Scanning Question

September 1, 2015, 1:41 pm

≪ Previous: File Scanner-Result "Unknown"?

I remember before being able to select the option to just scan for Malware and not both Malware AND Viruses.

It was something like right clicking and selecting an option? But I can't for the life of me remember how to do it now!

Thanks for any help.

↧

Windows 7 Doing Strange Things

September 2, 2015, 4:55 am

≫ Next: Computer running slower than normal when using CPU intensive programs

≪ Previous: Scanning Question

Hi,

Over the past couple of days my computer has started doing really strange things. I build websites for a living so I am really careful what sites I go on and what I download.

Here are some of the issues:

- File explorer is making the error noise when I open it and doing strange things

- Files are opening with one click

- When I click to maximize a minimized aero peek window from the taskbar the windows open then disappear

- The mouse is not highlighting and copying things correctly

- Explorer is doing lots of weird things - the error noise is sounding when I use some tools, when I open a new tab it closes explorer down, two tabs open at once and more

- When I open control panel it changes the page in explorer

I have recently been listening to music on Deezer.com while I work and I noticed that the music and ads wouldnt work correctly the other day. This is the only place I could have possibly got a virus from.

Please find the logs attached. The logs were too big according to the forum rules so I had to split some of them over two files

Thanks.

Attached Files

↧

Computer running slower than normal when using CPU intensive programs

September 2, 2015, 2:25 pm

≫ Next: Need help with spybot+ scan never ends then freezes computer

≪ Previous: Windows 7 Doing Strange Things

Hello, I've been having issues with the speed of my computer. It is mostly apparent when I use programs that use a lot of computer power such as photoshop, indesign, and CAD programs. Many times I will get a "not responding" message at the top and will have to wait for the program to respond again to do anything. I would appreciate any help that is available.

Here is my FRST scan:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Adam (administrator) on ADAMSPC (02-09-2015 15:48:46)
Running from C:\Users\Adam\Desktop
Loaded Profiles: Adam & Administrator (Available Profiles: Adam & Administrator)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Genie9) C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv50.exe
() C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv52.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
() C:\Windows\System32\valWBFPolicyService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Genie9) C:\Program Files\Genie9\Genie Timeline\GenieTimeLineAgent.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe
(Spotify Ltd) C:\Users\Adam\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe InDesign CC 2014\InDesign.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files\Adobe\Adobe InDesign CC 2014\Utilities\adb.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\TweakingRegistryBackup.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-10-31] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LaCie Desktop Manager Launcher] => "C:\Program Files\LaCie\Desktop Manager\lacie_launcherd.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [554384 2013-07-15] (Lavasoft)
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [528360 2014-01-05] (NCSOFT Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212072 2015-07-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3175312 2015-08-26] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [518496 2015-06-24] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231776 2015-06-24] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [685048 2012-08-03] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Akamai NetSession Interface] => C:\Users\Adam\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1714952 2013-10-16] (CyberLink Corp.)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Google Update] => C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-01-27] (Google Inc.)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIEE.EXE [283232 2012-09-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Spotify Web Helper] => C:\Users\Adam\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-31] (Spotify Ltd)
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Run: [Dropbox Update] => C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-09-13] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174856 2014-09-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156840 2014-09-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download.lnk [2015-04-17]
ShortcutTarget: Download.lnk -> C:\ProgramData\{e226f045-0ae7-9727-e226-6f0450aec114}\Download.exe (No File)
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2013-06-29]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 128.101.101.101 134.84.84.84
Tcpip\..\Interfaces\{94757D7B-B77B-4F3D-9926-E5C4586EFACF}: [DhcpNameServer] 128.101.101.101 134.84.84.84
Tcpip\..\Interfaces\{A1751B12-4D9D-4E9C-BADD-7F00C39923B4}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{A9B0C7B0-17A6-4344-8D90-419623D0E56D}: [DhcpNameServer] 128.101.101.101 134.84.84.84

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={07C43358-0585-466B-A48E-4751AB5C71FD}&mid=9a939fbdd4a847d29d6a0580a99e4c25-1e2c3d1b1cb3afa4e36dac615ca14370205205d9&lang=en&ds=AVG&coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-02-28 21:14:38&v=4.1.0.411&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3968669950-148750945-1168380495-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3968669950-148750945-1168380495-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3968669950-148750945-1168380495-500\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPNOT13/1
SearchScopes: HKLM -> {D6456964-ED0E-45F5-8C66-B43E0A2CF678} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D6456964-ED0E-45F5-8C66-B43E0A2CF678} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={07C43358-0585-466B-A48E-4751AB5C71FD}&mid=9a939fbdd4a847d29d6a0580a99e4c25-1e2c3d1b1cb3afa4e36dac615ca14370205205d9&lang=en&ds=AVG&coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-02-28 21:14:38&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> {D6456964-ED0E-45F5-8C66-B43E0A2CF678} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-26] (AVG)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-23] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-26] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-23] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No File
Toolbar: HKU\S-1-5-21-3968669950-148750945-1168380495-1003 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-01-07] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-06-07] ( HP)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.6\\npsitesafety.dll [No File]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-06-24] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-28] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-01-07] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: @my.com/Games -> C:\Users\Adam\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-20] (My.com, Inc)
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\Adam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-10-29] (Google)
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: @talk.google.com/O1DPlugin -> C:\Users\Adam\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-10-29] (Google)
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-03-15] ()
FF Plugin HKU\S-1-5-21-3968669950-148750945-1168380495-1003: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Users\Adam\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-10-29] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Adam\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-10-29] (Google)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://searchou.com/?id=82b8f7f5000000000000b8763f88d3fa","hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=7891EB9A35DAD211D16AFF51F1793A24","hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=85E4FFFCA44D3CF9EAD16E524125EDF7","hxxp://mysearch.avg.com?cid={861F012C-367A-401E-937A-5F994EECC036}&mid=9a939fbdd4a847d29d6a0580a99e4c25-1e2c3d1b1cb3afa4e36dac615ca14370205205d9&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 13:18:09&v=18.1.0.443&pid=safeguard&sg=&sap=hp","hxxp://mysearch.avg.com?cid={861F012C-367A-401E-937A-5F994EECC036}&mid=9a939fbdd4a847d29d6a0580a99e4c25-1e2c3d1b1cb3afa4e36dac615ca14370205205d9&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 13:18:09&v=18.1.7.598&pid=safeguard&sg=&sap=hp","https://mysearch.avg.com?cid={861F012C-367A-401E-937A-5F994EECC036}&mid=9a939fbdd4a847d29d6a0580a99e4c25-1e2c3d1b1cb3afa4e36dac615ca14370205205d9&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-19 13:18:09&v=18.1.9.786&pid=safeguard&sg=&sap=hp"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-08]
CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-08]
CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-08]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-08]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-08]
CHR Extension: (Google Sheets) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-08]
CHR Extension: (AdBlock) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-08]
CHR Extension: (Website Logon) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanflfepiobnpjbljmngfgegijhdpljm [2015-01-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-08]
CHR Extension: (My Chrome Theme) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-01-08]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-08]
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03]
CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-03]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-03]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-03]
CHR Extension: (Google Sheets) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03]
CHR Extension: (Website Logon) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kanflfepiobnpjbljmngfgegijhdpljm [2015-02-03]
CHR Extension: (Google Wallet) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-03]
CHR Extension: (Lavasoft NewTab) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2015-02-03]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-03]
CHR HKLM-x32\...\Chrome\Extension: [kanflfepiobnpjbljmngfgegijhdpljm] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2013-04-01]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-08-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-06-13] (Lavasoft Limited)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3259304 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-06-07] (HP)
R2 GenieTimelineService; C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe [662104 2012-09-16] (Genie9)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
R2 LaCieDesktopManagerService; C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe [1379840 2012-10-10] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 MatLocalLicenceServer50; C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv50.exe [36864 2010-03-16] () [File not signed]
R2 MatLocalLicenceServer52; C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv52.exe [475136 2010-03-16] () [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 McNeelUpdate; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-12-13] (Robert McNeel & Associates)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4702568 2012-10-24] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [339456 2010-11-15] (Pharos Systems International) [File not signed]
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-10-31] (IDT, Inc.) [File not signed]
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-08] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-19] () [File not signed]
R2 vToolbarUpdater40.1.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe [1874320 2015-08-26] (AVG Secure Search)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-08-26] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [287208 2015-05-27] (AVG Technologies CZ, s.r.o.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-26] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-24] (GFI Software)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-19] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-03-20] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-31] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-09-01] ()
U3 aswVmm; C:\Users\Adam\AppData\Local\Temp\aswVmm.sys [224896 2015-09-02] ()
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
U3 aswMBR; \??\C:\Users\Adam\AppData\Local\Temp\aswMBR.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-02 15:48 - 2015-09-02 15:49 - 05198336 _____ (AVAST Software) C:\Users\Adam\Downloads\aswMBR.exe
2015-09-02 15:48 - 2015-09-02 15:48 - 00045522 _____ C:\Users\Adam\Desktop\FRST.txt
2015-09-02 15:46 - 2015-09-02 15:46 - 00037454 _____ C:\Users\Adam\Downloads\FRST.txt
2015-09-02 15:45 - 2015-09-02 15:48 - 00000000 ____D C:\FRST
2015-09-02 15:44 - 2015-09-02 15:44 - 02188800 _____ (Farbar) C:\Users\Adam\Desktop\FRST64.exe
2015-09-02 15:44 - 2015-09-02 15:44 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-ADAMSPC-Windows-8.1-(64-bit).dat
2015-09-02 15:43 - 2015-09-02 15:43 - 00002258 _____ C:\Users\Adam\Desktop\Tweaking.com - Registry Backup.lnk
2015-09-02 15:43 - 2015-09-02 15:43 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-09-02 15:43 - 2015-09-02 15:43 - 00000000 ____D C:\RegBackup
2015-09-02 15:43 - 2015-09-02 15:43 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-09-02 15:41 - 2015-09-02 15:41 - 04687184 _____ (Tweaking.com) C:\Users\Adam\Downloads\tweaking.com_registry_backup_setup.exe
2015-09-02 11:16 - 2015-09-02 11:16 - 00001522 _____ C:\Users\Adam\Desktop\Projects (w2k07) - Shortcut.lnk
2015-09-02 11:04 - 2015-09-02 11:04 - 00002695 _____ C:\Users\Adam\Desktop\PSF's for active projects - Shortcut.lnk
2015-09-01 19:21 - 2015-09-01 19:21 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-01 13:55 - 2015-09-01 13:55 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-08-28 08:38 - 2015-08-28 09:58 - 00000000 ____D C:\Users\Adam\Documents\GNC Work
2015-08-23 21:00 - 2015-08-23 21:01 - 02907968 _____ (Cisco Systems, Inc.) C:\Users\Adam\Downloads\anyconnect-win-3.1.00495-web-deploy-k9 (1).exe
2015-08-23 19:51 - 2015-08-23 19:51 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Sun
2015-08-23 19:51 - 2015-08-23 19:51 - 00000000 ____D C:\Users\Adam\.oracle_jre_usage
2015-08-23 19:49 - 2015-08-23 19:49 - 00584288 _____ (Oracle Corporation) C:\Users\Adam\Downloads\chromeinstall-8u60.exe
2015-08-23 19:44 - 2015-08-23 19:46 - 00001350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Cisco AnyConnect Secure Mobility Client.lnk
2015-08-23 19:44 - 2015-08-23 19:44 - 00000000 ____D C:\Users\Adam\AppData\Local\Cisco
2015-08-23 19:44 - 2015-08-23 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-08-23 19:44 - 2015-08-23 19:44 - 00000000 ____D C:\ProgramData\Cisco
2015-08-23 19:44 - 2012-08-03 14:38 - 00107432 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2015-08-23 19:42 - 2015-08-23 19:42 - 02907968 _____ (Cisco Systems, Inc.) C:\Users\Adam\Downloads\anyconnect-win-3.1.00495-web-deploy-k9.exe
2015-08-23 19:02 - 2015-08-23 19:02 - 00001436 _____ C:\Users\Adam\Downloads\launch (1).ica
2015-08-23 19:00 - 2015-08-23 19:00 - 00001436 _____ C:\Users\Adam\Downloads\launch.ica
2015-08-23 18:53 - 2015-08-23 18:53 - 46664016 _____ (Citrix Systems, Inc.) C:\Users\Adam\Downloads\CitrixReceiver (1).exe
2015-08-23 18:51 - 2015-08-23 18:52 - 05464104 _____ (TeamViewer) C:\Users\Adam\Downloads\TeamViewerQS_en-idchpk6uhd.exe
2015-08-21 20:19 - 2015-08-21 20:21 - 159609586 _____ C:\Users\Adam\Downloads\CMK Sort 0815.zip
2015-08-20 08:53 - 2015-08-20 08:53 - 28024201 _____ C:\Users\Adam\Desktop\DSC_6097.psd
2015-08-19 09:09 - 2015-08-28 11:09 - 00000000 ____D C:\Users\Adam\Desktop\Large Decor Tree
2015-08-18 20:38 - 2015-08-10 20:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-18 20:38 - 2015-08-10 19:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-14 21:22 - 2015-08-14 15:21 - 18884698 _____ C:\Users\Adam\Desktop\DSC_0587.NEF
2015-08-13 20:06 - 2015-07-30 09:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 20:06 - 2015-07-30 08:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 21:50 - 2015-07-18 20:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-11 21:50 - 2015-07-18 13:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-11 21:50 - 2015-07-18 13:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-11 21:50 - 2015-07-18 13:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-11 21:50 - 2015-07-18 13:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-11 21:50 - 2015-07-18 13:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-11 21:50 - 2015-07-18 13:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-11 21:50 - 2015-07-18 13:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-11 21:50 - 2015-07-18 13:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-11 21:50 - 2015-07-18 13:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-11 21:50 - 2015-07-18 13:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-11 21:50 - 2015-07-18 13:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-11 21:50 - 2015-06-09 13:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-11 21:49 - 2015-07-16 15:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-11 21:49 - 2015-07-16 15:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-11 21:49 - 2015-07-16 15:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-11 21:49 - 2015-07-16 15:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-11 21:49 - 2015-07-16 15:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-11 21:49 - 2015-07-16 15:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-11 21:49 - 2015-07-16 14:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-11 21:49 - 2015-07-16 14:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-11 21:49 - 2015-07-16 14:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-11 21:49 - 2015-07-16 14:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-11 21:49 - 2015-07-16 14:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-11 21:49 - 2015-07-16 14:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-11 21:49 - 2015-07-16 14:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-11 21:49 - 2015-07-16 14:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-11 21:49 - 2015-07-16 14:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-11 21:49 - 2015-07-16 14:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 21:49 - 2015-07-16 14:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-11 21:49 - 2015-07-16 14:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-11 21:49 - 2015-07-16 14:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-11 21:49 - 2015-07-16 14:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-11 21:49 - 2015-07-16 14:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-11 21:49 - 2015-07-16 14:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 21:49 - 2015-07-16 14:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-11 21:49 - 2015-07-16 14:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-11 21:49 - 2015-07-16 13:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-11 21:49 - 2015-07-16 13:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-11 21:49 - 2015-07-16 13:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-11 21:49 - 2015-07-16 13:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-11 21:49 - 2015-07-16 13:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-11 21:47 - 2015-07-15 19:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 21:47 - 2015-07-15 19:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 21:47 - 2015-07-15 19:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 21:47 - 2015-07-15 19:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 21:47 - 2015-07-10 12:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 21:46 - 2015-08-16 22:24 - 00000000 ____D C:\Users\Adam\Desktop\Temp Raw
2015-08-11 21:46 - 2015-07-28 18:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-11 21:46 - 2015-07-28 09:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-11 21:46 - 2015-07-28 09:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-11 21:46 - 2015-07-28 09:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-11 21:46 - 2015-07-28 09:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-11 21:46 - 2015-07-28 09:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-11 21:46 - 2015-07-28 09:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-11 21:46 - 2015-07-07 04:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-11 21:46 - 2015-07-07 04:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-11 21:46 - 2015-07-07 04:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-11 21:46 - 2015-07-01 17:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-11 21:46 - 2015-07-01 17:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-11 21:46 - 2015-07-01 16:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-11 21:46 - 2015-07-01 16:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-11 21:46 - 2015-06-12 12:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 21:46 - 2015-06-12 11:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 21:42 - 2015-07-13 14:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-11 21:42 - 2015-07-13 14:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-11 21:41 - 2015-07-29 09:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 21:41 - 2015-07-29 09:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 21:41 - 2015-07-29 09:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 21:41 - 2015-07-24 13:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-11 21:41 - 2015-07-24 13:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 21:41 - 2015-07-24 13:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-11 21:41 - 2015-07-24 12:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 21:41 - 2015-07-24 12:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-11 21:41 - 2015-07-14 16:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-11 21:41 - 2015-07-14 16:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-11 21:41 - 2015-07-14 16:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-11 21:41 - 2015-07-13 22:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-11 21:41 - 2015-07-13 22:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-11 21:41 - 2015-07-10 13:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-11 21:41 - 2015-07-10 12:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-11 21:41 - 2015-07-10 12:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-11 21:41 - 2015-07-10 12:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-11 21:41 - 2015-07-10 11:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-11 21:41 - 2015-07-10 11:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 21:41 - 2015-07-09 12:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 21:41 - 2015-07-09 12:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 21:41 - 2015-07-09 11:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 21:41 - 2015-06-11 15:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-11 21:41 - 2015-06-11 15:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-11 21:41 - 2015-05-11 19:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-09 14:17 - 2015-08-09 14:17 - 00000000 _____ C:\Users\Adam\Desktop\RhinoCrashDump.dmp
2015-08-09 11:54 - 2015-08-09 11:54 - 00000000 ____D C:\Users\Adam\Desktop\Temp LIghtroom FOlder
2015-08-09 10:41 - 2015-08-09 10:41 - 00293160 _____ C:\WINDOWS\Minidump\080915-80125-01.dmp
2015-08-09 10:38 - 2015-08-09 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-09 10:38 - 2015-08-09 10:38 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-03 17:41 - 2015-08-03 17:41 - 00000000 ____D C:\Users\Adam\AppData\Local\CEF
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-08-03 11:01 - 2015-08-03 11:01 - 00000000 ____D C:\Users\Administrator\AppData\Local\GWX
2015-08-03 09:03 - 2015-08-03 09:03 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apple
2015-08-03 08:36 - 2015-08-03 08:36 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Hewlett-Packard

