someone who could help me verify any spyware or malware etc intrusions would be very much apreciated ( or anything that could slow the net down ) . My computer screen also seems to have ... "zoomed" in on everything. My mouse is much bigger and things on screen appear sort of blurred and oversized. I dont know where this may come from. Thank you so much for the help I may receive !

don't try to update until it is fixed
that is frequently casued by a malware that changes the permissions issue and any update will not take

first
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to download and run the correct version for your system

• Right click to run as administrator. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Good evening,

A computer error occurred this evening at 7pm, my laptop had gone into idle mode and would not boot up when I touch the mouse pad, the screen remained 'off', CTRL+ALT+Delete brought back my screen with an error message saying that that were was low memory.

The only programs that were running was Chrome, Skype and two Microsoft Word documents, this is usually never a problem.

I turned off my computer, thinking perhaps it was too hot. After 15 minutes I turned it back on, however the Windows logo remained on screen for about 1-2 minutes, longer than usual. Afterwards, WinSAT started to run before my desktop was loaded.

Sometime earlier today around 1pm today, I had stepped away and returned to my screen looking bloated as though I had gone into safe mode, but I had not, my screen resumed its usual look once I moved my cursor.

I ran a full scan of AVG and it came out clean, I am, however, a bit concerned over this odd behavior.

Thank you for your time.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 3992 Mb
Graphics Card: Intel(R) HD Graphics 3000, 1804 Mb
Hard Drives: C: Total - 455238 MB, Free - 173855 MB; D: Total - 21396 MB, Free - 2308 MB; F: Total - 99 MB, Free - 81 MB;
Motherboard: Hewlett-Packard, 1841
Antivirus: Norton Internet Security, Disabled

I'm using IE Ver 11 with Google and continuously have "blekko" interrupting me. I have gone through the threads on this site concerning blekko and used suggestions to remove the nuisance. I've used ADware cleaner, Malware cleaner, I've been through the registry, scanned all files looking for any reference to blekko and can not find evidence of it existence anywhere. It pops up on Explorer as a new tab continuously.

I normally use Opera for most browsing and it's not plagued at all with blekko. My use of IE is only for quick searches and blekko makes it a pain to use.

Windows 7 64 bit laptop. Major malware. I've used AVG in safe mode and spybot. Both found things to remove. I've clear dns cache and winsock. I can access netflix.com with a browser but cannot ping it. Pleas help, it has to be some sort malware, virus or browser hijack. I downloaded hijackthis and ran scan, here is the log, please Help:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:40:18 PM, on 7/27/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal

Running processes:
C:\Users\Rachel\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.bing.com/search?q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/search?q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:47574
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: shopperz22072015 Helper - {318d2d55-9ce3-446e-8640-a43be68a550f} - C:\Program Files\shopperz22072015\Gaalmi.dll (file missing)
O2 - BHO: TunePro360 - {5E04457F-D6D4-4A7E-8277-5EF1CA591CC7} - C:\Program Files (x86)\adlevel\TunePRO360.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120427212707.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Times Wallpaper (kudofilo) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12713 bytes

Hello, ccdand. My nickname is Nevan and I will be helping you getting your system back on its electronic feet.

Before we get started, please keep these things in mind:

• Always read every part of my post carefully. If you don't, you may do something wrong and there could be more problems to solve.
• If your security programs give you any warnings when using tools I asked you to, don't be afraid. Every tool I provide to you is 100% safe.
• Only run tools that I ask you to. Some of them can be dangerous to your system as they have much power.
• You should save or print my instructions. It is possible that we will be using Safe mode, which will cut you off from your internet connection and without access to them, you might be stuck.
• Malware removal is a complicated process that takes multiple steps to be completed. Don't give up, be patient.
• The tools we are going to use and your software may cause unwanted interactions. Because of that, I recommend you to make backups of any important files from your machine before proceeding as they might be lost.
• I recommend you to stay with me until I tell you that we are done. It is important because when your system does not show any bad symptoms anymore it does not mean that it is 100% clean.
• Every program I ask you to download should be saved to and run from desktop. If you don't know how to choose the direction of where a download is saved, check this site. You can also just copy these programs to your desktop manually and then run them from there.
• Remember that the fixes I give you are only for your machine. Using it on other systems may (and probably will) cause problems.
• Finally, if you have any questions or are unsure about something, just ask. I will not blame you for it. It is better to ask rather than regret it later.

Also, please note that I'm currently in training, so my answers to you will have to be checked first by an experienced helper before I can post them. This can lengthen the time between my answers to you, but in return you will have an extra person reviewing your log.

Let's get started :)

---

First, I'd like to have a look at your system. Please, do the following:

FRST Scan

1. Download Farbar Recovery Scan Tool and save it to your Desktop.
2. Right click FRST64.exe and click Run as administrator. When the tool opens click Yes to disclaimer.
3. Make sure that Addition.txt is checked and press the Scan button.
4. It will produce two logs - one called FRST.txt and another one called Addition.txt in the same directory the tool is run from.
5. Select all (CTRL+A) the content of the logs, copy them (CTRL+C) and paste (CTRL+V) them into your next reply.

---

Things that should appear in your next post:

• FRST.txt log content
• Addition.txt log content

My five + year old laptop is slow enough as it is. I needed a WAV to MP3 converter, downloaded & installed one off of an unknown website, and along come alot of other baggage attached. Some strange "Geek" online chat with computer "experts" with the program notifying me of malware, etc. I should have known better.

Anyway, MalwareBytes can't scan (JPG attached), it stays at a very early scan state at 19+ hours where as just a week before it would completely scan within an hour. Also my laptop slows to a crawl at times, stops for minutes at times. Please help.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Basic, Service Pack 2, 32 bit
Processor: AMD Athlon(tm) Processor 2650e, x64 Family 15 Model 127 Stepping 2
Processor Count: 1
RAM: 2813 Mb
Graphics Card: ATI Radeon X1200, 256 Mb
Hard Drives: C: Total - 71191 MB, Free - 5242 MB; D: Total - 71188 MB, Free - 5314 MB;
Motherboard: Acer, Nile
Antivirus: Microsoft Security Essentials, Updated and Enabled

Attached Images

Malwarebytes 19hours.jpg (53.9 KB)

Hi I recently ran a scan on my pc using adwcleaner wich deleated 3 files :

Folder Deleted : C:\Users\Richard\AppData\Roaming\DigitalSites
File Deleted : C:\Users\Richard\AppData\Roaming\WBPU-TTL.DAT
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
I have done a search for the WBPU-TTL.DAT file as don't know what it is and came up with no real description. Ip with no description Could you please advise and let me know what it is, and why adwcleaner would delete it.

Hi Dingeroo,
First, if you don't want your machine trashed, STOP using Registry Cleaners.
Let's have a look at your system.
-----------------------------------------------------------
Download and Run the Farbar Scan Tool

• Download FRST64 and save to your Desktop.
  
• Double click Frst64.exe to launch it.
• FRST64 will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
  • Please post them in your next reply.

If you lose track of them, they will be saved in the same location as FRST64.exe
Feel free to use separate replies if it's more convenient.

askey127