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-02 15:49 - 2013-07-01 11:15 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3968669950-148750945-1168380495-1003
2015-09-02 15:48 - 2013-10-30 00:52 - 01135450 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-02 15:37 - 2014-03-03 22:48 - 00000000 ___RD C:\Users\Adam\Dropbox
2015-09-02 15:37 - 2014-03-03 22:41 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Dropbox
2015-09-02 15:26 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-02 13:14 - 2015-06-26 20:02 - 00000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003UA.job
2015-09-02 13:04 - 2014-01-27 15:14 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003UA.job
2015-09-02 12:07 - 2013-11-08 10:33 - 00000000 ____D C:\Users\Adam\AppData\Local\E2E1B42E-7A12-428C-B05C-ABF1D7DC2B86.aplzod
2015-09-02 10:49 - 2014-08-26 22:23 - 00000000 ____D C:\Users\Adam\Documents\Youcam
2015-09-02 10:27 - 2014-05-23 11:43 - 00000000 ____D C:\ProgramData\MFAData
2015-09-02 10:21 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-01 23:19 - 2013-07-01 10:54 - 00003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{14320D0E-7DF9-4C2F-88FD-822B4338E7D1}
2015-09-01 22:56 - 2015-07-17 21:52 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Curse Client
2015-09-01 22:04 - 2014-01-27 15:14 - 00000868 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003Core.job
2015-09-01 14:48 - 2013-09-29 23:04 - 00958356 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-01 14:44 - 2015-07-27 22:54 - 00000269 _____ C:\WINDOWS\system32\deviceAppeared.txt
2015-09-01 14:44 - 2015-07-27 22:54 - 00000002 _____ C:\WINDOWS\system32\devicelist.txt
2015-09-01 14:44 - 2015-07-27 22:54 - 00000002 _____ C:\WINDOWS\system32\devicealertlist.txt
2015-09-01 13:55 - 2015-03-10 14:25 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2015-09-01 13:55 - 2015-02-06 20:42 - 00000000 ____D C:\Users\Adam\AppData\Local\LogMeIn Hamachi
2015-09-01 13:54 - 2013-08-22 09:46 - 00403605 _____ C:\WINDOWS\setupact.log
2015-09-01 13:53 - 2013-09-29 22:55 - 00785340 _____ C:\WINDOWS\PFRO.log
2015-09-01 13:53 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-01 13:52 - 2013-08-22 08:25 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2015-09-01 01:00 - 2013-10-07 18:22 - 00000000 ____D C:\Users\Adam\AppData\Local\Spotify
2015-08-31 23:18 - 2013-10-07 18:21 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Spotify
2015-08-28 14:08 - 2013-08-28 10:42 - 00003894 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-28 14:08 - 2013-08-28 10:42 - 00003658 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 14:08 - 2013-08-28 10:42 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-28 14:08 - 2013-08-28 10:42 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-28 11:05 - 2014-10-31 00:28 - 00000033 _____ C:\Users\Adam\AppData\Roaming\AdobeWLCMCache.dat
2015-08-28 10:13 - 2015-06-26 20:02 - 00000878 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003Core.job
2015-08-28 08:38 - 2013-08-28 06:19 - 00000000 ____D C:\Users\Adam\AppData\Local\Adobe
2015-08-26 21:58 - 2015-02-28 22:14 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2015-08-26 21:58 - 2015-02-28 22:13 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-08-26 19:48 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-24 12:09 - 2015-06-21 21:31 - 00000000 ____D C:\Users\Adam\AppData\Roaming\ICAClient
2015-08-23 21:26 - 2013-09-24 00:39 - 00000000 ____D C:\Users\Adam\AppData\Roaming\Ad-Aware Antivirus
2015-08-23 21:07 - 2014-11-23 13:07 - 00000000 __SHD C:\Users\Adam\AppData\Local\EmieBrowserModeList
2015-08-23 21:07 - 2014-10-21 00:17 - 00000000 __SHD C:\Users\Adam\AppData\Local\EmieUserList
2015-08-23 21:07 - 2014-10-21 00:17 - 00000000 __SHD C:\Users\Adam\AppData\Local\EmieSiteList
2015-08-23 19:52 - 2014-04-10 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-23 19:52 - 2014-04-10 22:49 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-23 19:51 - 2014-04-10 22:49 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-23 19:51 - 2013-10-30 00:57 - 00000000 ____D C:\Users\Adam
2015-08-23 19:44 - 2014-03-20 11:36 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-08-23 18:58 - 2015-06-21 21:31 - 00001688 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2015-08-23 18:58 - 2015-06-21 21:28 - 00000000 ____D C:\Program Files (x86)\Citrix
2015-08-23 18:56 - 2015-06-21 21:30 - 00000000 ____D C:\ProgramData\Citrix
2015-08-23 12:00 - 2013-09-24 00:41 - 00001875 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-08-22 23:38 - 2014-04-01 10:21 - 00003156 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForAdam
2015-08-22 23:38 - 2014-04-01 10:21 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForAdam.job
2015-08-20 14:49 - 2012-07-26 02:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-20 14:38 - 2013-09-12 18:11 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-08-16 13:50 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-14 07:53 - 2013-08-22 09:44 - 05123192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-14 07:50 - 2013-10-04 22:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-14 07:50 - 2013-10-04 22:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 23:18 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 23:18 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 23:18 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 23:18 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-13 20:09 - 2013-08-30 18:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 20:05 - 2013-10-04 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 20:01 - 2013-08-28 23:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-13 19:43 - 2013-08-28 23:47 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-13 19:35 - 2014-12-10 23:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-13 19:35 - 2014-07-09 21:03 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-13 19:29 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 19:29 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 18:37 - 2015-07-20 19:00 - 00000000 ____D C:\Users\Adam\AppData\Local\MyComGames
2015-08-10 20:49 - 2015-03-07 17:58 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-08-09 10:52 - 2014-05-23 11:47 - 00000988 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2015-08-09 10:41 - 2013-12-01 16:40 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-09 10:40 - 2013-09-04 19:34 - 592483420 _____ C:\WINDOWS\MEMORY.DMP
2015-08-09 10:38 - 2015-02-06 20:41 - 00000945 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-08 10:54 - 2013-07-01 10:53 - 00000000 ____D C:\Users\Adam\AppData\Local\Packages
2015-08-08 08:55 - 2015-07-16 18:14 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 08:55 - 2015-07-16 18:14 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-03 19:30 - 2015-07-30 13:02 - 00012603 _____ C:\WINDOWS\SysWOW64\debug.log
2015-08-03 11:09 - 2013-10-30 03:49 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-03 11:05 - 2015-07-10 08:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-03 09:40 - 2013-06-29 08:04 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3968669950-148750945-1168380495-500
2015-08-03 07:56 - 2015-07-30 12:56 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2015-08-03 07:14 - 2015-07-30 13:02 - 00000351 _____ C:\prefs.js

==================== Files in the root of some directories =======

2013-11-02 00:06 - 2014-03-30 14:00 - 0000132 _____ () C:\Users\Adam\AppData\Roaming\Adobe GIF Format CC Prefs
2014-03-30 14:00 - 2014-05-11 19:15 - 0000132 _____ () C:\Users\Adam\AppData\Roaming\Adobe PNG Format CC Prefs
2014-10-31 00:28 - 2015-08-28 11:05 - 0000033 _____ () C:\Users\Adam\AppData\Roaming\AdobeWLCMCache.dat
2014-09-21 17:30 - 2014-09-21 17:30 - 0000112 _____ () C:\Users\Adam\AppData\Roaming\JP2K CS6 Prefs
2015-02-15 23:07 - 2015-02-15 23:07 - 0000028 _____ () C:\Users\Adam\AppData\Roaming\kulerdata.json
2014-04-08 20:26 - 2014-04-08 20:26 - 0000054 _____ () C:\ProgramData\.bf45c81f8dc8abfeecf09.dat
2013-08-29 22:48 - 2013-08-29 22:48 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Files to move or delete:
====================
C:\ProgramData\.bf45c81f8dc8abfeecf09.dat

Some files in TEMP:
====================
C:\Users\Adam\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Adam\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpptp8hj.dll
C:\Users\Adam\AppData\Local\Temp\Extract.exe
C:\Users\Adam\AppData\Local\Temp\ICReinstall_JavaPlatformSESetup-23591503.exe
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-50-g402ee87-b2959jnks.dll
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.3-66-g43d8943-b3078jnks.dll
C:\Users\Adam\AppData\Local\Temp\jansi-32-git-Spigot-1642.dll
C:\Users\Adam\AppData\Local\Temp\jline_git-Bukkit-0_0_0-1046-gfee8f92-b1152jnks.dll
C:\Users\Adam\AppData\Local\Temp\jline_git-Bukkit-0_0_0-1067-g6301507-b1185jnks.dll
C:\Users\Adam\AppData\Local\Temp\riftuninstall.exe
C:\Users\Adam\AppData\Local\Temp\sp64126.exe
C:\Users\Adam\AppData\Local\Temp\SP65168.exe
C:\Users\Adam\AppData\Local\Temp\SP65755.exe
C:\Users\Adam\AppData\Local\Temp\SP65782.exe
C:\Users\Adam\AppData\Local\Temp\SP65792.exe
C:\Users\Adam\AppData\Local\Temp\SP65793.exe
C:\Users\Adam\AppData\Local\Temp\SP66941.exe
C:\Users\Adam\AppData\Local\Temp\SP68376.exe
C:\Users\Adam\AppData\Local\Temp\SP69886.exe
C:\Users\Adam\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Adam\AppData\Local\Temp\UninstallHPSA.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

ATTENTION: ==> Could not access BCD.

LastRegBack: 2015-09-01 21:10

==================== End of FRST.txt ============================

Here is the Addition scan:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Adam (2015-09-02 15:52:48)
Running from C:\Users\Adam\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Adam (S-1-5-21-3968669950-148750945-1168380495-1003 - Administrator - Enabled) => C:\Users\Adam
Administrator (S-1-5-21-3968669950-148750945-1168380495-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-3968669950-148750945-1168380495-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3968669950-148750945-1168380495-1005 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Lavasoft Ad-Aware (Disabled - Out of date) {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Lavasoft Ad-Aware (Disabled - Out of date) {5BB89C30-6480-BC7C-9F17-199BD76F557A}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: Lavasoft Ad-Aware (Disabled) {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ad-Aware Antivirus (HKLM-x32\...\{944167EA-7F89-4705-8DCD-1D63B53141B0}) (Version: 10.5.3.4405 - Lavasoft)
Ad-Aware Security Add-on (HKLM-x32\...\adawaretb) (Version: 3.4.0.1 - Lavasoft)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.1.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.1.0 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.1.0.070 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Akamai) (Version: - Akamai Technologies, Inc)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
AutoCAD Architecture 2014 - English (Version: 7.5.17.0 - Autodesk) Hidden
AutoCAD Architecture 2014 Language Pack - English (Version: 7.5.17.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD Architecture 2014 - English (HKLM\...\AutoCAD Architecture 2014 - English) (Version: 7.5.17.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM-x32\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk Revit 2014 (HKLM\...\Autodesk Revit 2014) (Version: 13.07.22211 - Autodesk)
Autodesk Workflows 2014 (HKLM\...\{11672AB2-3D48-4D38-9123-719E5FF93333}) (Version: 4.0.19.0 - Autodesk, Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4830 - AVG Technologies)
AVG 2014 (Version: 14.0.4365 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4830 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.6.294 - AVG Technologies)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
calibre (HKLM-x32\...\{4A7785E7-924F-4938-98C6-B08F2DAA0961}) (Version: 2.16.0 - Kovid Goyal)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.00495 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.00495 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.3.0.5014 - Citrix Systems, Inc.)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.6326 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3603 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Dropbox (HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-200 Series Printer Uninstall (HKLM\...\EPSON XP-200 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Flamingo nXt (HKLM\...\{030BC8B6-1880-4129-911A-51DA3B60A16A}) (Version: 3.1.2012.0928 - Robert McNeel & Associates)
Flamingo nXt en-us Language Pack (HKLM-x32\...\{BC09FE5C-A554-4102-9501-C352D6A3BE36}) (Version: 3.1.2012.0928 - Robert McNeel & Associates)
Geeks3D.com FurMark 1.10.3 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
Genie Timeline (HKLM-x32\...\Genie Timeline) (Version: 3.0 - Genie9)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Horizon v2.7.6.7 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.6.7 - Daring Development Inc.)
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\HPConnectedMusic) (Version: 1.1 (build 59) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{7F265322-43A2-4C06-925B-F32F938B102C}) (Version: 1.3.0.0 - Hewlett-Packard)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{4BACA3B8-F63A-44ED-9A8D-48B4D02AD268}) (Version: 6.0.100.276 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{5D1D65C3-E6D3-4751-AEFD-CAB4E3EB85F2}) (Version: 4.0.41.2072 - Intel)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
LaCie Desktop Manager 1.5.5 (HKLM\...\{3845209F-142E-4F48-B61A-AA34D2DB54BB}_is1) (Version: 1.5.5 - LaCie)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LightUp v3.2c DEMO (HKLM-x32\...\{D8039534-AD4D-4806-A36C-14EF5CA18AC7}) (Version: 3.2.2 - Billyard Enterprises)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.377 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.377 - LogMeIn, Inc.) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0000-0000-0000000FF1CE}_OUTLOOK_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook 2007 (HKLM-x32\...\OUTLOOK) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (HKLM-x32\...\POWERPOINT) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
My.com Game Center (HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\MyComGames) (Version: 3.138 - My.com B.V.)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Online Plug-in (x32 Version: 14.3.0.5014 - Citrix Systems, Inc.) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pharos (HKLM-x32\...\Pharos) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.29053 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Revit 2014 (Version: 13.07.22211 - Autodesk) Hidden
Revit 2014 Language Pack - English (Version: 13.07.22211 - Autodesk) Hidden
Rhinoceros 5 (64-bit) (HKLM\...\{257F3E7F-464C-4117-A498-D4DACACD066F}) (Version: 5.7.31213.18395 - Robert McNeel & Associates)
Rhinoceros 5 (HKLM-x32\...\{26F01D2A-ED37-481D-AF6C-E673B07C6B9D}) (Version: 5.7.31213.18395 - Robert McNeel & Associates)
Rhinoceros 5 Help Media (HKLM-x32\...\{27558713-19E6-44D7-ACC7-D4D721CCBE94}) (Version: 5.7.31022.19295 - Robert McNeel & Associates)
Rhinoceros 5 Language Pack Installer (en-US) (HKLM-x32\...\{DEA335DF-85A0-4079-A3C8-4E49920E1B9D}) (Version: 5.7.31213.18395 - Robert McNeel & Associates)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version: - Frontier)
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Sculptris Alpha 6 (HKLM-x32\...\InstallShield_{D2883AB6-09B4-4981-AAF8-E695411EEC9A}) (Version: 0.6 - Pixologic)
Sculptris Alpha 6 (x32 Version: 0.6 - Pixologic) Hidden
Self-service Plug-in (x32 Version: 4.3.0.8352 - Citrix Systems, Inc.) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Simple Port Forwarding (HKLM-x32\...\Simple Port Forwarding) (Version: 3.8.1 - PcWinTech.com)
SketchUp 2014 (HKLM-x32\...\{F246092E-FA0B-47C8-9D3E-CF8C210293C8}) (Version: 14.1.1282 - Trimble Navigation Limited)
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
SketchyPhysics3.1 (HKLM-x32\...\SketchyPhysics3.1_is1) (Version: - )
skyforge_mycom (HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\skyforge_mycom) (Version: 1.28 - My.com B.V.)
Skype 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\Spotify) (Version: 1.0.12.161.g64b0797c - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.2.0 - Tweaking.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001A-0000-0000-0000000FF1CE}_OUTLOOK_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
VELUX Daylight Visualizer 2.8 (HKLM-x32\...\VELUX Daylight Visualizer) (Version: 2.8 - VELUX)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3968669950-148750945-1168380495-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Adam\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

13-08-2015 19:21:50 Windows Update
18-08-2015 20:37:24 Windows Update
23-08-2015 19:43:07 Installed Cisco AnyConnect Secure Mobility Client

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {196D98C0-51AB-418D-9F12-B3D568D7AEA7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {1F20CA3E-531E-47ED-B6A9-5C7B24A396EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1FFCF4A1-CFF8-4D38-9BD6-9BE1E3DE7DED} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {2914B2AD-070C-4CDE-ADFB-6C0DAF06A965} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {41137394-57E5-4D34-BDC5-95BB5D5A1A2F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {4F49D5ED-B9FB-47CD-B734-9A48ACB2D9E5} - System32\Tasks\AdobeAAMUpdater-1.0-AdamsPC-Adam => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {5145B77B-BDB4-4D14-9CBA-D0C9D2C8A0A1} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2013-12-03] (CyberLink Corp.)
Task: {55102A7A-70DC-4DB8-9054-1B9E7A182CDA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {57240613-017B-4DD9-9DA2-0B3048F4980D} - System32\Tasks\{F1628CC6-9C5D-4106-952A-E724CB6ED158} => pcalua.exe -a "C:\Users\Adam\Downloads\sp58587 (1).exe" -d C:\Users\Adam\Downloads
Task: {5C9B141E-FBB9-43A6-9B53-87AFFCCD05A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003UA => C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-27] (Google Inc.)
Task: {606FCAB8-693C-4D30-8FAA-17DBACCCDA27} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {62CBCFDD-DE13-4DA5-80F8-D2754B08703D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN19H343PN => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {7881874D-D432-442D-A179-97E711943B39} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C08E103-3013-4472-91B3-952BCAEAE286} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {86275380-5FCC-4E20-8688-03F83DA8D3DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {916E9E45-15AC-42DB-8DB3-7C74F650FF6B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003Core => C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-27] (Google Inc.)
Task: {925A9448-CB12-4810-BAB3-6DD3F280AB39} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-13] (Microsoft Corporation)
Task: {95082FFD-423C-4DF7-8E10-925400C9902D} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe [2013-06-13] (Lavasoft Limited)
Task: {9AB5BE69-B3B1-428A-9593-3547EA27E462} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-31] (Synaptics Incorporated)
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {AC113A5E-F319-415E-B55B-587D9C8A8827} - System32\Tasks\HPCeeScheduleForAdam => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {C1AEDF45-C860-477E-AAF0-209FF6640FAA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN29D4RHXJ => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {C2B79EC9-67AD-4F85-9959-262D3D9E6653} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {C631D143-87A0-44A5-8961-11DC46BB488C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {D3C75F3F-5BB8-4C07-9704-BE809ECF7CFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {E458D842-2ED9-484C-8BFC-A1F977D454C5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {F02897D7-56CB-4E4C-9686-722632BFBB29} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN266C21MR05RB => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {F0E17D94-8C66-4BA3-9920-D77354EDFE00} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003Core => C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {F17DEF2D-A83C-4143-92C5-798B7B38B2EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {F1EB4546-E3AA-47DA-8F99-EC0A86554556} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003UA => C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {F6581D36-DA03-49AF-AF12-0CB1D3D41E16} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003Core.job => C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003UA.job => C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003Core.job => C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3968669950-148750945-1168380495-1003UA.job => C:\Users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForAdam.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (Whitelisted) ==============

2015-02-28 22:13 - 2015-08-26 21:58 - 01205136 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2012-09-10 09:29 - 2012-09-10 09:29 - 00332800 _____ () C:\Program Files\Genie9\Genie Timeline\OnlineHandler.dll
2012-04-24 04:29 - 2012-04-24 04:29 - 00045568 _____ () C:\Program Files\Genie9\Genie Timeline\GSLogging.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00488960 _____ () C:\Program Files\Genie9\Genie Timeline\GSIndexDB.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00087040 _____ () C:\Program Files\Genie9\Genie Timeline\QueueManager.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00708608 _____ () C:\Program Files\Genie9\Genie Timeline\GSBackupManager.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00205824 _____ () C:\Program Files\Genie9\Genie Timeline\Settings.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00343552 _____ () C:\Program Files\Genie9\Genie Timeline\GSWatcher4.dll
2012-04-24 04:29 - 2012-04-24 04:29 - 00058368 _____ () C:\Program Files\Genie9\Genie Timeline\GSLibrariesManager.dll
2012-02-02 04:16 - 2012-02-02 04:16 - 00740864 _____ () C:\Program Files\Genie9\Genie Timeline\sqlite3.dll
2012-04-24 04:29 - 2012-04-24 04:29 - 00011264 _____ () C:\Program Files\Genie9\Genie Timeline\RWLock.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00054784 _____ () C:\Program Files\Genie9\Genie Timeline\GSLogManager.dll
2012-02-02 04:16 - 2012-02-02 04:16 - 00010752 _____ () C:\Program Files\Genie9\Genie Timeline\VSSEngine_Proxy.dll
2012-04-24 04:29 - 2012-04-24 04:29 - 00089600 _____ () C:\Program Files\Genie9\Genie Timeline\GSEncryption.dll
2012-02-02 04:16 - 2012-02-02 04:16 - 00031232 _____ () C:\Program Files\Genie9\Genie Timeline\VSSEngine_W2K3.dll
2013-02-13 12:35 - 2013-02-13 12:35 - 00180200 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-02-13 12:35 - 2013-02-13 12:35 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2015-07-27 22:53 - 2012-10-10 16:50 - 01379840 _____ () C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
2010-03-16 10:22 - 2010-03-16 10:22 - 00036864 _____ () C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv50.exe
2010-03-16 10:22 - 2010-03-16 10:22 - 00475136 _____ () C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv52.exe
2013-03-19 16:21 - 2013-03-19 16:21 - 00028160 _____ () C:\Windows\system32\valWBFPolicyService.exe
2015-08-26 21:58 - 2015-08-26 21:58 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
2013-09-05 02:36 - 2014-09-13 18:48 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-06-29 06:23 - 2014-09-13 16:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-09-10 09:29 - 2012-09-10 09:29 - 00063488 _____ () C:\Program Files\Genie9\Genie Timeline\XBalloonMsgDll.dll
2012-04-24 04:29 - 2012-04-24 04:29 - 00093696 _____ () C:\Program Files\Genie9\Genie Timeline\GSCurl.dll
2013-09-02 11:53 - 2014-08-19 14:12 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-06-07 05:16 - 2013-06-07 05:16 - 04073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-02 13:12 - 2014-05-02 13:12 - 00266432 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\ASKLib.dll
2014-05-02 13:12 - 2014-09-26 17:42 - 00095424 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\ASLSupport.dll
2014-05-02 13:12 - 2014-09-26 17:42 - 00263360 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\AdamLib.dll
2014-05-02 13:12 - 2014-05-02 13:12 - 00073408 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\unihan.dll
2014-12-19 16:57 - 2014-12-19 16:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-02-28 22:14 - 2015-08-26 21:58 - 03175312 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2014-09-03 12:55 - 2014-09-03 12:55 - 00815104 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\Utilities\adb.exe
2012-08-03 14:53 - 2012-08-03 14:53 - 00062968 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-16 10:17 - 2010-03-16 10:17 - 00339968 _____ () C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\MatBase.14.00.dll
2010-03-16 10:13 - 2010-03-16 10:13 - 00061440 _____ () C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\_MatDll.14.00.dll
2010-03-16 10:17 - 2010-03-16 10:17 - 00319488 _____ () C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\MatSAX.14.00.dll
2010-03-16 10:15 - 2010-03-16 10:15 - 00102400 _____ () C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\MatResString.14.01.dll
2015-08-26 21:58 - 2015-08-26 21:58 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\log4cplusU.dll
2013-11-18 18:30 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-11-18 18:30 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-11-18 18:30 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-11-18 18:30 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-11-18 18:30 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-24 00:45 - 2014-03-07 10:57 - 00190752 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libBase64.dll
2013-09-24 00:45 - 2014-03-07 10:57 - 00178464 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libMachoUniv.dll
2013-06-29 06:24 - 2013-01-14 13:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-02-28 22:14 - 2015-08-26 21:58 - 40638864 _____ () C:\Program Files (x86)\AVG Web TuneUp\libcef.dll
2015-08-20 20:08 - 2015-08-18 00:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-20 20:08 - 2015-08-18 00:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
2014-07-30 01:00 - 2014-09-13 18:48 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-16 17:35 - 2013-08-05 02:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 16:48 - 2013-08-05 16:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-08-20 20:08 - 2015-08-18 00:23 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\PepperFlash\pepflashplayer.dll
2015-09-02 15:36 - 2015-09-02 15:36 - 00071168 _____ () c:\users\adam\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpptp8hj.dll
2015-07-24 22:18 - 2015-08-05 00:26 - 00012800 _____ () C:\Users\Adam\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-07-24 22:18 - 2015-08-05 00:26 - 00779776 _____ () C:\Users\Adam\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-03 08:22 - 2015-08-05 00:26 - 00056320 _____ () C:\Users\Adam\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-24 22:18 - 2015-08-05 00:26 - 00012288 _____ () C:\Users\Adam\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3968669950-148750945-1168380495-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3968669950-148750945-1168380495-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 128.101.101.101 - 134.84.84.84
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Ad-Aware Antivirus"
HKLM\...\StartupApproved\Run32: => "Ad-Aware Browsing Protection"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "BambooCore"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "NCUpdateHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "Power2GoExpress8"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3968669950-148750945-1168380495-1003\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C9DAB3D4-B2BF-419D-B12E-941B182E52F4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{881F5F24-22CE-4D9F-8C95-EA5B1DD4A534}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [UDP Query User{5B732F55-21A0-470F-9F2E-7C61AA0C448A}C:\users\adam\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\adam\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1653E80F-ADC2-4966-A76E-81709FB8837B}C:\users\adam\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\adam\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E052FE34-CC6F-46F2-88CC-913B9B7E253B}] => (Allow) C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe
FirewallRules: [{8824DD18-48E3-4A20-B0D7-14C70CF2C568}] => (Allow) C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe
FirewallRules: [UDP Query User{A751B0B9-6559-4EE7-8D8D-F73147230E5D}C:\users\adam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adam\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{9A861570-4950-4F82-A1AC-2E1E75761EFC}C:\users\adam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adam\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D1D9F781-7231-4809-A05B-98AC1C9ABBC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{BE5FA6AC-5E76-4634-863C-64602F2568B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{284D02D5-B8D4-462A-8E89-B0C89422641E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{12FAF684-D16F-4E5F-8FB2-3271D1E7BE84}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{2B06E800-9233-454C-ABE4-F5F305C7B884}C:\users\adam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adam\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{C0D74687-FC51-40F3-A5C6-224CA82B2095}C:\users\adam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adam\appdata\local\akamai\netsession_win.exe
FirewallRules: [{A51ADFF1-A840-4EA2-9444-D21DC85BD591}] => (Allow) LPort=50248
FirewallRules: [{3242AE26-6293-4746-82C8-29F286F05D5D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{273CA2C2-F782-4B28-A68F-862F05F02E0E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B7711178-8887-4E26-A83F-D36107E8B336}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EE74666C-0B46-4DD8-8911-6ADD0F5E55A5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{11854B73-7C87-4B5A-A116-2DFEE3AAEF7A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7AB1DB7B-DFBF-4440-A549-966F132FD738}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3994FD5D-6540-4322-AA7D-6D0125F54A27}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{3BB4D7F6-1395-47F9-9E90-B68808D79510}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{37CF8AC5-D375-485B-B43E-B2E27540C940}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{BB6E8656-BA52-4617-93E5-5D60CE3528A5}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{5E651CF8-EA26-410C-BDD8-CFCC01E7E5F1}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{6B41DBA4-04B9-442E-8DB6-6BCD307D30B1}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{2686689A-8730-41D3-B302-66E4FBF94D16}] => (Allow) LPort=1900
FirewallRules: [{9DF35F11-666B-4078-AFD5-6BAA5E325CFD}] => (Allow) LPort=2869
FirewallRules: [{BE33DA41-C9B7-4839-857A-8906E463A592}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AA4A8F42-B364-406E-BEF2-7249735923D8}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{5F5434B0-436B-4617-AAD9-EE5E0CBCAFC2}C:\users\adam\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\adam\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{933F3D3F-F438-4234-A243-5213EB1A93C2}C:\users\adam\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\adam\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{D4E79755-455B-46D5-8004-0E0A60775841}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{6EDAEE58-0E46-49B2-9DD1-85C447CEA26B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{24974FDE-93AC-4C46-80CF-3A5FA36088A6}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{28B1614C-3A35-4F80-9A42-232942E3AEB2}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{1A7FB150-E16C-4CE2-B73E-BF91872A69AC}] => (Allow) LPort=25565
FirewallRules: [{E6080BEA-7812-42FF-8F92-65E63DCF98EB}] => (Allow) LPort=25565
FirewallRules: [TCP Query User{7051F02C-74EF-4B70-BB42-AB266F2044B3}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{584FF4BA-484E-45A7-B06C-F578A6BBAFA7}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{510732F0-ACAA-4FE4-88A7-C0FB65D0033D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{973AA044-0C98-4315-A472-99E08410C8C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{017EE512-4433-4806-AA6E-3E06D381B3BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{B3792719-A45A-4BF7-9603-A9B36AEE7926}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{3D704208-345A-44CB-9F66-59506BDC0F6B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{CAF0D213-0FF9-48A5-8466-23A8971CBF61}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A8297D09-15E6-4199-BCDC-1472BCAE05B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{ECC781EB-203F-4C62-8D84-1468503EA4E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{39548B58-6DE6-4467-AC6C-767097ED98C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{A0B4B87A-53DE-4434-B277-03FE4EBFCF00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [TCP Query User{C825423E-2B48-4F83-9AE6-E9AFFE600EA1}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{E0341F54-3223-4493-A5CB-9FE2618D50FC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{C937D517-D138-4488-89A7-334A49CF22A0}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [UDP Query User{4516D8F1-0B1E-4B76-8903-D7CB1C377B5B}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Allow) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [TCP Query User{2608F217-BD5C-4BE8-85FD-12F67BB11BAD}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Block) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [UDP Query User{5FE5A847-D250-4448-8B7B-DC3D40DE208B}C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe] => (Block) C:\program files (x86)\ncwest\nclauncher\ncupdatehelper.exe
FirewallRules: [TCP Query User{FA41D1A0-6CD5-4506-9EAF-24F7F8EDD2C8}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [UDP Query User{511946BC-DD15-4BAA-84BC-3C502209A7D4}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Allow) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [{5BBEEFAA-47E3-43DD-A272-4F66C0C5B60C}] => (Allow) C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EF11F6B8-A586-4994-9418-8223BCEEFA10}] => (Allow) C:\Users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{985F41F5-D8B3-4639-97B6-C8C5E6C96F4F}C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{2CCB11BE-7C3B-4420-9219-5F7D269ED54D}C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\adam\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{59B9544E-2956-4372-B950-5314883B6FC8}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{2E0ABAE0-61C1-4945-BB42-E8E3D5A7E174}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{CB2D958A-9B8A-4DA9-9A44-57D4978C3E1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{31EB9B02-AABF-43D4-8D4B-0A7C7F3B17B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{C36BCED9-FE42-4165-932E-3674DDB7F8E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{6299DB54-9EEC-4904-84FB-09D3D91AC795}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E853578C-E65D-4721-B6D5-2853D790CBC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{AFDCFAD3-750E-45E7-9EC5-243960401653}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2306D6AE-838B-4000-A637-19A524DC4FA5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CD6169CA-CD2B-4E4B-806C-79E02E16DBF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{455EC789-6EA7-4D21-B769-C4122960D05D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{73B4F947-88C7-4D79-A78B-345F8C38D07B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E59FE85A-E0EA-4EE8-84AA-8BA555A47B9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{86323601-7463-4C92-AAD7-2284F010F86A}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{F7863B8D-75D8-4E9A-A00B-010C89114BD5}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{DE6FEB4E-A187-4FBB-80A7-3EF7480FF4D3}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8768DEC5-1EC9-4740-8392-50607797D2B8}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{9FE82F8F-6184-4F8E-9C9A-3A16046DD520}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{BB08D48A-3096-4F21-B96F-EE9AE375C9D3}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{E843B504-BE84-468D-A66C-06685C9A858F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{788D63B1-369D-4027-9E19-058C815D595F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{C5D155EA-3AFB-4512-8E52-23A62F913973}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{A2A8899E-227C-4AC4-82F5-21256785633C}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [TCP Query User{AF5F1A8F-18AA-455B-BD8F-D421EFA839BC}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{E25AC37A-1EB6-45F3-A2D4-52CCBB4A019E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{2A4DD080-A600-433D-9179-9F5932DF6924}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9881F4EC-5353-4671-8D76-A36C60846BF4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{659D39B0-5CFC-4E03-8EBF-5B3124AC646C}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{DED1452F-9A44-4F59-9386-61626E2D70E1}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{CD69EDBE-49A8-48BD-AA37-39E31206EC15}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{9F4AE983-526D-44DD-B9C2-4C4B6B80AD79}] => (Allow) C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{5DBA6808-F18C-4C16-9C84-7CFEA5744582}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{9AC715C0-A172-486F-A5AD-1B99399822B8}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{F95849F6-726E-480F-A000-39A3CC300962}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{5F398F04-ABE2-4417-9237-7C1E3F427322}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D5D8AD5F-3530-4AEA-9A0B-27D5DD009631}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{8509E218-159D-4970-A36D-A486DB543A6E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{100E22D3-DD9D-442B-96F6-CC8A44D35375}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{17EEB77F-1A30-4AF4-B08C-6ECBC9F57117}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{2EDAC0EC-82F7-4684-9503-42449662F516}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{35A7648B-6926-4029-8B9A-9EC908C47719}C:\users\adam\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\adam\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{A3461CD5-AA22-4A13-9001-1BE686E7CEDB}C:\users\adam\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\adam\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{F1BF2C03-51DB-484B-BE68-37FE906A342B}] => (Block) C:\users\adam\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{235B4959-5D28-4C2A-8A02-D9EFF4509C16}] => (Block) C:\users\adam\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{98AD9EDF-254B-429A-835A-6DDF6917BDA3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6ADF1136-5BEC-4957-824F-C9E81BEC0502}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{01797646-8DC3-43C2-86AD-763BC6418DE7}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{35BC2D4B-7400-4A2B-BB11-9ABBDE5E3FC8}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{00ED52CA-CA71-441A-A7BF-D189D091F388}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{25B3F3FA-0C9F-41B6-8D7D-C59DFD9765C1}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{B87494E4-CE40-4E7E-8534-95AA63178302}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{FC27F0DB-1156-4532-8412-38C95733AA42}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{517A1F1C-7FA4-4521-9E9A-FD6A7BE29DAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6BE99C1F-4CFE-4A34-A084-0C39B5419B12}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/02/2015 01:25:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (09/02/2015 01:22:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6f4

Start Time: 01d0e5ab9aeaf8b1

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 8fa37704-519f-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (09/02/2015 01:16:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2"1".
Dependent Assembly FARO.LS,processorArchitecture="x86",publicKeyToken="1d23f5635ba800ab",type="win32",version="1.1.408.2" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/02/2015 01:10:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 30c0

Start Time: 01d0e5a9e85c3e00

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: dc7b499a-519d-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: 12199Asparion.AsparionClock_4.0.1.64_neutral__f89vgcf3qm37t

Faulting package-relative application ID: App

Error: (09/02/2015 12:52:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 34b8

Start Time: 01d0e5a76a065c71

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 5e0ba276-519b-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: 12199Asparion.AsparionClock_4.0.1.64_neutral__f89vgcf3qm37t

Faulting package-relative application ID: App

Error: (09/02/2015 12:52:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1284

Start Time: 01d0e5a76a07bc28

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 5e0b7b66-519b-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: 10631PaolosAdventures.GmailTouch_1.0.0.46_neutral__ntpp077zx3tm0

Faulting package-relative application ID: App

Error: (09/02/2015 12:52:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3148

Start Time: 01d0e5a76a083166

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 5e4d94a3-519b-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (09/02/2015 12:48:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17667, time stamp: 0x54c6f7c2
Faulting module name: QtCore_Ad_SyncNs_4.dll_unloaded, version: 4.8.2.0, time stamp: 0x50d3fca7
Exception code: 0xc0000005
Fault offset: 0x00000000000265fe
Faulting process id: 0x2124
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5

Error: (09/02/2015 10:35:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 30a0

Start Time: 01d0e5944fee60ee

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 4389b3e3-5188-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (09/02/2015 10:35:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 36d8

Start Time: 01d0e5944fddb041

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 437e94bf-5188-11e5-bf43-d4c9ef7aa5d6

Faulting package full name: 12199Asparion.AsparionClock_4.0.1.64_neutral__f89vgcf3qm37t

Faulting package-relative application ID: App

System errors:
=============
Error: (09/02/2015 03:26:01 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer ANDREWSPC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A9B0C7B0-17A6-4344-8D90-419623D0E56D}.
The master browser is stopping or an election is being forced.

Error: (09/02/2015 03:24:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:39 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:37 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 03:24:35 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

Error: (09/02/2015 12:07:29 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer ANDREWSPC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A9B0C7B0-17A6-4344-8D90-419623D0E56D}.
The master browser is stopping or an election is being forced.

Microsoft Office:
=========================
Error: (08/30/2013 07:11:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1155 seconds with 240 seconds of active time. This session ended with a crash.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3740QM CPU @ 2.70GHz
Percentage of memory in use: 51%
Total physical RAM: 8081.27 MB
Available physical RAM: 3924.92 MB
Total Virtual: 16273.27 MB
Available Virtual: 10732.87 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:671.64 GB) (Free:95.32 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:25.88 GB) (Free:2.57 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive z: () (Network) (Total:40960 GB) (Free:7278.54 GB)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 1E1F4777)

Partition: GPT.

==================== End of Addition.txt ============================

Here is the aswMBR scan:

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-09-02 16:10:52
-----------------------------
16:10:52.893 OS Version: Windows x64 6.2.9200
16:10:52.893 Number of processors: 8 586 0x3A09
16:10:52.895 ComputerName: ADAMSPC UserName: Adam
16:10:54.916 Initialize success
16:10:54.919 VM: initialized successfully
16:10:54.921 VM: Intel CPU BiosDisabled
16:10:57.961 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003b
16:10:57.967 Disk 0 Vendor: HGST_HTS541075A9E680 JA2OA590 Size: 715404MB BusType: 11
16:10:58.134 Disk 0 MBR read successfully
16:10:58.138 Disk 0 MBR scan
16:10:58.142 Disk 0 unknown MBR code
16:10:58.146 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
16:10:58.306 Disk 0 scanning C:\WINDOWS\system32\drivers
16:11:32.487 Service scanning
16:12:26.505 Modules scanning
16:12:26.518 Disk 0 trace - called modules:
16:12:26.549 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys storport.sys hal.dll iaStorA.sys
16:12:26.557 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe0018867c770]
16:12:26.897 3 CLASSPNP.SYS[fffff80177aea170] -> nt!IofCallDriver -> [0xffffe0018867c040]
16:12:26.906 5 hpdskflt.sys[fffff8017769142b] -> nt!IofCallDriver -> \Device\0000003b[0xffffe00186bf97f0]
16:12:26.914 Disk 0 statistics 126677/0/0 @ 1.83 MB/s
16:12:26.922 Scan finished successfully
16:13:43.074 Disk 0 MBR has been saved successfully to "C:\Users\Adam\Desktop\MBR.dat"
16:13:43.086 The log file has been saved successfully to "C:\Users\Adam\Desktop\aswMBR.txt"

↧

Need help with spybot+ scan never ends then freezes computer

September 3, 2015, 11:12 am

≫ Next: tradeadxchange.com Removal

≪ Previous: Computer running slower than normal when using CPU intensive programs

We have had the free version for a month or so and decided to purchase the full version. Since then it just hasn't worked. Now the computer freezes up, spybot is "not responding" and when I can get it to start a scan it gets to 100% and keeps going for about 30 minutes and starts over automatically and then the numbers stop at 4.7% every time. I couldn't get it to run while the computer was in safe mode. If someone can offer some advice I'd really appreciate it. And also, the update service says stopped. What's going on?

↧

tradeadxchange.com Removal

September 3, 2015, 3:13 pm

≫ Next: Spybot updater is very, very broken

≪ Previous: Need help with spybot+ scan never ends then freezes computer

It seems that Spybot can't detect or remove this tradeadexchange.

It redirect clicking a link in a browser.

A text I found at ~~(http://easyviruskilling.com/remove-tradeadexchange-com-redirect-virus-tradeadexchange-com-removal-guide/)~~
"Every so often when i click somewhere in chrome that would update something, like unpausing a video on yt or clicking a link, it will open a new tab that redirects to a page, usually online casinos and it always goes through a website called tradeadexchange.com.I have scanned my computer for viruses, both quick scans and full system and it hasnt found anything, have also scanned my browser addons, found nothing, and looked through my plugins and extensions and didnt find anything that shouldnt be there.What could this be and how can i solve it?"

Hope SPYBOT can create a fix, as the step by step described at above link is way too complicated for me.

Best regards,

↧

Spybot updater is very, very broken

September 3, 2015, 4:39 pm

≫ Next: Persistent Malware - Spybot the only one who dares to combat them

≪ Previous: tradeadxchange.com Removal

I've been a passive user of the free version of Spybot S&D since the Windows XP days. Just install it, forget about it, then update and run it once in a while. Over the past few years, though, since moving to Windows 7 and now Windows 10, I've noticed that the updater has gotten progressively worse. It's finally to the point where I need to seek a solution to the issues I'm facing or abandon Spybot altogether.

The first issue is that the updater takes a very long time to update. Not too big an issue, there are a lot of files, and it's the free version. But it does take at least three hours, and I'm on a 30mbps download connection, which gets horribly bogged down while it's updating. The updater also fails to download probably a quarter of the files it says are necessary to update. The latest problem is that, if I leave it running, I come back to hundreds of error messages that say things like "Thread creation error: Not enough storage for command" and "Out of memory". These errors appear while Spybot is idle, just sitting there. I was running Windows 7 x64 on version 2.4 of Spybot, and now I'm on a clean install of Windows 10 x64 and running the 2.5.43 version of Spybot that I just installed last night (I tried updating again overnight and got the same errors).

Here's an image of the errors:

And here's the latest update log:

Quote:

[00:00.000] [i] Update started...
[00:00.000] [+] Updating Service is active.
[00:00.000] [.] Trying to retrieve update info file from http://updates1.safer-networking.org/spybotsd2.uid...
[00:00.344] [+] Retrieved update info file.
[00:00.703] [.] Info file part done.
[00:00.828] [+] X509White.sbs is missing and will be installed (version 20130306).
[00:00.828] [+] WelcomeLinks.sbs is missing and will be installed (version 20130618).
[00:00.828] [+] TTLASSH.sbs is missing and will be installed (version 20080624).
[00:00.828] [+] Trojans-ZL-000.sbi is missing and will be installed (version 20140115).
[00:00.828] [+] Trojans-ZB-000.sbi is missing and will be installed (version 20140115).
[00:00.828] [+] Trojans-VM-024.sbi is missing and will be installed (version 20140115).
[00:00.828] [+] Trojans-VM-023.sbi is missing and will be installed (version 20140115).
[00:00.828] [+] Trojans-VM-022.sbi is missing and will be installed (version 20140115).
[00:00.828] [+] Trojans-VM-021.sbi is missing and will be installed (version 20140115).
[00:00.828] [+] Trojans-VM-020.sbi is missing and will be installed (version 20140115).
[00:00.828] [+] Trojans-VM-019.sbi is missing and will be installed (version 20140115).
[00:00.828] [+] Trojans-VM-018.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-017.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-016.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-015.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-014.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-013.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-012.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-011.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-010.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-009.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-008.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-007.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-006.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-005.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-004.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-003.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-002.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-001.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-VM-000.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-TD-000.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] Trojans-OG-000.sbi is missing and will be installed (version 20140115).
[00:00.843] [+] TrojansC-05.sbi is missing and will be installed (version 20140116).
[00:00.859] [+] TrojansC-04.sbi is missing and will be installed (version 20140116).
[00:00.859] [+] TrojansC-03.sbi is missing and will be installed (version 20140116).
[00:00.859] [+] TrojansC-02.sbi is missing and will be installed (version 20140116).
[00:00.859] [+] TrojansC-01.sbi is missing and will be installed (version 20140116).
[00:00.859] [+] Trojans-C.sbi is missing and will be installed (version 20150902).
[00:00.859] [+] TrojansC.sbi is missing and will be installed (version 20140109).
[00:00.859] [+] Trojans-009.sbi is missing and will be installed (version 20140709).
[00:00.859] [+] Trojans-008.sbi is missing and will be installed (version 20140709).
[00:00.859] [+] Trojans-007.sbi is missing and will be installed (version 20140115).
[00:00.859] [+] Trojans-006.sbi is missing and will be installed (version 20150331).
[00:00.859] [+] Trojans-005.sbi is missing and will be installed (version 20140319).
[00:00.859] [+] Trojans-004.sbi is missing and will be installed (version 20140115).
[00:00.859] [+] Trojans-003.sbi is missing and will be installed (version 20140115).
[00:00.859] [+] Trojans-002.sbi is missing and will be installed (version 20141114).
[00:00.859] [+] Trojans-001.sbi is missing and will be installed (version 20140115).
[00:00.859] [+] Trojans-000.sbi is missing and will be installed (version 20140115).
[00:00.859] [+] Trojans.sbi is missing and will be installed (version 20140109).
[00:00.859] [+] Tracks.uti is missing and will be installed (version 20121119).
[00:00.859] [+] Tracks.sbi is missing and will be installed (version 20110607).
[00:00.875] [+] Spyware-C.sbi is missing and will be installed (version 20150812).
[00:00.875] [+] SpywareC.sbi is missing and will be installed (version 20140121).
[00:00.875] [+] Spyware-001.sbi is missing and will be installed (version 20150506).
[00:00.875] [+] Spyware-000.sbi is missing and will be installed (version 20141114).
[00:00.875] [+] Spyware.sbi is missing and will be installed (version 20140121).
[00:00.875] [+] spybotsd2-windows-upgrade-installer.exe is missing and will be installed (version 1.4.0.0).
[00:00.875] [+] spybotsd2-translation-ukx.exe is missing and will be installed (version 20141105).
[00:00.875] [+] spybotsd2-translation-hux2.exe is missing and will be installed (version 20140825).
[00:00.875] [+] spybotsd2-translation-hrx.exe is missing and will be installed (version 20150325).
[00:00.875] [+] spybotsd2-translation-frx.exe is missing and will be installed (version 20130619).
[00:00.875] [+] spybotsd2-translation-esx.exe is missing and will be installed (version 20140731).
[00:00.875] [+] Services.sbs is missing and will be installed (version 20110301).
[00:00.875] [+] Security-C.sbi is missing and will be installed (version 20140108).
[00:00.875] [+] SecurityC.sbi is missing and will be installed (version 20140121).
[00:00.875] [+] Security-000.sbi is missing and will be installed (version 20140108).
[00:00.875] [+] Security.sbi is missing and will be installed (version 20140121).
[00:00.890] [+] SDDisableProxy.exe is missing and will be installed (version 20130618).
[00:00.890] [+] RegXLinks.sbs is missing and will be installed (version 20090508).
[00:00.890] [+] RegWatch.sbs is missing and will be installed (version 20110211).
[00:00.890] [+] RegDFLinks.sbs is missing and will be installed (version 20070223).
[00:00.890] [+] PUPS-C.sbi is missing and will be installed (version 20150902).
[00:00.906] [+] PUPSC.sbi is missing and will be installed (version 20140107).
[00:00.906] [+] PUPS-002.sbi is missing and will be installed (version 20140115).
[00:00.906] [+] PUPS-001.sbi is missing and will be installed (version 20140115).
[00:00.906] [+] PUPS-000.sbi is missing and will be installed (version 20141114).
[00:00.906] [+] PUPS.sbi is missing and will be installed (version 20121114).
[00:00.906] [+] PosOS.sbs is missing and will be installed (version 20090121).
[00:00.906] [+] OperaPlugins.sbs is missing and will be installed (version 20080219).
[00:00.906] [+] Malware-C.sbi is missing and will be installed (version 20150902).
[00:00.906] [+] MalwareC.sbi is missing and will be installed (version 20131223).
[00:00.906] [+] Malware-007.sbi is missing and will be installed (version 20140109).
[00:00.906] [+] Malware-006.sbi is missing and will be installed (version 20140226).
[00:00.906] [+] Malware-005.sbi is missing and will be installed (version 20141114).
[00:00.906] [+] Malware-004.sbi is missing and will be installed (version 20141114).
[00:00.906] [+] Malware-003.sbi is missing and will be installed (version 20141114).
[00:00.906] [+] Malware-002.sbi is missing and will be installed (version 20141114).
[00:00.906] [+] Malware-001.sbi is missing and will be installed (version 20141114).
[00:00.906] [+] Malware-000.sbi is missing and will be installed (version 20141114).
[00:00.906] [+] Malware.sbi is missing and will be installed (version 20140113).
[00:00.906] [+] LASSHes.sbs is missing and will be installed (version 20080615).
[00:00.906] [+] Keyloggers-C.sbi is missing and will be installed (version 20140924).
[00:00.922] [+] KeyloggersC.sbi is missing and will be installed (version 20140113).
[00:00.922] [+] Keyloggers-000.sbi is missing and will be installed (version 20141114).
[00:00.922] [+] Keyloggers.sbi is missing and will be installed (version 20140113).
[00:00.922] [+] iPhone-000.sbi is missing and will be installed (version 20140108).
[00:00.922] [+] iPhone.sbi is missing and will be installed (version 20140108).
[00:00.922] [+] Hijackers-C.sbi is missing and will be installed (version 20140108).
[00:00.922] [+] HijackersC.sbi is missing and will be installed (version 20140113).
[00:00.922] [+] Hijackers-001.sbi is missing and will be installed (version 20141114).
[00:00.922] [+] Hijackers-000.sbi is missing and will be installed (version 20141114).
[00:00.922] [+] Hijackers.sbi is missing and will be installed (version 20140113).
[00:00.922] [+] HeavyDuty.sbi is missing and will be installed (version 20121114).
[00:00.922] [+] GoodBankScripts.sbs is missing and will be installed (version 20130527).
[00:00.922] [+] GoodBanks.sbs is missing and will be installed (version 20111115).
[00:00.922] [+] Fraud-003.sbi is missing and will be installed (version 20140109).
[00:00.922] [+] Fraud-002.sbi is missing and will be installed (version 20140331).
[00:00.922] [+] Fraud-001.sbi is missing and will be installed (version 20140109).
[00:00.922] [+] Fraud-000.sbi is missing and will be installed (version 20140109).
[00:00.922] [+] Domains.sbs (version 20140127) needs to be updated (to version 20141119).
[00:00.937] [+] Dialer-C.sbi is missing and will be installed (version 20150729).
[00:00.937] [+] DialerC.sbi is missing and will be installed (version 20140113).
[00:00.937] [+] Dialer-001.sbi is missing and will be installed (version 20141114).
[00:00.937] [+] Dialer-000.sbi is missing and will be installed (version 20141114).
[00:00.937] [+] Dialer.sbi is missing and will be installed (version 20140113).
[00:00.937] [+] CLSIDs.sbs is missing and will be installed (version 20110301).
[00:00.937] [+] Browserpages.sbs is missing and will be installed (version 20061205).
[00:00.937] [+] Adware-C.sbi is missing and will be installed (version 20150902).
[00:00.937] [+] AdwareC.sbi is missing and will be installed (version 20140113).
[00:00.937] [+] Adware-001.sbi is missing and will be installed (version 20150805).
[00:00.937] [+] Adware-000.sbi is missing and will be installed (version 20150422).
[00:00.937] [+] Adware.sbi is missing and will be installed (version 20140113).
[00:00.937] [+] AdvWhite.sbs is missing and will be installed (version 20101129).
[00:00.953] [.] Downloading updates...
[00:00.953] [+] File "AdvWhite.sbs" needs to be downloaded.
[00:22.828] [+] Unable to download archive "AdvWhite.sbs-20101129.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[00:23.250] [+] Downloaded archive "AdvWhite.sbs-20101129.cab" from http://filehorse.spybot-updates.com/updates/spybot2/.
[00:23.250] [+] Extracted "AdvWhite.sbs-20101129.cab"!
[00:23.265] [+] Installed "AdvWhite.sbs".
[00:23.265] [+] File "Adware.sbi" needs to be downloaded.
[00:44.297] [+] Unable to download archive "Adware.sbi-20140113.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[01:05.312] [+] Unable to download archive "Adware.sbi-20140113.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[01:26.359] [+] Unable to download archive "Adware.sbi-20140113.cab" from http://updates4.safer-networking.org/spybot2/!
[01:26.359] [+] File "Adware-000.sbi" needs to be downloaded.
[01:47.375] [+] Unable to download archive "Adware-000.sbi-20150422.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[02:08.551] [+] Unable to download archive "Adware-000.sbi-20150422.cab" from http://nervion.us.es/updates/spybot2files/!
[02:29.613] [+] Unable to download archive "Adware-000.sbi-20150422.cab" from http://spybotdbs.com/updates/spybot2/!
[02:29.613] [+] File "Adware-001.sbi" needs to be downloaded.
[02:50.629] [+] Unable to download archive "Adware-001.sbi-20150805.cab" from http://spybot.computerfixertools.com/spybot2/!
[03:11.629] [+] Unable to download archive "Adware-001.sbi-20150805.cab" from http://nervion.us.es/updates/spybot2files/!
[03:32.754] [+] Unable to download archive "Adware-001.sbi-20150805.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[03:32.754] [+] File "AdwareC.sbi" needs to be downloaded.
[03:54.051] [+] Unable to download archive "AdwareC.sbi-20140113.cab" from http://safernet.mirrors.cu.be/spybot2/!
[04:15.223] [+] Unable to download archive "AdwareC.sbi-20140113.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[04:36.254] [+] Unable to download archive "AdwareC.sbi-20140113.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[04:36.254] [+] File "Adware-C.sbi" needs to be downloaded.
[04:57.301] [+] Unable to download archive "Adware-C.sbi-20150902.cab" from http://spybot.computerfixertools.com/spybot2/!
[05:18.317] [+] Unable to download archive "Adware-C.sbi-20150902.cab" from http://spybotdbs.com/updates/spybot2/!
[05:39.348] [+] Unable to download archive "Adware-C.sbi-20150902.cab" from http://nervion.us.es/updates/spybot2files/!
[05:39.348] [+] File "Browserpages.sbs" needs to be downloaded.
[06:00.426] [+] Unable to download archive "Browserpages.sbs-20061205.cab" from http://www.spybotupdates.com/updates/spybot2/!
[06:21.442] [+] Unable to download archive "Browserpages.sbs-20061205.cab" from http://nervion.us.es/updates/spybot2files/!
[06:42.473] [+] Unable to download archive "Browserpages.sbs-20061205.cab" from http://nervion.us.es/updates/spybot2files/!
[06:42.473] [+] File "CLSIDs.sbs" needs to be downloaded.
[07:03.473] [+] Unable to download archive "CLSIDs.sbs-20110301.cab" from http://www.spybotupdates.com/updates/spybot2/!
[07:24.505] [+] Unable to download archive "CLSIDs.sbs-20110301.cab" from http://nervion.us.es/updates/spybot2files/!
[07:45.527] [+] Unable to download archive "CLSIDs.sbs-20110301.cab" from http://safernet.mirrors.cu.be/spybot2/!
[07:45.527] [+] File "Dialer.sbi" needs to be downloaded.
[08:06.543] [+] Unable to download archive "Dialer.sbi-20140113.cab" from http://nervion.us.es/updates/spybot2files/!
[08:27.575] [+] Unable to download archive "Dialer.sbi-20140113.cab" from http://spybot.computerfixertools.com/spybot2/!
[08:48.621] [+] Unable to download archive "Dialer.sbi-20140113.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[08:48.621] [+] File "Dialer-000.sbi" needs to be downloaded.
[09:09.637] [+] Unable to download archive "Dialer-000.sbi-20141114.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[09:30.637] [+] Unable to download archive "Dialer-000.sbi-20141114.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[09:51.684] [+] Unable to download archive "Dialer-000.sbi-20141114.cab" from http://www.spybotupdates.com/updates/spybot2/!
[09:51.684] [+] File "Dialer-001.sbi" needs to be downloaded.
[10:12.700] [+] Unable to download archive "Dialer-001.sbi-20141114.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[10:33.715] [+] Unable to download archive "Dialer-001.sbi-20141114.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[10:54.762] [+] Unable to download archive "Dialer-001.sbi-20141114.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[10:54.762] [+] File "DialerC.sbi" needs to be downloaded.
[11:15.809] [+] Unable to download archive "DialerC.sbi-20140113.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[11:36.856] [+] Unable to download archive "DialerC.sbi-20140113.cab" from http://updates4.safer-networking.org/spybot2/!
[11:57.887] [+] Unable to download archive "DialerC.sbi-20140113.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[11:57.887] [+] File "Dialer-C.sbi" needs to be downloaded.
[12:18.903] [+] Unable to download archive "Dialer-C.sbi-20150729.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[12:39.934] [+] Unable to download archive "Dialer-C.sbi-20150729.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[13:00.934] [+] Unable to download archive "Dialer-C.sbi-20150729.cab" from http://www.spybotupdates.com/updates/spybot2/!
[13:00.934] [+] File "Domains.sbs" needs to be downloaded.
[13:21.950] [+] Unable to download archive "Domains.sbs-20141119.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[13:42.981] [+] Unable to download archive "Domains.sbs-20141119.cab" from http://spybotdbs.com/updates/spybot2/!
[14:03.997] [+] Unable to download archive "Domains.sbs-20141119.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[14:03.997] [+] File "Fraud-000.sbi" needs to be downloaded.
[14:25.028] [+] Unable to download archive "Fraud-000.sbi-20140109.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[14:46.044] [+] Unable to download archive "Fraud-000.sbi-20140109.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[15:07.075] [+] Unable to download archive "Fraud-000.sbi-20140109.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[15:07.075] [+] File "Fraud-001.sbi" needs to be downloaded.
[15:28.122] [+] Unable to download archive "Fraud-001.sbi-20140109.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[15:49.169] [+] Unable to download archive "Fraud-001.sbi-20140109.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[16:10.200] [+] Unable to download archive "Fraud-001.sbi-20140109.cab" from http://updates4.safer-networking.org/spybot2/!
[16:10.200] [+] File "Fraud-002.sbi" needs to be downloaded.
[16:31.232] [+] Unable to download archive "Fraud-002.sbi-20140331.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[16:52.247] [+] Unable to download archive "Fraud-002.sbi-20140331.cab" from http://safernet.mirrors.cu.be/spybot2/!
[17:13.280] [+] Unable to download archive "Fraud-002.sbi-20140331.cab" from http://spybot.computerfixertools.com/spybot2/!
[17:13.280] [+] File "Fraud-003.sbi" needs to be downloaded.
[17:34.296] [+] Unable to download archive "Fraud-003.sbi-20140109.cab" from http://nervion.us.es/updates/spybot2files/!
[17:55.312] [+] Unable to download archive "Fraud-003.sbi-20140109.cab" from http://safernet.mirrors.cu.be/spybot2/!
[18:16.327] [+] Unable to download archive "Fraud-003.sbi-20140109.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[18:16.327] [+] File "GoodBanks.sbs" needs to be downloaded.
[18:37.374] [+] Unable to download archive "GoodBanks.sbs-20111115.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[18:58.421] [+] Unable to download archive "GoodBanks.sbs-20111115.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[19:19.452] [+] Unable to download archive "GoodBanks.sbs-20111115.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[19:19.452] [+] File "GoodBankScripts.sbs" needs to be downloaded.
[19:40.484] [+] Unable to download archive "GoodBankScripts.sbs-20130527.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[20:01.499] [+] Unable to download archive "GoodBankScripts.sbs-20130527.cab" from http://safernet.mirrors.cu.be/spybot2/!
[20:22.546] [+] Unable to download archive "GoodBankScripts.sbs-20130527.cab" from http://safernet.mirrors.cu.be/spybot2/!
[20:22.546] [+] File "HeavyDuty.sbi" needs to be downloaded.
[20:43.562] [+] Unable to download archive "HeavyDuty.sbi-20121114.cab" from http://spybot.computerfixertools.com/spybot2/!
[21:04.609] [+] Unable to download archive "HeavyDuty.sbi-20121114.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[21:25.656] [+] Unable to download archive "HeavyDuty.sbi-20121114.cab" from http://spybot.computerfixertools.com/spybot2/!
[21:25.656] [+] File "Hijackers.sbi" needs to be downloaded.
[21:46.718] [+] Unable to download archive "Hijackers.sbi-20140113.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[22:07.734] [+] Unable to download archive "Hijackers.sbi-20140113.cab" from http://spybotdbs.com/updates/spybot2/!
[22:28.765] [+] Unable to download archive "Hijackers.sbi-20140113.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[22:28.765] [+] File "Hijackers-000.sbi" needs to be downloaded.
[22:49.797] [+] Unable to download archive "Hijackers-000.sbi-20141114.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[23:10.812] [+] Unable to download archive "Hijackers-000.sbi-20141114.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[23:31.828] [+] Unable to download archive "Hijackers-000.sbi-20141114.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[23:31.828] [+] File "Hijackers-001.sbi" needs to be downloaded.
[23:52.875] [+] Unable to download archive "Hijackers-001.sbi-20141114.cab" from http://spybot.computerfixertools.com/spybot2/!
[24:13.890] [+] Unable to download archive "Hijackers-001.sbi-20141114.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[24:34.906] [+] Unable to download archive "Hijackers-001.sbi-20141114.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[24:34.906] [+] File "HijackersC.sbi" needs to be downloaded.
[24:55.906] [+] Unable to download archive "HijackersC.sbi-20140113.cab" from http://spybot.computerfixertools.com/spybot2/!
[25:16.937] [+] Unable to download archive "HijackersC.sbi-20140113.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[25:37.984] [+] Unable to download archive "HijackersC.sbi-20140113.cab" from http://www.spybotupdates.com/updates/spybot2/!
[25:37.984] [+] File "Hijackers-C.sbi" needs to be downloaded.
[25:59.000] [+] Unable to download archive "Hijackers-C.sbi-20140108.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[26:20.031] [+] Unable to download archive "Hijackers-C.sbi-20140108.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[26:41.047] [+] Unable to download archive "Hijackers-C.sbi-20140108.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[26:41.047] [+] File "iPhone.sbi" needs to be downloaded.
[27:02.094] [+] Unable to download archive "iPhone.sbi-20140108.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[27:23.125] [+] Unable to download archive "iPhone.sbi-20140108.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[27:44.156] [+] Unable to download archive "iPhone.sbi-20140108.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[27:44.156] [+] File "iPhone-000.sbi" needs to be downloaded.
[28:05.188] [+] Unable to download archive "iPhone-000.sbi-20140108.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[28:26.203] [+] Unable to download archive "iPhone-000.sbi-20140108.cab" from http://www.spybotupdates.com/updates/spybot2/!
[28:47.250] [+] Unable to download archive "iPhone-000.sbi-20140108.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[28:47.250] [+] File "Keyloggers.sbi" needs to be downloaded.
[29:08.297] [+] Unable to download archive "Keyloggers.sbi-20140113.cab" from http://spybotdbs.com/updates/spybot2/!
[29:29.344] [+] Unable to download archive "Keyloggers.sbi-20140113.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[29:50.375] [+] Unable to download archive "Keyloggers.sbi-20140113.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[29:50.375] [+] File "Keyloggers-000.sbi" needs to be downloaded.
[30:11.422] [+] Unable to download archive "Keyloggers-000.sbi-20141114.cab" from http://spybot.computerfixertools.com/spybot2/!
[30:32.438] [+] Unable to download archive "Keyloggers-000.sbi-20141114.cab" from http://www.spybotupdates.com/updates/spybot2/!
[30:53.469] [+] Unable to download archive "Keyloggers-000.sbi-20141114.cab" from http://spybotdbs.com/updates/spybot2/!
[30:53.469] [+] File "KeyloggersC.sbi" needs to be downloaded.
[31:14.469] [+] Unable to download archive "KeyloggersC.sbi-20140113.cab" from http://spybot.computerfixertools.com/spybot2/!
[31:35.469] [+] Unable to download archive "KeyloggersC.sbi-20140113.cab" from http://nervion.us.es/updates/spybot2files/!
[31:56.501] [+] Unable to download archive "KeyloggersC.sbi-20140113.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[31:56.501] [+] File "Keyloggers-C.sbi" needs to be downloaded.
[32:17.516] [+] Unable to download archive "Keyloggers-C.sbi-20140924.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[32:38.516] [+] Unable to download archive "Keyloggers-C.sbi-20140924.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[32:59.563] [+] Unable to download archive "Keyloggers-C.sbi-20140924.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[32:59.563] [+] File "LASSHes.sbs" needs to be downloaded.
[33:20.626] [+] Unable to download archive "LASSHes.sbs-20080615.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[33:41.673] [+] Unable to download archive "LASSHes.sbs-20080615.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[34:02.688] [+] Unable to download archive "LASSHes.sbs-20080615.cab" from http://spybotdbs.com/updates/spybot2/!
[34:02.688] [+] File "Malware.sbi" needs to be downloaded.
[34:23.720] [+] Unable to download archive "Malware.sbi-20140113.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[34:44.735] [+] Unable to download archive "Malware.sbi-20140113.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[35:05.751] [+] Unable to download archive "Malware.sbi-20140113.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[35:05.751] [+] File "Malware-000.sbi" needs to be downloaded.
[35:26.782] [+] Unable to download archive "Malware-000.sbi-20141114.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[35:47.798] [+] Unable to download archive "Malware-000.sbi-20141114.cab" from http://spybot.computerfixertools.com/spybot2/!
[36:08.829] [+] Unable to download archive "Malware-000.sbi-20141114.cab" from http://updates4.safer-networking.org/spybot2/!
[36:08.829] [+] File "Malware-001.sbi" needs to be downloaded.
[36:29.876] [+] Unable to download archive "Malware-001.sbi-20141114.cab" from http://www.spybotupdates.com/updates/spybot2/!
[36:50.923] [+] Unable to download archive "Malware-001.sbi-20141114.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[37:11.923] [+] Unable to download archive "Malware-001.sbi-20141114.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[37:11.923] [+] File "Malware-002.sbi" needs to be downloaded.
[37:32.923] [+] Unable to download archive "Malware-002.sbi-20141114.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[37:53.939] [+] Unable to download archive "Malware-002.sbi-20141114.cab" from http://safernet.mirrors.cu.be/spybot2/!
[38:14.986] [+] Unable to download archive "Malware-002.sbi-20141114.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[38:14.986] [+] File "Malware-003.sbi" needs to be downloaded.
[38:36.033] [+] Unable to download archive "Malware-003.sbi-20141114.cab" from http://www.spybotupdates.com/updates/spybot2/!
[38:57.048] [+] Unable to download archive "Malware-003.sbi-20141114.cab" from http://spybot.computerfixertools.com/spybot2/!
[39:18.080] [+] Unable to download archive "Malware-003.sbi-20141114.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[39:18.080] [+] File "Malware-004.sbi" needs to be downloaded.
[39:39.095] [+] Unable to download archive "Malware-004.sbi-20141114.cab" from http://nervion.us.es/updates/spybot2files/!
[40:00.127] [+] Unable to download archive "Malware-004.sbi-20141114.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[40:21.142] [+] Unable to download archive "Malware-004.sbi-20141114.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[40:21.142] [+] File "Malware-005.sbi" needs to be downloaded.
[40:42.174] [+] Unable to download archive "Malware-005.sbi-20141114.cab" from http://spybotdbs.com/updates/spybot2/!
[41:03.205] [+] Unable to download archive "Malware-005.sbi-20141114.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[41:24.236] [+] Unable to download archive "Malware-005.sbi-20141114.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[41:24.236] [+] File "Malware-006.sbi" needs to be downloaded.
[41:45.267] [+] Unable to download archive "Malware-006.sbi-20140226.cab" from http://spybotdbs.com/updates/spybot2/!
[42:06.299] [+] Unable to download archive "Malware-006.sbi-20140226.cab" from http://spybot.computerfixertools.com/spybot2/!
[42:27.314] [+] Unable to download archive "Malware-006.sbi-20140226.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[42:27.314] [+] File "Malware-007.sbi" needs to be downloaded.
[42:48.361] [+] Unable to download archive "Malware-007.sbi-20140109.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[43:09.377] [+] Unable to download archive "Malware-007.sbi-20140109.cab" from http://safernet.mirrors.cu.be/spybot2/!
[43:30.533] [+] Unable to download archive "Malware-007.sbi-20140109.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[43:30.533] [+] File "MalwareC.sbi" needs to be downloaded.
[43:51.549] [+] Unable to download archive "MalwareC.sbi-20131223.cab" from http://spybotdbs.com/updates/spybot2/!
[44:12.580] [+] Unable to download archive "MalwareC.sbi-20131223.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[44:33.627] [+] Unable to download archive "MalwareC.sbi-20131223.cab" from http://safernet.mirrors.cu.be/spybot2/!
[44:33.627] [+] File "Malware-C.sbi" needs to be downloaded.
[44:54.674] [+] Unable to download archive "Malware-C.sbi-20150902.cab" from http://nervion.us.es/updates/spybot2files/!
[45:15.705] [+] Unable to download archive "Malware-C.sbi-20150902.cab" from http://spybotdbs.com/updates/spybot2/!
[45:36.737] [+] Unable to download archive "Malware-C.sbi-20150902.cab" from http://www.spybotupdates.com/updates/spybot2/!
[45:36.737] [+] File "OperaPlugins.sbs" needs to be downloaded.
[45:57.752] [+] Unable to download archive "OperaPlugins.sbs-20080219.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[46:18.752] [+] Unable to download archive "OperaPlugins.sbs-20080219.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[46:39.799] [+] Unable to download archive "OperaPlugins.sbs-20080219.cab" from http://spybotdbs.com/updates/spybot2/!
[46:39.799] [+] File "PosOS.sbs" needs to be downloaded.
[47:00.846] [+] Unable to download archive "PosOS.sbs-20090121.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[47:21.878] [+] Unable to download archive "PosOS.sbs-20090121.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[47:42.909] [+] Unable to download archive "PosOS.sbs-20090121.cab" from http://updates4.safer-networking.org/spybot2/!
[47:42.909] [+] File "PUPS.sbi" needs to be downloaded.
[48:03.924] [+] Unable to download archive "PUPS.sbi-20121114.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[48:24.971] [+] Unable to download archive "PUPS.sbi-20121114.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[48:46.018] [+] Unable to download archive "PUPS.sbi-20121114.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[48:46.018] [+] File "PUPS-000.sbi" needs to be downloaded.
[49:07.049] [+] Unable to download archive "PUPS-000.sbi-20141114.cab" from http://updates4.safer-networking.org/spybot2/!
[49:28.065] [+] Unable to download archive "PUPS-000.sbi-20141114.cab" from http://www.spybotupdates.com/updates/spybot2/!
[49:49.065] [+] Unable to download archive "PUPS-000.sbi-20141114.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[49:49.065] [+] File "PUPS-001.sbi" needs to be downloaded.
[50:10.096] [+] Unable to download archive "PUPS-001.sbi-20140115.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[50:31.128] [+] Unable to download archive "PUPS-001.sbi-20140115.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[50:52.143] [+] Unable to download archive "PUPS-001.sbi-20140115.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[50:52.143] [+] File "PUPS-002.sbi" needs to be downloaded.
[51:13.143] [+] Unable to download archive "PUPS-002.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[51:34.175] [+] Unable to download archive "PUPS-002.sbi-20140115.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[51:55.190] [+] Unable to download archive "PUPS-002.sbi-20140115.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[51:55.190] [+] File "PUPSC.sbi" needs to be downloaded.
[52:16.222] [+] Unable to download archive "PUPSC.sbi-20140107.cab" from http://nervion.us.es/updates/spybot2files/!
[52:37.237] [+] Unable to download archive "PUPSC.sbi-20140107.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[52:58.253] [+] Unable to download archive "PUPSC.sbi-20140107.cab" from http://safernet.mirrors.cu.be/spybot2/!
[52:58.253] [+] File "PUPS-C.sbi" needs to be downloaded.
[53:19.253] [+] Unable to download archive "PUPS-C.sbi-20150902.cab" from http://spybot.computerfixertools.com/spybot2/!
[53:40.284] [+] Unable to download archive "PUPS-C.sbi-20150902.cab" from http://spybot.computerfixertools.com/spybot2/!
[54:01.300] [+] Unable to download archive "PUPS-C.sbi-20150902.cab" from http://nervion.us.es/updates/spybot2files/!
[54:01.300] [+] File "RegDFLinks.sbs" needs to be downloaded.
[54:22.331] [+] Unable to download archive "RegDFLinks.sbs-20070223.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[54:43.347] [+] Unable to download archive "RegDFLinks.sbs-20070223.cab" from http://spybotdbs.com/updates/spybot2/!
[55:04.378] [+] Unable to download archive "RegDFLinks.sbs-20070223.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[55:04.378] [+] File "RegWatch.sbs" needs to be downloaded.
[55:25.378] [+] Unable to download archive "RegWatch.sbs-20110211.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[55:46.409] [+] Unable to download archive "RegWatch.sbs-20110211.cab" from http://spybot.computerfixertools.com/spybot2/!
[56:07.441] [+] Unable to download archive "RegWatch.sbs-20110211.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[56:07.441] [+] File "RegXLinks.sbs" needs to be downloaded.
[56:28.456] [+] Unable to download archive "RegXLinks.sbs-20090508.cab" from http://safernet.mirrors.cu.be/spybot2/!
[56:49.503] [+] Unable to download archive "RegXLinks.sbs-20090508.cab" from http://nervion.us.es/updates/spybot2files/!
[57:10.503] [+] Unable to download archive "RegXLinks.sbs-20090508.cab" from http://updates4.safer-networking.org/spybot2/!
[57:10.503] [+] File "SDDisableProxy.exe" needs to be downloaded.
[57:31.535] [+] Unable to download archive "SDDisableProxy.exe-20130618.lzs" from http://nervion.us.es/updates/spybot2files/!
[57:52.550] [+] Unable to download archive "SDDisableProxy.exe-20130618.lzs" from http://spybot.bluehamster.com.au/spybot2files/!
[58:13.597] [+] Unable to download archive "SDDisableProxy.exe-20130618.lzs" from http://www.spybotupdates.biz/updates/spybot2/!
[58:13.597] [+] File "Security.sbi" needs to be downloaded.
[58:34.628] [+] Unable to download archive "Security.sbi-20140121.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[58:55.644] [+] Unable to download archive "Security.sbi-20140121.cab" from http://nervion.us.es/updates/spybot2files/!
[59:16.675] [+] Unable to download archive "Security.sbi-20140121.cab" from http://spybot.computerfixertools.com/spybot2/!
[59:16.675] [+] File "Security-000.sbi" needs to be downloaded.
[59:37.722] [+] Unable to download archive "Security-000.sbi-20140108.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[59:58.769] [+] Unable to download archive "Security-000.sbi-20140108.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[00:19.769] [+] Unable to download archive "Security-000.sbi-20140108.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[00:19.769] [+] File "SecurityC.sbi" needs to be downloaded.
[00:40.800] [+] Unable to download archive "SecurityC.sbi-20140121.cab" from http://spybot.computerfixertools.com/spybot2/!
[01:01.941] [+] Unable to download archive "SecurityC.sbi-20140121.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[01:22.972] [+] Unable to download archive "SecurityC.sbi-20140121.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[01:22.972] [+] File "Security-C.sbi" needs to be downloaded.
[01:43.988] [+] Unable to download archive "Security-C.sbi-20140108.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[02:05.019] [+] Unable to download archive "Security-C.sbi-20140108.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[02:26.066] [+] Unable to download archive "Security-C.sbi-20140108.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[02:26.066] [+] File "Services.sbs" needs to be downloaded.
[02:47.113] [+] Unable to download archive "Services.sbs-20110301.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[03:08.129] [+] Unable to download archive "Services.sbs-20110301.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[03:29.160] [+] Unable to download archive "Services.sbs-20110301.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[03:29.160] [+] File "spybotsd2-translation-esx.exe" needs to be downloaded.
[03:50.176] [+] Unable to download archive "spybotsd2-translation-esx.exe-20140731.lzs" from http://ftp.234.cz/data/spybot/spybot2/!
[04:11.207] [+] Unable to download archive "spybotsd2-translation-esx.exe-20140731.lzs" from http://www.antispyware-downloadserve...dates/spybot2/!
[04:32.254] [+] Unable to download archive "spybotsd2-translation-esx.exe-20140731.lzs" from http://www.spybotupdates.biz/updates/spybot2/!
[04:32.254] [+] File "spybotsd2-translation-frx.exe" needs to be downloaded.
[04:53.285] [+] Unable to download archive "spybotsd2-translation-frx.exe-20130619.lzs" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[05:14.301] [+] Unable to download archive "spybotsd2-translation-frx.exe-20130619.lzs" from http://spybot.computerfixertools.com/spybot2/!
[05:35.301] [+] Unable to download archive "spybotsd2-translation-frx.exe-20130619.lzs" from http://ftp.234.cz/data/spybot/spybot2/!
[05:35.301] [+] File "spybotsd2-translation-hrx.exe" needs to be downloaded.
[05:56.332] [+] Unable to download archive "spybotsd2-translation-hrx.exe-20150325.lzs" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[06:17.457] [+] Unable to download archive "spybotsd2-translation-hrx.exe-20150325.lzs" from http://safernet.mirrors.cu.be/spybot2/!
[06:38.489] [+] Unable to download archive "spybotsd2-translation-hrx.exe-20150325.lzs" from http://spybot.bluehamster.com.au/spybot2files/!
[06:38.489] [+] File "spybotsd2-translation-hux2.exe" needs to be downloaded.
[06:59.504] [+] Unable to download archive "spybotsd2-translation-hux2.exe-20140825.lzs" from http://safernet.mirrors.cu.be/spybot2/!
[07:20.520] [+] Unable to download archive "spybotsd2-translation-hux2.exe-20140825.lzs" from http://spybotdbs.com/updates/spybot2/!
[07:41.551] [+] Unable to download archive "spybotsd2-translation-hux2.exe-20140825.lzs" from http://safernet.mirrors.cu.be/spybot2/!
[07:41.551] [+] File "spybotsd2-translation-ukx.exe" needs to be downloaded.
[08:02.567] [+] Unable to download archive "spybotsd2-translation-ukx.exe-20141105.lzs" from http://nervion.us.es/updates/spybot2files/!
[08:23.661] [+] Unable to download archive "spybotsd2-translation-ukx.exe-20141105.lzs" from http://updates4.safer-networking.org/spybot2/!
[08:44.692] [+] Unable to download archive "spybotsd2-translation-ukx.exe-20141105.lzs" from http://www.spybotupdates.biz/updates/spybot2/!
[08:44.692] [+] File "spybotsd2-windows-upgrade-installer.exe" needs to be downloaded.
[09:05.723] [+] Unable to download archive "spybotsd2-windows-upgrade-installer.exe-1.4.0.0.lzs" from http://www.antispyware-downloadserve...dates/spybot2/!
[09:26.848] [+] Unable to download archive "spybotsd2-windows-upgrade-installer.exe-1.4.0.0.lzs" from http://www.spybotupdates.com/updates/spybot2/!
[09:47.864] [+] Unable to download archive "spybotsd2-windows-upgrade-installer.exe-1.4.0.0.lzs" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[09:47.864] [+] File "Spyware.sbi" needs to be downloaded.
[10:08.895] [+] Unable to download archive "Spyware.sbi-20140121.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[10:29.927] [+] Unable to download archive "Spyware.sbi-20140121.cab" from http://updates4.safer-networking.org/spybot2/!
[10:50.942] [+] Unable to download archive "Spyware.sbi-20140121.cab" from http://nervion.us.es/updates/spybot2files/!
[10:50.942] [+] File "Spyware-000.sbi" needs to be downloaded.
[11:11.958] [+] Unable to download archive "Spyware-000.sbi-20141114.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[11:33.005] [+] Unable to download archive "Spyware-000.sbi-20141114.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[11:54.036] [+] Unable to download archive "Spyware-000.sbi-20141114.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[11:54.036] [+] File "Spyware-001.sbi" needs to be downloaded.
[12:15.052] [+] Unable to download archive "Spyware-001.sbi-20150506.cab" from http://www.spybotupdates.com/updates/spybot2/!
[12:36.083] [+] Unable to download archive "Spyware-001.sbi-20150506.cab" from http://safernet.mirrors.cu.be/spybot2/!
[12:57.130] [+] Unable to download archive "Spyware-001.sbi-20150506.cab" from http://safernet.mirrors.cu.be/spybot2/!
[12:57.130] [+] File "SpywareC.sbi" needs to be downloaded.
[13:18.161] [+] Unable to download archive "SpywareC.sbi-20140121.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[13:39.177] [+] Unable to download archive "SpywareC.sbi-20140121.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[14:00.208] [+] Unable to download archive "SpywareC.sbi-20140121.cab" from http://www.spybotupdates.com/updates/spybot2/!
[14:00.208] [+] File "Spyware-C.sbi" needs to be downloaded.
[14:21.255] [+] Unable to download archive "Spyware-C.sbi-20150812.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[14:42.302] [+] Unable to download archive "Spyware-C.sbi-20150812.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[15:03.349] [+] Unable to download archive "Spyware-C.sbi-20150812.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[15:03.349] [+] File "Tracks.sbi" needs to be downloaded.
[15:24.380] [+] Unable to download archive "Tracks.sbi-20110607.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[15:45.427] [+] Unable to download archive "Tracks.sbi-20110607.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[16:06.427] [+] Unable to download archive "Tracks.sbi-20110607.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[16:06.427] [+] File "Tracks.uti" needs to be downloaded.
[16:27.474] [+] Unable to download archive "Tracks.uti-20121119.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[16:48.521] [+] Unable to download archive "Tracks.uti-20121119.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[17:09.568] [+] Unable to download archive "Tracks.uti-20121119.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[17:09.568] [+] File "Trojans.sbi" needs to be downloaded.
[17:30.584] [+] Unable to download archive "Trojans.sbi-20140109.cab" from http://spybotdbs.com/updates/spybot2/!
[17:51.615] [+] Unable to download archive "Trojans.sbi-20140109.cab" from http://spybotdbs.com/updates/spybot2/!
[18:12.631] [+] Unable to download archive "Trojans.sbi-20140109.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[18:12.631] [+] File "Trojans-000.sbi" needs to be downloaded.
[18:33.678] [+] Unable to download archive "Trojans-000.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[18:54.693] [+] Unable to download archive "Trojans-000.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[19:15.740] [+] Unable to download archive "Trojans-000.sbi-20140115.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[19:15.740] [+] File "Trojans-001.sbi" needs to be downloaded.
[19:36.787] [+] Unable to download archive "Trojans-001.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[19:57.818] [+] Unable to download archive "Trojans-001.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[20:18.850] [+] Unable to download archive "Trojans-001.sbi-20140115.cab" from http://spybot.computerfixertools.com/spybot2/!
[20:18.850] [+] File "Trojans-002.sbi" needs to be downloaded.
[20:39.865] [+] Unable to download archive "Trojans-002.sbi-20141114.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[21:00.865] [+] Unable to download archive "Trojans-002.sbi-20141114.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[21:21.897] [+] Unable to download archive "Trojans-002.sbi-20141114.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[21:21.897] [+] File "Trojans-003.sbi" needs to be downloaded.
[21:42.912] [+] Unable to download archive "Trojans-003.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[22:03.944] [+] Unable to download archive "Trojans-003.sbi-20140115.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[22:24.959] [+] Unable to download archive "Trojans-003.sbi-20140115.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[22:24.959] [+] File "Trojans-004.sbi" needs to be downloaded.
[22:46.006] [+] Unable to download archive "Trojans-004.sbi-20140115.cab" from http://safernet.mirrors.cu.be/spybot2/!
[23:07.053] [+] Unable to download archive "Trojans-004.sbi-20140115.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[23:28.084] [+] Unable to download archive "Trojans-004.sbi-20140115.cab" from http://nervion.us.es/updates/spybot2files/!
[23:28.084] [+] File "Trojans-005.sbi" needs to be downloaded.
[23:49.131] [+] Unable to download archive "Trojans-005.sbi-20140319.cab" from http://spybot.computerfixertools.com/spybot2/!
[24:10.163] [+] Unable to download archive "Trojans-005.sbi-20140319.cab" from http://spybot.computerfixertools.com/spybot2/!
[24:31.178] [+] Unable to download archive "Trojans-005.sbi-20140319.cab" from http://spybotdbs.com/updates/spybot2/!
[24:31.178] [+] File "Trojans-006.sbi" needs to be downloaded.
[24:52.225] [+] Unable to download archive "Trojans-006.sbi-20150331.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[25:13.272] [+] Unable to download archive "Trojans-006.sbi-20150331.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[25:34.303] [+] Unable to download archive "Trojans-006.sbi-20150331.cab" from http://www.spybotupdates.com/updates/spybot2/!
[25:34.303] [+] File "Trojans-007.sbi" needs to be downloaded.
[25:55.319] [+] Unable to download archive "Trojans-007.sbi-20140115.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[26:16.319] [+] Unable to download archive "Trojans-007.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[26:37.350] [+] Unable to download archive "Trojans-007.sbi-20140115.cab" from http://spybotdbs.com/updates/spybot2/!
[26:37.350] [+] File "Trojans-008.sbi" needs to be downloaded.
[26:58.397] [+] Unable to download archive "Trojans-008.sbi-20140709.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[27:19.444] [+] Unable to download archive "Trojans-008.sbi-20140709.cab" from http://spybotdbs.com/updates/spybot2/!
[27:40.476] [+] Unable to download archive "Trojans-008.sbi-20140709.cab" from http://safernet.mirrors.cu.be/spybot2/!
[27:40.476] [+] File "Trojans-009.sbi" needs to be downloaded.
[28:01.538] [+] Unable to download archive "Trojans-009.sbi-20140709.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[28:22.569] [+] Unable to download archive "Trojans-009.sbi-20140709.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[28:43.585] [+] Unable to download archive "Trojans-009.sbi-20140709.cab" from http://safernet.mirrors.cu.be/spybot2/!
[28:43.585] [+] File "TrojansC.sbi" needs to be downloaded.
[29:04.616] [+] Unable to download archive "TrojansC.sbi-20140109.cab" from http://spybotdbs.com/updates/spybot2/!
[29:25.679] [+] Unable to download archive "TrojansC.sbi-20140109.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[29:46.710] [+] Unable to download archive "TrojansC.sbi-20140109.cab" from http://safernet.mirrors.cu.be/spybot2/!
[29:46.710] [+] File "Trojans-C.sbi" needs to be downloaded.
[30:07.741] [+] Unable to download archive "Trojans-C.sbi-20150902.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[30:28.757] [+] Unable to download archive "Trojans-C.sbi-20150902.cab" from http://spybot.computerfixertools.com/spybot2/!
[30:49.773] [+] Unable to download archive "Trojans-C.sbi-20150902.cab" from http://nervion.us.es/updates/spybot2files/!
[30:49.773] [+] File "TrojansC-01.sbi" needs to be downloaded.
[31:10.804] [+] Unable to download archive "TrojansC-01.sbi-20140116.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[31:31.835] [+] Unable to download archive "TrojansC-01.sbi-20140116.cab" from http://nervion.us.es/updates/spybot2files/!
[31:52.882] [+] Unable to download archive "TrojansC-01.sbi-20140116.cab" from http://updates4.safer-networking.org/spybot2/!
[31:52.882] [+] File "TrojansC-02.sbi" needs to be downloaded.
[32:13.929] [+] Unable to download archive "TrojansC-02.sbi-20140116.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[32:34.929] [+] Unable to download archive "TrojansC-02.sbi-20140116.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[32:55.929] [+] Unable to download archive "TrojansC-02.sbi-20140116.cab" from http://www.spybotupdates.com/updates/spybot2/!
[32:55.929] [+] File "TrojansC-03.sbi" needs to be downloaded.
[33:16.976] [+] Unable to download archive "TrojansC-03.sbi-20140116.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[33:38.008] [+] Unable to download archive "TrojansC-03.sbi-20140116.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[33:59.054] [+] Unable to download archive "TrojansC-03.sbi-20140116.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[33:59.054] [+] File "TrojansC-04.sbi" needs to be downloaded.
[34:20.070] [+] Unable to download archive "TrojansC-04.sbi-20140116.cab" from http://updates4.safer-networking.org/spybot2/!
[34:41.101] [+] Unable to download archive "TrojansC-04.sbi-20140116.cab" from http://updates4.safer-networking.org/spybot2/!
[35:02.148] [+] Unable to download archive "TrojansC-04.sbi-20140116.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[35:02.148] [+] File "TrojansC-05.sbi" needs to be downloaded.
[35:23.195] [+] Unable to download archive "TrojansC-05.sbi-20140116.cab" from http://spybot.computerfixertools.com/spybot2/!
[35:44.242] [+] Unable to download archive "TrojansC-05.sbi-20140116.cab" from http://spybotdbs.com/updates/spybot2/!
[36:05.273] [+] Unable to download archive "TrojansC-05.sbi-20140116.cab" from http://safernet.mirrors.cu.be/spybot2/!
[36:05.273] [+] File "Trojans-OG-000.sbi" needs to be downloaded.
[36:26.320] [+] Unable to download archive "Trojans-OG-000.sbi-20140115.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[36:47.367] [+] Unable to download archive "Trojans-OG-000.sbi-20140115.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[37:08.414] [+] Unable to download archive "Trojans-OG-000.sbi-20140115.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[37:08.414] [+] File "Trojans-TD-000.sbi" needs to be downloaded.
[37:29.414] [+] Unable to download archive "Trojans-TD-000.sbi-20140115.cab" from http://spybot.computerfixertools.com/spybot2/!
[37:50.430] [+] Unable to download archive "Trojans-TD-000.sbi-20140115.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[38:11.461] [+] Unable to download archive "Trojans-TD-000.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[38:11.461] [+] File "Trojans-VM-000.sbi" needs to be downloaded.
[38:32.492] [+] Unable to download archive "Trojans-VM-000.sbi-20140115.cab" from http://nervion.us.es/updates/spybot2files/!
[38:53.508] [+] Unable to download archive "Trojans-VM-000.sbi-20140115.cab" from http://safernet.mirrors.cu.be/spybot2/!
[39:14.539] [+] Unable to download archive "Trojans-VM-000.sbi-20140115.cab" from http://nervion.us.es/updates/spybot2files/!
[39:14.539] [+] File "Trojans-VM-001.sbi" needs to be downloaded.
[39:35.539] [+] Unable to download archive "Trojans-VM-001.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[39:56.555] [+] Unable to download archive "Trojans-VM-001.sbi-20140115.cab" from http://www.spybotupdates.com/updates/spybot2/!
[40:17.586] [+] Unable to download archive "Trojans-VM-001.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[40:17.586] [+] File "Trojans-VM-002.sbi" needs to be downloaded.
[40:38.633] [+] Unable to download archive "Trojans-VM-002.sbi-20140115.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[40:59.633] [+] Unable to download archive "Trojans-VM-002.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[41:20.680] [+] Unable to download archive "Trojans-VM-002.sbi-20140115.cab" from http://spybotdbs.com/updates/spybot2/!
[41:20.680] [+] File "Trojans-VM-003.sbi" needs to be downloaded.
[41:41.727] [+] Unable to download archive "Trojans-VM-003.sbi-20140115.cab" from http://www.spybotupdates.com/updates/spybot2/!
[42:02.774] [+] Unable to download archive "Trojans-VM-003.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[42:23.805] [+] Unable to download archive "Trojans-VM-003.sbi-20140115.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[42:23.805] [+] File "Trojans-VM-004.sbi" needs to be downloaded.
[42:44.821] [+] Unable to download archive "Trojans-VM-004.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[43:05.837] [+] Unable to download archive "Trojans-VM-004.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[43:26.852] [+] Unable to download archive "Trojans-VM-004.sbi-20140115.cab" from http://spybotdbs.com/updates/spybot2/!
[43:26.852] [+] File "Trojans-VM-005.sbi" needs to be downloaded.
[43:47.899] [+] Unable to download archive "Trojans-VM-005.sbi-20140115.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[44:08.946] [+] Unable to download archive "Trojans-VM-005.sbi-20140115.cab" from http://safernet.mirrors.cu.be/spybot2/!
[44:29.993] [+] Unable to download archive "Trojans-VM-005.sbi-20140115.cab" from http://www.spybotupdates.com/updates/spybot2/!
[44:29.993] [+] File "Trojans-VM-006.sbi" needs to be downloaded.
[44:51.040] [+] Unable to download archive "Trojans-VM-006.sbi-20140115.cab" from http://spybot.computerfixertools.com/spybot2/!
[45:12.071] [+] Unable to download archive "Trojans-VM-006.sbi-20140115.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[45:33.118] [+] Unable to download archive "Trojans-VM-006.sbi-20140115.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[45:33.118] [+] File "Trojans-VM-007.sbi" needs to be downloaded.
[45:54.165] [+] Unable to download archive "Trojans-VM-007.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[46:15.165] [+] Unable to download archive "Trojans-VM-007.sbi-20140115.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[46:36.197] [+] Unable to download archive "Trojans-VM-007.sbi-20140115.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[46:36.197] [+] File "Trojans-VM-008.sbi" needs to be downloaded.
[46:57.212] [+] Unable to download archive "Trojans-VM-008.sbi-20140115.cab" from http://safernet.mirrors.cu.be/spybot2/!
[47:18.243] [+] Unable to download archive "Trojans-VM-008.sbi-20140115.cab" from http://nervion.us.es/updates/spybot2files/!
[47:39.290] [+] Unable to download archive "Trojans-VM-008.sbi-20140115.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[47:39.290] [+] File "Trojans-VM-009.sbi" needs to be downloaded.
[48:00.306] [+] Unable to download archive "Trojans-VM-009.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[48:21.337] [+] Unable to download archive "Trojans-VM-009.sbi-20140115.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[48:42.369] [+] Unable to download archive "Trojans-VM-009.sbi-20140115.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[48:42.369] [+] File "Trojans-VM-010.sbi" needs to be downloaded.
[49:03.384] [+] Unable to download archive "Trojans-VM-010.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[49:24.431] [+] Unable to download archive "Trojans-VM-010.sbi-20140115.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[49:45.478] [+] Unable to download archive "Trojans-VM-010.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[49:45.478] [+] File "Trojans-VM-011.sbi" needs to be downloaded.
[50:06.556] [+] Unable to download archive "Trojans-VM-011.sbi-20140115.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[50:27.588] [+] Unable to download archive "Trojans-VM-011.sbi-20140115.cab" from http://spybot.computerfixertools.com/spybot2/!
[50:48.635] [+] Unable to download archive "Trojans-VM-011.sbi-20140115.cab" from http://nervion.us.es/updates/spybot2files/!
[50:48.635] [+] File "Trojans-VM-012.sbi" needs to be downloaded.
[51:09.650] [+] Unable to download archive "Trojans-VM-012.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[51:30.697] [+] Unable to download archive "Trojans-VM-012.sbi-20140115.cab" from http://www.spybotupdates.com/updates/spybot2/!
[51:51.728] [+] Unable to download archive "Trojans-VM-012.sbi-20140115.cab" from http://spybot.computerfixertools.com/spybot2/!
[51:51.728] [+] File "Trojans-VM-013.sbi" needs to be downloaded.
[52:12.728] [+] Unable to download archive "Trojans-VM-013.sbi-20140115.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[52:33.775] [+] Unable to download archive "Trojans-VM-013.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[52:54.822] [+] Unable to download archive "Trojans-VM-013.sbi-20140115.cab" from http://spybot.computerfixertools.com/spybot2/!
[52:54.822] [+] File "Trojans-VM-014.sbi" needs to be downloaded.
[53:15.869] [+] Unable to download archive "Trojans-VM-014.sbi-20140115.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[53:36.916] [+] Unable to download archive "Trojans-VM-014.sbi-20140115.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[53:57.947] [+] Unable to download archive "Trojans-VM-014.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[53:57.947] [+] File "Trojans-VM-015.sbi" needs to be downloaded.
[54:18.981] [+] Unable to download archive "Trojans-VM-015.sbi-20140115.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[54:40.012] [+] Unable to download archive "Trojans-VM-015.sbi-20140115.cab" from http://spybot.computerfixertools.com/spybot2/!
[55:01.012] [+] Unable to download archive "Trojans-VM-015.sbi-20140115.cab" from http://safernet.mirrors.cu.be/spybot2/!
[55:01.012] [+] File "Trojans-VM-016.sbi" needs to be downloaded.
[55:22.044] [+] Unable to download archive "Trojans-VM-016.sbi-20140115.cab" from http://spybot.computerfixertools.com/spybot2/!
[55:43.059] [+] Unable to download archive "Trojans-VM-016.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[56:04.106] [+] Unable to download archive "Trojans-VM-016.sbi-20140115.cab" from http://spybotdbs.com/updates/spybot2/!
[56:04.106] [+] File "Trojans-VM-017.sbi" needs to be downloaded.
[56:25.122] [+] Unable to download archive "Trojans-VM-017.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[56:46.153] [+] Unable to download archive "Trojans-VM-017.sbi-20140115.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[57:07.153] [+] Unable to download archive "Trojans-VM-017.sbi-20140115.cab" from http://spybotdbs.com/updates/spybot2/!
[57:07.153] [+] File "Trojans-VM-018.sbi" needs to be downloaded.
[57:28.169] [+] Unable to download archive "Trojans-VM-018.sbi-20140115.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[57:49.200] [+] Unable to download archive "Trojans-VM-018.sbi-20140115.cab" from http://nervion.us.es/updates/spybot2files/!
[58:10.232] [+] Unable to download archive "Trojans-VM-018.sbi-20140115.cab" from http://safernet.mirrors.cu.be/spybot2/!
[58:10.232] [+] File "Trojans-VM-019.sbi" needs to be downloaded.
[58:31.247] [+] Unable to download archive "Trojans-VM-019.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[58:52.279] [+] Unable to download archive "Trojans-VM-019.sbi-20140115.cab" from http://nervion.us.es/updates/spybot2files/!
[59:13.294] [+] Unable to download archive "Trojans-VM-019.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[59:13.294] [+] File "Trojans-VM-020.sbi" needs to be downloaded.
[59:34.341] [+] Unable to download archive "Trojans-VM-020.sbi-20140115.cab" from http://spybot.computerfixertools.com/spybot2/!
[59:55.372] [+] Unable to download archive "Trojans-VM-020.sbi-20140115.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[00:16.404] [+] Unable to download archive "Trojans-VM-020.sbi-20140115.cab" from http://spybotdbs.com/updates/spybot2/!
[00:16.404] [+] File "Trojans-VM-021.sbi" needs to be downloaded.
[00:37.419] [+] Unable to download archive "Trojans-VM-021.sbi-20140115.cab" from http://www.spybotupdates.com/updates/spybot2/!
[00:58.451] [+] Unable to download archive "Trojans-VM-021.sbi-20140115.cab" from http://spybotdbs.com/updates/spybot2/!
[01:19.498] [+] Unable to download archive "Trojans-VM-021.sbi-20140115.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[01:19.498] [+] File "Trojans-VM-022.sbi" needs to be downloaded.
[01:40.513] [+] Unable to download archive "Trojans-VM-022.sbi-20140115.cab" from http://spybot.computerfixertools.com/spybot2/!
[02:01.560] [+] Unable to download archive "Trojans-VM-022.sbi-20140115.cab" from http://safernet.mirrors.cu.be/spybot2/!
[02:22.591] [+] Unable to download archive "Trojans-VM-022.sbi-20140115.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[02:22.591] [+] File "Trojans-VM-023.sbi" needs to be downloaded.
[02:43.607] [+] Unable to download archive "Trojans-VM-023.sbi-20140115.cab" from http://spybotdbs.com/updates/spybot2/!
[03:04.638] [+] Unable to download archive "Trojans-VM-023.sbi-20140115.cab" from http://updates4.safer-networking.org/spybot2/!
[03:25.685] [+] Unable to download archive "Trojans-VM-023.sbi-20140115.cab" from http://134.169.192.5/pub/mirror/spybot.info/sb2updates/!
[03:25.685] [+] File "Trojans-VM-024.sbi" needs to be downloaded.
[03:46.920] [+] Unable to download archive "Trojans-VM-024.sbi-20140115.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[04:07.982] [+] Unable to download archive "Trojans-VM-024.sbi-20140115.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[04:29.060] [+] Unable to download archive "Trojans-VM-024.sbi-20140115.cab" from http://www.antispyware-downloadserve...dates/spybot2/!
[04:29.060] [+] File "Trojans-ZB-000.sbi" needs to be downloaded.
[04:50.076] [+] Unable to download archive "Trojans-ZB-000.sbi-20140115.cab" from http://spybotdbs.com/updates/spybot2/!
[05:11.092] [+] Unable to download archive "Trojans-ZB-000.sbi-20140115.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[05:32.107] [+] Unable to download archive "Trojans-ZB-000.sbi-20140115.cab" from http://safernet.mirrors.cu.be/spybot2/!
[05:32.107] [+] File "Trojans-ZL-000.sbi" needs to be downloaded.
[05:53.123] [+] Unable to download archive "Trojans-ZL-000.sbi-20140115.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[06:14.123] [+] Unable to download archive "Trojans-ZL-000.sbi-20140115.cab" from http://filehorse.spybot-updates.com/updates/spybot2/!
[06:35.154] [+] Unable to download archive "Trojans-ZL-000.sbi-20140115.cab" from http://www.spybotupdates.biz/updates/spybot2/!
[06:35.154] [+] File "TTLASSH.sbs" needs to be downloaded.
[06:56.170] [+] Unable to download archive "TTLASSH.sbs-20080624.cab" from http://www.spybotupdates.com/updates/spybot2/!
[07:17.451] [+] Unable to download archive "TTLASSH.sbs-20080624.cab" from http://safernet.mirrors.cu.be/spybot2/!
[07:38.483] [+] Unable to download archive "TTLASSH.sbs-20080624.cab" from http://ns364576.ovh.net/spybot2/updates/spybot2/!
[07:38.483] [+] File "WelcomeLinks.sbs" needs to be downloaded.
[07:59.498] [+] Unable to download archive "WelcomeLinks.sbs-20130618.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[08:20.545] [+] Unable to download archive "WelcomeLinks.sbs-20130618.cab" from http://spybot.bluehamster.com.au/spybot2files/!
[08:41.592] [+] Unable to download archive "WelcomeLinks.sbs-20130618.cab" from http://spybot.computerfixertools.com/spybot2/!
[08:41.592] [+] File "X509White.sbs" needs to be downloaded.
[09:02.623] [+] Unable to download archive "X509White.sbs-20130306.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[09:23.670] [+] Unable to download archive "X509White.sbs-20130306.cab" from http://ftp.234.cz/data/spybot/spybot2/!
[09:44.764] [+] Unable to download archive "X509White.sbs-20130306.cab" from http://www.spybotupdates.com/updates/spybot2/!
[09:44.764] [+] All files have been processed.
[09:44.780] [+] Installed 124 updates.
[09:44.811]

↧

Persistent Malware - Spybot the only one who dares to combat them

September 4, 2015, 3:02 am

≫ Next: Tradeadexchange

≪ Previous: Spybot updater is very, very broken

Hi experts,
I have something in my computer that simply I can't get rid of it.
The symptoms are: 1) the explorer.exe is collapsed. Do not respond and it stays in the air. Therefore I have no access to my directories and files. 2) My internet conexion is very slow. 3) The CPU Usage is at 100%, even though it is not running so many stuff.
I've run a lot of removal softwares (eset, adwcleaner, frst, cksscanner, jrt, malwarebytes, combofix, hijackthis and obviously my antivirus avast Internet Security). After running all of them several times, most results are "no threats found". Some others I don't understand the report.
The only scanner that shows malware is Spybot. There are registries in: 1) MS Direct3D - Most recent application, 2) Windows Explorer - Recent file global history, 3) Cache in Internet Explorer, 4) Cookies in Internet Explorer, 5) History - in Internet Explorer (which I don't use it at all, by the way) and 6) History in Google Chrome.

Spybot remove them without a problem. Seems to be clean. But if I run it twice, appears them back again. The malfunctions still there and causing problems, that means persist the malware, although Spybot succesfully removed them.

I attach some log files.

Looking forward to hear from you soon and have a nice day.

Best regards

Attached Files

↧

Tradeadexchange

September 5, 2015, 1:17 am

≫ Next: Immunization Problems

≪ Previous: Persistent Malware - Spybot the only one who dares to combat them

I also have a problem with Tradeadexchange.

Will Spybot update the search list to find this or do we need to load all the logs and get a specialist to help?

Other malware and antivirus software cleans up malware without such in depth analysis.

↧

Immunization Problems

September 5, 2015, 1:19 am

≫ Next: Please Help I Work Online and Can't Work Until This Is Resolved!

≪ Previous: Tradeadexchange

So I've been using Spybot for almost 8 years now. I would immunize my my browsers often but an issues arrives. The problem usually occurs when it begins to work on Firefox. I have gone through the process before using permissions.sqlite and changing it into host.perm1. (Or if there are two, deleting permissions.sqlite)Now the issue is new Firefox does not come with any of the two. I have set my current default settings so that I wont have any cookies saved.

Will immunization still work?

Is there another method to immunize Firefox.

Thanks

↧

Please Help I Work Online and Can't Work Until This Is Resolved!

September 5, 2015, 7:07 pm

≫ Next: History question from 2009: Fake updates?

≪ Previous: Immunization Problems

Hi! I am new to this forum. I ran a scan for over 7 hours today in Spybot Rootkit and I finally gave up and stopped it after it hung on one file for several hours and never continued. The file was a Windows Media file - Windows Media Player was deleted from my system a while back to help it run smoother.

I am on Windows 7 and the problem began when my Comodo 'could not start' until I manually started it, just about every time I reboot. Then my browsers began to lag and freeze (Firefox and Google Chrome). Now, Google Chrome will not open at all!!! Every time I try to open it is says that "a problem is keeping it from opening" and Windows looks for a solution to the problem but never finds one. Firefox now freezes more frequently and gets completely stuck to the point that I have to use task manager to close it and reboot it.

Here are my partial scan results, up until the point the scanner froze:

Okay.... I am trying to use CTRL A to select all to copy/paste the results but it isn't working. How do you get the results pasted on this forum? Sorry for my ignorance!:sad:

↧

History question from 2009: Fake updates?

September 6, 2015, 7:17 am

≫ Next: How to remove Post Win10 Spybot Install

≪ Previous: Please Help I Work Online and Can't Work Until This Is Resolved!

Greetings!

I registered to ask a question from 2009 which is perhaps not relevant anymore. Were there ever fake update mirrors that corrupted the program?

I'm talking about this view.

↧

How to remove Post Win10 Spybot Install

September 6, 2015, 8:56 am

≫ Next: SCAN does NOT work. HELP PLEASE

≪ Previous: History question from 2009: Fake updates?

I run spybot as a portable app and the Post Win10 desktop icon, a folder, and a startup run entry were added after running spybot for the first time after installing Windows 10. I don't need this on my small-hard drive tablet as I run spybot as a portable app from an SD card.

1. How can I remove all of the above?
2. How can I prevent their install in the future?

Thanks

↧

SCAN does NOT work. HELP PLEASE

September 6, 2015, 8:17 pm

≫ Next: Malware Removal Assistance

≪ Previous: How to remove Post Win10 Spybot Install

I just downloaded Spybot and the *start a scan* is UNCLICKABLE on the system scan window... in the Start center, *system scan* button does not work either...?????????????????????????

↧

Malware Removal Assistance

September 8, 2015, 4:33 pm

≫ Next: Cannot install Spybot - redirect error

≪ Previous: SCAN does NOT work. HELP PLEASE

Spybot has detected malware and removed it, but it keeps coming back as soon as I open my browser.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-09-2015
Ran by havoc (administrator) on BEAST (08-09-2015 08:08:47)
Running from C:\Users\havoc\Desktop
Loaded Profiles: havoc & UpdatusUser (Available Profiles: havoc & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Comodo\IceDragon\icedragon.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\WinArchiver Virtual Drive\WAService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Windows\SysWOW64\ASGT.exe
(Bitvise Limited) C:\Program Files\Bitvise SSH Server\BvSshServer.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files\Bitvise SSH Server\SftpServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Google Inc.) C:\Users\havoc\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\havoc\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Mobile Stream) C:\Program Files\Mobile Stream\EasyTether\easytthr.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files\Synergy\synergys.exe
(Microsoft Corporation) C:\Users\havoc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\McUICnt.exe
(WinArchiver Computing, Inc.) C:\Program Files (x86)\WinArchiver Virtual Drive\WAHELPER.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-20] (Logitech, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [333088 2010-07-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [309184 2012-03-28] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Bitvise SSH Server Activation State Checker] => C:\Program Files\Bitvise SSH Server\BssActStateCheck.exe [245576 2015-06-03] (Bitvise Limited)
HKLM-x32\...\Run: [WAHELPER.EXE] => C:\Program Files (x86)\WinArchiver Virtual Drive\WAHELPER.EXE [475136 2012-01-12] (WinArchiver Computing, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\...\Run: [Google Update] => C:\Users\havoc\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-07] (Google Inc.)
HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\...\Run: [MusicManager] => C:\Users\havoc\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7380992 2013-11-11] (Google Inc.)
HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-06-04] (AMD)
HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)
HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\...\Run: [EasyTether] => C:\Program Files\Mobile Stream\EasyTether\easytthr.exe [73728 2014-09-02] (Mobile Stream)
HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\...\Run: [Synergy Server] => C:\Program Files\Synergy\synergys.exe [733184 2006-04-02] ()
HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\...\Run: [OneDrive] => C:\Users\havoc\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-19] (Microsoft Corporation)
HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Lsa: [Authentication Packages] msv1_0 BvLsa
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-11-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Online plug-in.lnk [2012-06-18]
ShortcutTarget: Online plug-in.lnk -> C:\Windows\Installer\{913778D3-E1D8-4B55-9246-3308C54D3162}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe ()
Startup: C:\Users\havoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2012-10-18] ()
Startup: C:\Users\havoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-07-18]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exebddel.exe
GroupPolicyUsers\S-1-5-21-1583409717-3979321060-2320764336-1005\User: Restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{01AFDB59-DFCC-47A7-96C5-7128FEB1A811}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{62399DFD-5DC7-4A93-A733-296AA3D46A10}: [NameServer] 82.163.143.169,82.163.142.171
Tcpip\..\Interfaces\{8E4CCC50-A3BA-4403-A479-CD13832AD84D}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\havoc\AppData\Roaming\Mozilla\Firefox\Profiles\la9zxu2u.default-1440627783229
FF DefaultSearchEngine.US: Google
FF Homepage: hxxps://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-06-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-06-26] (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-12-14] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-1583409717-3979321060-2320764336-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\havoc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-1583409717-3979321060-2320764336-1000: @talk.google.com/O1DPlugin -> C:\Users\havoc\AppData\Roaming\Mozilla\plugins\npo1d.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-1583409717-3979321060-2320764336-1000: @talk.google.com/O3DPlugin -> C:\Users\havoc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin HKU\S-1-5-21-1583409717-3979321060-2320764336-1000: @tools.google.com/Google Update;version=3 -> C:\Users\havoc\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-11-23] (Google Inc.)
FF Plugin HKU\S-1-5-21-1583409717-3979321060-2320764336-1000: @tools.google.com/Google Update;version=9 -> C:\Users\havoc\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-11-23] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2012-03-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-09-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-09-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-09-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-09-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-09-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll [2012-03-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\havoc\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\havoc\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin ProgramFiles/Appdata: C:\Users\havoc\AppData\Roaming\mozilla\plugins\npo1d.dll [2013-10-29] (Google)
FF Extension: LastPass - C:\Users\havoc\AppData\Roaming\Mozilla\Firefox\Profiles\la9zxu2u.default-1440627783229\Extensions\support@lastpass.com [2015-09-03]
FF Extension: YouTube Flash® Player - C:\Users\havoc\AppData\Roaming\Mozilla\Firefox\Profiles\la9zxu2u.default-1440627783229\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2015-08-26]
FF Extension: Session Manager - C:\Users\havoc\AppData\Roaming\Mozilla\Firefox\Profiles\la9zxu2u.default-1440627783229\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-08-26]
FF Extension: Share Button for Pinterest - C:\Users\havoc\AppData\Roaming\Mozilla\Firefox\Profiles\la9zxu2u.default-1440627783229\Extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi [2015-08-26]
FF Extension: NoScript - C:\Users\havoc\AppData\Roaming\Mozilla\Firefox\Profiles\la9zxu2u.default-1440627783229\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-08-26]
FF Extension: Adblock Plus - C:\Users\havoc\AppData\Roaming\Mozilla\Firefox\Profiles\la9zxu2u.default-1440627783229\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-26]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-03-09]

Chrome:
=======
CHR Profile: C:\Users\havoc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\havoc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dibdcpffccodechbhdlfpbgpjfmillpb [2013-01-15]
CHR Extension: (SaveLoTs) - C:\Users\havoc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gknnhaindocppopkjchenapajheodeig [2013-12-30]
CHR Extension: (AllSaver) - C:\ProgramData\jbimlbablkdnfjkiigccamffgkalckhd\ []
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-03-09]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 BvSshServer; C:\Program Files\Bitvise SSH Server\BvSshServer.exe [14578032 2015-06-03] (Bitvise Limited)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 HPSLPSVC; C:\Users\havoc\AppData\Local\Temp\7zS7F23\hpslpsvc64.dll [1039360 2011-11-14] (Hewlett-Packard Co.) [File not signed]
R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [1971384 2015-06-22] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1740760 2014-09-03] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinArchiver Service; C:\Program Files (x86)\WinArchiver Virtual Drive\WAService.exe [196608 2012-01-12] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 easytether; C:\Windows\System32\DRIVERS\easytthr.sys [21704 2014-07-21] (Mobile Stream)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-02-19] (ASUSTeK Computer Inc.)
S4 LMIRfsClientNP; no ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-18] (Riverbed Technology, Inc.)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2012-04-12] (Oracle Corporation)
R0 WAEMU; C:\Windows\System32\Drivers\waemu.sys [141368 2012-01-12] (WinArchiver Computing, Inc.)
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-08 08:08 - 2015-09-08 08:09 - 00026725 _____ C:\Users\havoc\Desktop\FRST.txt
2015-09-08 08:07 - 2015-09-08 08:08 - 00000000 ____D C:\FRST
2015-09-08 08:03 - 2015-09-08 08:03 - 00000207 _____ C:\Windows\tweaking.com-regbackup-BEAST-Windows-7-Ultimate-(64-bit).dat
2015-09-08 08:03 - 2015-09-08 08:03 - 00000000 ____D C:\RegBackup
2015-09-08 08:02 - 2015-09-08 08:02 - 00002239 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-09-08 08:02 - 2015-09-08 08:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-09-08 08:02 - 2015-09-08 08:02 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-09-06 22:18 - 2015-09-06 22:18 - 00000020 ___SH C:\Users\TEMP\ntuser.ini
2015-09-06 22:18 - 2015-09-06 22:18 - 00000000 ____D C:\Users\TEMP
2015-09-06 22:18 - 2015-07-18 15:59 - 00002104 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-09-06 22:18 - 2013-10-27 03:02 - 00000000 ____D C:\Users\TEMP\AppData\Local\Microsoft Help
2015-09-06 22:18 - 2009-07-14 00:54 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-06 22:18 - 2009-07-14 00:49 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-06 22:00 - 2015-09-06 22:00 - 00000000 ___HD C:\OneDriveTemp
2015-09-06 21:52 - 2015-09-06 21:50 - 14243008 _____ (Microsoft Corporation) C:\Users\havoc\Desktop\mseinstall.exe
2015-09-04 16:40 - 2015-09-04 16:40 - 05198336 _____ (AVAST Software) C:\Users\havoc\Downloads\aswMBR.exe
2015-09-04 16:37 - 2015-09-04 16:36 - 02188800 _____ (Farbar) C:\Users\havoc\Desktop\FRST64.exe
2015-09-04 16:29 - 2015-09-04 16:29 - 04687184 _____ (Tweaking.com) C:\Users\havoc\Desktop\tweaking.com_registry_backup_setup.exe
2015-09-04 11:15 - 2015-09-04 15:59 - 00001062 _____ C:\Users\Public\Desktop\Comodo IceDragon.lnk
2015-09-04 11:15 - 2015-09-04 11:15 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2015-09-04 11:15 - 2015-09-04 11:15 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2015-09-04 11:15 - 2015-09-04 11:15 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-09-04 11:15 - 2015-09-04 11:15 - 00000000 ____D C:\Users\havoc\AppData\Roaming\Comodo
2015-09-04 11:15 - 2015-09-04 11:15 - 00000000 ____D C:\Users\havoc\AppData\Local\Comodo
2015-09-04 11:15 - 2015-09-04 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-09-04 11:15 - 2015-09-04 11:15 - 00000000 ____D C:\Program Files (x86)\Comodo
2015-09-04 10:26 - 2015-09-04 10:26 - 00431188 _____ C:\Users\havoc\Desktop\TeamSpybot-20150904-102621.cab
2015-09-04 08:57 - 2015-09-04 08:57 - 00022548 _____ C:\Windows\SysWOW64\bddel.dat
2015-09-03 09:52 - 2015-09-03 09:52 - 00000000 ____D C:\Users\havoc\Documents\ProcAlyzer Dumps
2015-09-03 09:44 - 2015-09-03 09:24 - 00000979 _____ C:\Windows\system32\Drivers\etc\hosts.20150903-094415.backup
2015-09-03 09:27 - 2015-09-03 09:27 - 00000000 ____D C:\Users\havoc\AppData\Roaming\Macromedia
2015-09-03 08:13 - 2015-09-03 08:13 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-03 08:13 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-09-03 08:08 - 2015-09-03 08:08 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-09-03 08:07 - 2015-09-04 07:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-09-03 08:07 - 2015-09-03 09:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-09-03 08:07 - 2015-09-03 08:07 - 00001395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-09-03 08:07 - 2015-09-03 08:07 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-09-03 08:07 - 2015-09-03 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-09-03 08:07 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-09-03 08:04 - 2015-09-03 08:05 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\havoc\Downloads\spybot-2.4.exe
2015-08-26 18:23 - 2015-08-26 18:23 - 00000000 ____D C:\Users\havoc\Desktop\Old Firefox Data
2015-08-25 20:43 - 2015-09-03 10:03 - 00000000 ____D C:\ProgramData\AVAST Software
2015-08-25 20:42 - 2015-08-25 20:43 - 05685584 _____ (AVAST Software) C:\Users\havoc\Downloads\avast_free_antivirus_setup_online.exe
2015-08-25 13:09 - 2015-08-25 13:15 - 00000000 ____D C:\Users\havoc\Downloads\Windows 8 - Retail
2015-08-20 17:12 - 2015-08-20 17:50 - 00000000 ____D C:\Users\havoc\AppData\Roaming\vlc
2015-08-20 15:04 - 2015-08-20 15:04 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-08-20 15:04 - 2015-08-20 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-20 15:04 - 2015-08-20 15:04 - 00000000 ____D C:\Program Files\VideoLAN
2015-08-20 15:02 - 2015-08-20 15:03 - 29833438 _____ C:\Users\havoc\Downloads\vlc-2.2.1-win64.exe
2015-08-19 03:00 - 2015-08-10 21:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 03:00 - 2015-08-10 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 03:00 - 2015-08-10 20:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 03:00 - 2015-08-10 20:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-17 12:54 - 2015-09-03 10:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-16 01:00 - 2015-08-26 10:45 - 00000000 ____D C:\ProgramData\{5679e186-c22c-2bac-5679-9e186c22861b}
2015-08-16 01:00 - 2015-08-26 07:00 - 00000340 _____ C:\Windows\Tasks\Superclean.job
2015-08-12 13:56 - 2015-08-12 13:57 - 01187032 _____ (Adobe Systems Incorporated) C:\Users\havoc\Downloads\flashplayer18_ha_install.exe
2015-08-12 12:41 - 2015-08-12 12:41 - 00242832 _____ C:\Users\havoc\Downloads\Firefox Setup Stub 40.0.exe
2015-08-12 10:01 - 2015-08-26 09:16 - 00242688 _____ C:\Users\havoc\Desktop\Stats.xls
2015-08-12 09:44 - 2015-08-12 09:57 - 00028905 _____ C:\Users\havoc\Desktop\HotS - Match History.xlsx
2015-08-12 09:40 - 2015-09-03 09:48 - 00017699 _____ C:\Users\havoc\Documents\ArcSight Systems.xlsx
2015-08-12 09:37 - 2015-08-12 09:37 - 00016148 _____ C:\Users\havoc\Documents\Heros of the Storm.xlsx
2015-08-12 03:39 - 2015-07-30 09:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 03:39 - 2015-07-30 09:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 15:34 - 2015-07-28 16:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-11 15:34 - 2015-07-28 16:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-11 15:34 - 2015-07-28 16:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-11 15:34 - 2015-07-28 16:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-11 15:34 - 2015-07-28 16:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-11 15:34 - 2015-07-28 16:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-11 15:34 - 2015-07-28 16:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-11 15:34 - 2015-07-28 15:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-11 15:34 - 2015-07-15 14:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 15:34 - 2015-07-15 14:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-11 15:34 - 2015-07-15 14:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 15:34 - 2015-07-15 14:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 15:34 - 2015-07-15 14:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 15:34 - 2015-07-15 14:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-11 15:34 - 2015-07-15 14:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-11 15:34 - 2015-07-15 14:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-11 15:34 - 2015-07-15 14:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-11 15:34 - 2015-07-15 14:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-11 15:34 - 2015-07-15 14:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-11 15:34 - 2015-07-15 14:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-11 15:34 - 2015-07-15 14:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-11 15:34 - 2015-07-15 14:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-11 15:34 - 2015-07-15 14:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-11 15:34 - 2015-07-15 14:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-11 15:34 - 2015-07-15 14:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-11 15:34 - 2015-07-15 14:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-11 15:34 - 2015-07-15 13:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-11 15:34 - 2015-07-15 13:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-11 15:34 - 2015-07-15 13:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-11 15:34 - 2015-07-15 13:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-11 15:34 - 2015-07-15 13:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-11 15:34 - 2015-07-15 13:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-11 15:34 - 2015-07-15 13:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-11 15:34 - 2015-07-15 13:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-11 15:34 - 2015-07-15 13:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-11 15:34 - 2015-07-15 13:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-11 15:34 - 2015-07-15 13:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-11 15:34 - 2015-07-15 13:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-11 15:34 - 2015-07-15 13:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-11 15:34 - 2015-07-15 13:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-11 15:34 - 2015-07-15 13:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-11 15:34 - 2015-07-15 13:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-11 15:34 - 2015-07-15 13:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-11 15:34 - 2015-07-15 13:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-11 15:34 - 2015-07-15 13:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-11 15:34 - 2015-07-15 13:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-11 15:34 - 2015-07-15 13:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-11 15:34 - 2015-07-15 13:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 12:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-11 15:34 - 2015-07-15 12:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-11 15:34 - 2015-07-15 12:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-11 15:34 - 2015-07-15 12:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-11 15:34 - 2015-07-15 12:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-11 15:34 - 2015-07-15 12:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 12:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 12:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 15:34 - 2015-07-15 12:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-11 15:33 - 2015-07-20 20:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-11 15:33 - 2015-07-20 20:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-11 15:33 - 2015-07-16 16:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-11 15:33 - 2015-07-16 16:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-11 15:33 - 2015-07-16 16:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 15:33 - 2015-07-16 16:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 15:33 - 2015-07-16 16:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-11 15:33 - 2015-07-16 16:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 15:33 - 2015-07-16 16:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-11 15:33 - 2015-07-16 16:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-11 15:33 - 2015-07-16 16:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 15:33 - 2015-07-16 16:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-11 15:33 - 2015-07-16 16:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 15:33 - 2015-07-16 16:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 15:33 - 2015-07-16 16:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-11 15:33 - 2015-07-16 16:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-11 15:33 - 2015-07-16 16:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-11 15:33 - 2015-07-16 16:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-11 15:33 - 2015-07-16 16:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-11 15:33 - 2015-07-16 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-11 15:33 - 2015-07-16 15:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-11 15:33 - 2015-07-16 15:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-11 15:33 - 2015-07-16 15:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-11 15:33 - 2015-07-16 15:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-11 15:33 - 2015-07-16 15:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-11 15:33 - 2015-07-16 15:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-11 15:33 - 2015-07-16 15:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-11 15:33 - 2015-07-16 15:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-11 15:33 - 2015-07-16 15:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-11 15:33 - 2015-07-16 15:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-11 15:33 - 2015-07-16 15:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-11 15:33 - 2015-07-16 15:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 15:33 - 2015-07-16 15:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-11 15:33 - 2015-07-16 15:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-11 15:33 - 2015-07-16 15:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-11 15:33 - 2015-07-16 15:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 15:33 - 2015-07-16 15:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-11 15:33 - 2015-07-16 15:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 15:33 - 2015-07-16 15:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-11 15:33 - 2015-07-16 15:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 15:33 - 2015-07-16 15:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-11 15:33 - 2015-07-16 15:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-11 15:33 - 2015-07-16 15:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-11 15:33 - 2015-07-16 15:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-11 15:33 - 2015-07-16 15:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-11 15:33 - 2015-07-16 15:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-11 15:33 - 2015-07-16 15:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 15:33 - 2015-07-16 15:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-11 15:33 - 2015-07-16 15:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-11 15:33 - 2015-07-16 15:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-11 15:33 - 2015-07-16 15:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-11 15:33 - 2015-07-16 15:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 15:33 - 2015-07-16 14:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-11 15:33 - 2015-07-16 14:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-11 15:33 - 2015-07-16 14:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-11 15:33 - 2015-07-16 14:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-11 15:33 - 2015-07-14 23:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 15:32 - 2015-07-30 14:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-11 15:32 - 2015-07-30 14:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 15:32 - 2015-07-30 14:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 15:32 - 2015-07-30 14:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-11 15:32 - 2015-07-30 14:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 15:32 - 2015-07-30 14:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-11 15:32 - 2015-07-30 14:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-11 15:32 - 2015-07-30 13:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-11 15:32 - 2015-07-30 13:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-11 15:32 - 2015-07-30 13:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-11 15:32 - 2015-07-30 13:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-11 15:32 - 2015-07-30 13:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-11 15:32 - 2015-07-30 13:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-11 15:32 - 2015-07-30 12:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 15:32 - 2015-07-30 12:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 15:32 - 2015-07-30 12:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-11 15:32 - 2015-07-20 14:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 15:32 - 2015-07-20 14:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 15:32 - 2015-07-20 14:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-11 15:32 - 2015-07-20 14:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-11 15:32 - 2015-07-20 14:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 15:32 - 2015-07-20 14:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-11 15:32 - 2015-07-20 14:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-11 15:32 - 2015-07-20 14:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-11 15:32 - 2015-07-20 14:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-11 15:32 - 2015-07-20 14:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-11 15:32 - 2015-07-20 14:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-11 15:32 - 2015-07-20 13:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-11 15:32 - 2015-07-20 13:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-11 15:32 - 2015-07-20 13:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-11 15:32 - 2015-07-20 13:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-11 15:32 - 2015-07-20 13:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-11 15:32 - 2015-07-16 15:12 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-11 15:32 - 2015-07-16 15:12 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-11 15:32 - 2015-07-16 15:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-11 15:32 - 2015-07-16 15:11 - 05779456 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 15:32 - 2015-07-16 15:11 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-11 15:32 - 2015-07-16 15:11 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-11 15:32 - 2015-07-14 23:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 15:32 - 2015-07-14 23:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 15:32 - 2015-07-14 23:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-11 15:32 - 2015-07-14 23:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 15:32 - 2015-07-14 22:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-11 15:32 - 2015-07-14 22:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-11 15:32 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-11 15:32 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-11 15:32 - 2015-07-10 13:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 15:32 - 2015-07-10 13:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-11 15:32 - 2015-07-09 13:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 15:32 - 2015-07-09 13:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 15:32 - 2015-07-09 13:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-11 15:32 - 2015-07-01 16:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 15:32 - 2015-07-01 16:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-11 15:32 - 2015-07-01 16:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-11 15:32 - 2015-07-01 16:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-11 15:32 - 2015-05-09 14:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-08 08:06 - 2013-10-07 19:49 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583409717-3979321060-2320764336-1000UA.job
2015-09-08 08:02 - 2012-04-26 21:16 - 01454094 _____ C:\Windows\WindowsUpdate.log
2015-09-08 07:51 - 2009-07-14 00:45 - 00027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-08 07:51 - 2009-07-14 00:45 - 00027360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-08 07:50 - 2012-10-18 20:54 - 00000000 ____D C:\Users\havoc\AppData\Local\Deployment
2015-09-08 07:46 - 2014-06-26 06:18 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-08 07:23 - 2014-06-26 06:18 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-08 07:12 - 2012-04-29 14:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-07 20:06 - 2013-10-07 19:49 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583409717-3979321060-2320764336-1000Core.job
2015-09-06 22:15 - 2012-11-17 23:27 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-06 22:15 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-06 22:15 - 2009-07-14 00:51 - 00070377 _____ C:\Windows\setupact.log
2015-09-06 22:02 - 2015-07-18 15:59 - 00000000 ____D C:\Users\havoc\OneDrive
2015-09-06 22:01 - 2014-06-26 06:21 - 00000000 ___RD C:\Users\havoc\Google Drive
2015-09-06 21:59 - 2010-11-20 23:47 - 00822774 _____ C:\Windows\PFRO.log
2015-09-06 21:54 - 2014-06-09 21:37 - 00002150 _____ C:\Windows\epplauncher.mif
2015-09-06 21:54 - 2014-06-09 21:37 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-09-06 21:54 - 2014-06-09 21:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-09-05 17:53 - 2014-03-29 00:47 - 00000000 ____D C:\Users\havoc\AppData\Local\Battle.net
2015-09-05 17:24 - 2015-06-03 18:56 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-09-04 16:37 - 2015-07-07 17:55 - 00000000 ____D C:\Users\havoc\Desktop\From Laptop
2015-09-04 08:57 - 2013-01-15 23:55 - 00000000 ____D C:\ProgramData\Zoomex
2015-09-04 07:33 - 2009-07-14 01:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-03 10:14 - 2012-10-17 18:04 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-09-03 10:07 - 2012-04-29 15:03 - 00000000 ____D C:\Users\havoc\AppData\Roaming\Adobe
2015-09-03 09:58 - 2012-05-06 10:07 - 00000000 ____D C:\Users\havoc\.VirtualBox
2015-09-03 09:20 - 2014-06-05 21:06 - 00000000 ____D C:\Program Files (x86)\Kingo Android ROOT
2015-09-03 09:16 - 2012-10-15 18:48 - 00000000 ____D C:\Windows\system32\appmgmt
2015-09-02 10:16 - 2015-07-14 13:00 - 00000000 ____D C:\Users\havoc\Documents\ArcSight
2015-08-28 16:52 - 2014-03-29 00:46 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-26 10:45 - 2013-12-30 21:18 - 00000000 ____D C:\ProgramData\WinWeb protection
2015-08-26 10:44 - 2014-01-06 19:58 - 00000000 ____D C:\ProgramData\System Booster
2015-08-26 09:26 - 2012-04-26 21:16 - 00000000 ____D C:\Users\havoc
2015-08-25 21:00 - 2013-12-30 22:12 - 00000000 ____D C:\ProgramData\WebPlat
2015-08-25 21:00 - 2013-01-15 23:55 - 00000000 ____D C:\Program Files (x86)\ZoomEx
2015-08-25 18:16 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\spool
2015-08-25 13:13 - 2012-11-12 11:02 - 00002220 ____H C:\Users\havoc\Documents\Default.rdp
2015-08-25 13:02 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-08-21 10:15 - 2014-03-29 00:51 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-19 16:01 - 2015-07-18 15:59 - 00002157 _____ C:\Users\havoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-08-18 13:13 - 2012-04-30 17:26 - 00000000 ____D C:\Users\havoc\AppData\Local\Microsoft Help
2015-08-14 03:00 - 2012-04-30 17:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 08:04 - 2015-03-12 07:00 - 00000000 ___RD C:\Users\havoc\Podcasts
2015-08-12 04:32 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-08-12 04:07 - 2009-07-14 00:45 - 00437688 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 04:05 - 2013-10-26 12:50 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 04:05 - 2013-10-26 12:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 04:01 - 2014-12-10 04:24 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 04:01 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 03:41 - 2015-07-16 11:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-12 03:39 - 2013-10-26 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 03:17 - 2009-07-13 22:34 - 00000478 _____ C:\Windows\win.ini
2015-08-12 03:10 - 2013-08-14 03:00 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 03:02 - 2012-04-28 19:01 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-11 22:12 - 2012-04-29 14:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-11 22:12 - 2012-04-29 14:20 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-11 22:12 - 2012-04-29 14:20 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2015-06-03 10:15 - 2015-06-09 20:50 - 0000600 _____ () C:\Users\havoc\AppData\Roaming\winscp.rnd
2012-10-26 21:20 - 2015-06-04 18:24 - 0000600 _____ () C:\Users\havoc\AppData\Local\PUTTY.RND
2013-03-09 09:14 - 2014-08-13 01:14 - 0007596 _____ () C:\Users\havoc\AppData\Local\Resmon.ResmonCfg
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\havoc\AppData\Local\setup.txt

Some files in TEMP:
====================
C:\Users\havoc\AppData\Local\Temp\ose00000.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-03 15:23

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-09-2015
Ran by havoc (2015-09-08 08:09:41)
Running from C:\Users\havoc\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1583409717-3979321060-2320764336-500 - Administrator - Disabled)
Guest (S-1-5-21-1583409717-3979321060-2320764336-501 - Limited - Enabled)
havoc (S-1-5-21-1583409717-3979321060-2320764336-1000 - Administrator - Enabled) => C:\Users\havoc
HomeGroupUser$ (S-1-5-21-1583409717-3979321060-2320764336-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-1583409717-3979321060-2320764336-1005 - Limited - Enabled) => C:\Users\TEMP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: Spybot - Search and Destroy (Enabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{1CAFFEC6-23B4-484B-B17B-3200BE5C5636}) (Version: 99.9 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{1ce01891-839b-4ad1-b629-2e608ba0c6ba}) (Version: 1.0 - )
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{B7908254-D208-7C46-8201-7EBC1BFF8D12}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
ArcSight ESM Console 6.5c (HKLM-x32\...\ArcSight ESM Console 6.5c) (Version: 6.5.0.0 - HP Software)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.8.0 - Asmedia Technology)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.2.4 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.4.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{9D29D67C-315D-46A1-A3A9-3CAF24871578}) (Version: 1.0.022 - ASUSTek Computer Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bitvise SSH Client 6.31 (remove only) (HKLM-x32\...\BvSshClient) (Version: - )
Bitvise SSH Server 6.31 (remove only) (HKLM-x32\...\Bitvise SSH Server) (Version: - )
calibre (HKLM-x32\...\{6C086582-8A0F-49D8-9E0D-82AAF2912118}) (Version: 2.33.0 - Kovid Goyal)
Citrix online plug-in (HKLM-x32\...\CitrixOnlinePluginFull) (Version: 12.3.0.8 - Citrix Systems, Inc.)
Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 38.0.5.2 - COMODO)
Curse Client (HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Duplicate Cleaner Free 3.2.1 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.1 - DigitalVolcano Software Ltd) <==== ATTENTION
DVD-Cloner V10.10 Build 1203 (HKLM-x32\...\DVD-Cloner 2013_is1) (Version: 10.10.0.1203 - OpenCloner Inc.)
EasyTether (HKLM-x32\...\{58b5cbff-7ea4-4fd1-b6c0-9d569faea882}) (Version: 1.3.1 - Mobile Stream)
EasyTether (Version: 1.3.1 - Mobile Stream) Hidden
EasyTether ADB USB driver (HKLM\...\{50DD726D-E167-4237-9C26-6057E421753B}) (Version: 1.0.4 - Mobile Stream)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-400 Series Printer Uninstall (HKLM\...\EPSON XP-400 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{2A83AD05-56E6-3FBD-8752-B4143162EF59}) (Version: 4.9.1.16010 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
H&R Block Deluxe + Efile + State 2014 (HKLM-x32\...\{BDA77C08-60A6-4AAB-B5A9-849ECF399A49}) (Version: 14.05.6401 - HRB Technology, LLC.)
H&R Block South Carolina 2014 (HKLM-x32\...\{3E2F022A-BAC6-4CD4-9C02-1DDDD32C52DA}) (Version: 1.14.2601 - HRB Technology, LLC.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Network Connections 16.5.2.0 (HKLM\...\PROSetDX) (Version: 16.5.2.0 - Intel)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Logitech SetPoint 6.52 (HKLM\...\sp6) (Version: 6.52.74 - Logitech)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\...\MusicManager) (Version: - Google, Inc.)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
Nmap 6.47 (HKLM-x32\...\Nmap) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
Nuance PDF Reader (HKLM-x32\...\{5F6C549F-78DA-4E0E-AE70-0BD981936D99}) (Version: 7.00.0000 - Nuance Communications, Inc.)
NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Oracle VM VirtualBox 4.1.14 (HKLM\...\{C6400179-A2BD-4491-AD13-CEC9DD066246}) (Version: 4.1.14 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pdf995 (installed by H&R Block) (HKLM-x32\...\Pdf995) (Version: - )
PDFBinder (HKLM-x32\...\{8BA03AC2-579F-41CD-A250-740137D86F7A}) (Version: 1.0.0 - Malamute.dk)
PdfEdit995 (installed by H&R Block) (HKLM-x32\...\PdfEdit995) (Version: - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sharepod 4.0.1.1 (HKLM-x32\...\{085BCFB8-F6FB-4600-AFAB-1F6DBC7F5F99}_is1) (Version: - Macroplant LLC)
Software Updater (HKLM-x32\...\{7B3A525D-9D3D-4618-AE52-A31DE98C8AC3}) (Version: 4.1.4 - SEIKO EPSON CORPORATION)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Synergy (HKLM-x32\...\Synergy) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.2.0 - Tweaking.com)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{BF1B3F01-93F3-4B83-93DB-132EB1AED259}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{BF1B3F01-93F3-4B83-93DB-132EB1AED259}) (Version: - Microsoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinArchiver Virtual Drive (HKLM-x32\...\WinArchiver Virtual Drive) (Version: 2.8 - WinArchiver Computing, Inc.)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.7.3 (HKLM-x32\...\winscp3_is1) (Version: 5.7.3 - Martin Prikryl)
Wireshark 1.8.0 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.0 - The Wireshark developer community, http://www.wireshark.org)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Youtube Downloader HD v. 2.9.9.21 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Youtube to MP3 Converter v. 1.4 (HKLM-x32\...\Youtube to MP3 Converter_is1) (Version: - YoutubeDownloaderHD.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1583409717-3979321060-2320764336-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\havoc\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1583409717-3979321060-2320764336-1000_Classes\CLSID\{3ff50c7e-7820-4f54-afaa-c3b1b967f0a9}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1583409717-3979321060-2320764336-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\havoc\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1583409717-3979321060-2320764336-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\havoc\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1583409717-3979321060-2320764336-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\havoc\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1583409717-3979321060-2320764336-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\havoc\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1583409717-3979321060-2320764336-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\havoc\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1583409717-3979321060-2320764336-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\havoc\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1583409717-3979321060-2320764336-1000_Classes\CLSID\{c74c84a3-42b5-482b-8ce3-ca56e10ccf16}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1583409717-3979321060-2320764336-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\havoc\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1583409717-3979321060-2320764336-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\havoc\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1583409717-3979321060-2320764336-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\havoc\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

03-09-2015 06:06:03 Scheduled Checkpoint
03-09-2015 08:11:23 avast! antivirus system restore point
03-09-2015 09:20:38 Removed Apple Software Update
03-09-2015 10:14:05 Windows Update
06-09-2015 22:27:11 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2015-09-03 09:44 - 00450926 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 http://subscribermgmt.rr.com
192.168.2.216 esm-65
192.168.2.202 halemi2
127.0.0.1 adnetworkperformance.com
127.0.0.1 live.topupdateup.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com

There are 1000 more lines.

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {38F3B3A9-5973-4CDF-B4A3-0276C33F6E6C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1583409717-3979321060-2320764336-1000Core => C:\Users\havoc\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-07] (Google Inc.)
Task: {540FD2A1-5956-4EE7-9518-7A21814E77A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {5DE7E962-B767-4C70-844C-20F71F24134B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {736F5830-092C-4ECB-94BE-DABE65F32BAB} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {766C73BF-C1C4-41EB-B1D0-CAC2B7EEA5B6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {8BBCE216-1477-4DEE-8A97-B028307AEDD1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {9C3FC109-2086-4121-B633-7102CCB2CC76} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: {9D1B3033-E673-4E0F-B47C-38120F575122} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {A1CD42F7-89DF-4557-BE87-9768C22DFA5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {A59B16EB-57B0-4DFD-8747-0BCC6DCBDAB5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1583409717-3979321060-2320764336-1000UA => C:\Users\havoc\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-07] (Google Inc.)
Task: {B2D8B47E-2E0C-4B24-990C-E9E555F5F60A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {C0265AEA-B5AF-4DE0-8981-87B2D15D9C38} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {C1236EA7-8207-43AC-979A-C31BAFBEA462} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {C37400E0-B234-4111-B7C3-02C6B003DECD} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {C3A92E25-834D-4312-AC9C-14C7422BAFD5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {E9644C70-8B10-4994-9425-A279A533CCC1} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-06-21] (ASUSTek Computer Inc.)
Task: {EA663482-CAAC-4DA8-BDBA-B71F919ED1C3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583409717-3979321060-2320764336-1000Core.job => C:\Users\havoc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1583409717-3979321060-2320764336-1000UA.job => C:\Users\havoc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Superclean.job => c:\programdata\{5679e186-c22c-2bac-5679-9e186c22861b}\hqghumeaylnlf.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2012-01-12 09:56 - 2012-01-12 09:56 - 00196608 _____ () C:\Program Files (x86)\WinArchiver Virtual Drive\WAService.exe
2012-11-17 23:27 - 2013-10-23 04:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-24 15:10 - 2012-04-26 16:51 - 00040448 _____ () C:\Windows\System32\pdf995mon64.dll
2013-08-30 20:47 - 2013-08-30 20:47 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 15:41 - 2012-10-22 15:41 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-22 15:42 - 2012-10-22 15:42 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-01-17 12:24 - 2012-01-17 12:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-06-03 15:15 - 2015-06-03 15:15 - 00710000 _____ () C:\Program Files\Bitvise SSH Server\CiProv64.dll
2015-06-22 06:12 - 2015-06-22 06:12 - 01971384 _____ () C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
2015-06-03 15:15 - 2015-06-03 15:15 - 02470192 _____ () C:\Program Files\Bitvise SSH Server\SftpServer.exe
2015-06-16 16:31 - 2015-06-16 16:31 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-01-02 10:42 - 2010-01-02 10:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2006-04-02 16:20 - 2006-04-02 16:20 - 00733184 _____ () C:\Program Files\Synergy\synergys.exe
2013-08-30 20:47 - 2013-08-30 20:47 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-06-05 16:51 - 2013-06-05 16:51 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2013-06-05 16:51 - 2013-06-05 16:51 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
2015-09-03 08:07 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-09-03 08:07 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-09-03 08:07 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-09-03 08:07 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-06-20 12:01 - 2013-06-20 12:01 - 00258048 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2013-05-14 16:11 - 2013-05-14 16:11 - 00049152 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2006-04-02 16:20 - 2006-04-02 16:20 - 00024576 _____ () C:\Program Files\Synergy\synrgyhk.DLL
2013-02-27 15:33 - 2013-02-27 15:33 - 10683392 _____ () C:\Users\havoc\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2013-02-27 15:32 - 2013-02-27 15:32 - 07741952 _____ () C:\Users\havoc\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2013-02-27 15:32 - 2013-02-27 15:32 - 02248192 _____ () C:\Users\havoc\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2013-02-27 15:33 - 2013-02-27 15:33 - 01681408 _____ () C:\Users\havoc\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2013-11-11 21:03 - 2013-11-11 21:03 - 00117248 _____ () C:\Users\havoc\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2013-11-11 21:04 - 2013-11-11 21:04 - 00231936 _____ () C:\Users\havoc\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2013-11-11 21:03 - 2013-11-11 21:03 - 00253440 _____ () C:\Users\havoc\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2013-11-11 21:05 - 2013-11-11 21:05 - 00344064 _____ () C:\Users\havoc\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-02-27 15:33 - 2013-02-27 15:33 - 00026624 _____ () C:\Users\havoc\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2015-09-08 07:48 - 2015-09-08 07:48 - 00098816 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32api.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00110080 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\pywintypes27.dll
2015-09-08 07:48 - 2015-09-08 07:48 - 00364544 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\pythoncom27.dll
2015-09-08 07:48 - 2015-09-08 07:48 - 00045568 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\_socket.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 01160704 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\_ssl.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00320512 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32com.shell.shell.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00713216 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\_hashlib.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 01175040 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\wx._core_.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00805888 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\wx._gdi_.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00811008 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\wx._windows_.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 01062400 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\wx._controls_.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00735232 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\wx._misc_.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00128512 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\_elementtree.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00127488 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\pyexpat.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00557056 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\pysqlite2._sqlite.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00007168 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\hashobjs_ext.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00087552 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\_ctypes.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00119808 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32file.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00108544 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32security.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00018432 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32event.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00038912 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32inet.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00070656 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\wx._html2.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00167936 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32gui.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00011264 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32crypt.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00027136 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\_multiprocessing.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00122368 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\wx._wizard.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00010240 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\select.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00024064 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32pipe.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00686080 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\unicodedata.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00025600 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32pdh.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00525640 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\windows._lib_cacheinvalidation.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00035840 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32process.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00017408 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32profile.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00022528 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\win32ts.pyd
2015-09-08 07:48 - 2015-09-08 07:48 - 00078336 _____ () C:\Users\havoc\AppData\Local\Temp\_MEI85082\wx._animate.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1583409717-3979321060-2320764336-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\havoc\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 82.163.143.169 - 82.163.142.171
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{73CC6B70-D36A-4D6C-9035-3475A366D9D4}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{BF5D7C98-38E9-4AD4-A696-5292D794F0C9}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{7442F97C-191F-49A1-88D7-385045BB045D}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{75D7EA13-4157-4F12-855D-4C7263F30523}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [TCP Query User{BFF4A905-D952-4BA6-AB49-38B9990BEC43}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{DF11BAE7-85BB-482A-A8B2-8D9E02F374FB}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{69E30CC9-161F-4D5C-801F-6EAFE05E397A}] => (Allow) C:\Users\havoc\AppData\Local\Temp\7zS7F23\hppiw.exe
FirewallRules: [{30F3A50F-B455-4041-9846-B1FF33969729}] => (Allow) C:\Users\havoc\AppData\Local\Temp\7zS7F23\hppiw.exe
FirewallRules: [{05B75711-9FBC-4FE6-80E1-835B14403EB4}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{A257720E-4197-45EF-9EF9-95174AC3C4B9}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{C5EABFF4-8D18-466A-8E8E-F8AA06B25E2A}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{DCFDA838-34E2-4097-926A-0E0AA91BA3DD}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{344E0E01-CD90-4670-9124-D716D52726DB}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\FixLauncher.exe
FirewallRules: [{B25EAE0E-4A18-4798-A716-07A9788D7E37}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\FixLauncher.exe
FirewallRules: [{85C15765-BD4D-4C49-8890-B45D6B35980C}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\FixLauncher.exe
FirewallRules: [{836AE6CA-2908-4F0F-A5DC-15CDAF09545C}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\FixLauncher.exe
FirewallRules: [{15C7F58B-33E7-4C4B-873E-E24DB66A962E}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{6AF567B7-7113-4649-AC3B-42321EE0B05A}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{C85C3B08-5867-4D76-9792-1654E48CE0BC}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{864F2230-0BDF-4FAC-B55A-9D3B0EDC5600}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{11E9EF00-9EDC-45B4-BEF2-78AF838D9DA4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{45DD72ED-7E51-434E-8144-4EE968E57CD2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{40F52CDE-652D-4E4C-9926-3616051A9FC1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{9779022B-1446-4DC4-AD9D-59767569B0B2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{3F53A99D-3DA1-4E53-9703-02C1483BE05C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{FED5F176-E5D9-4C3A-9D12-42211333B533}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{5815BDD2-6206-4071-860B-80A86D813367}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{660C6131-CACF-4A5F-924E-876A39961B3B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{ACC883FF-CD54-43CB-B406-032D7A6E40E9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{32D22323-C449-4788-9BCA-2F193DBAA8FE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{29A76A61-4252-4826-AA33-FAA7D5629DD1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{D6355FA0-B9A7-4774-84FB-F24BC57FD71D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{A46C3B71-807E-41DA-9561-9E79B56FE7C0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{77E52FF8-2EBB-49E4-8F1A-67240AC0595D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{DFCF0FD5-3D0F-4014-8984-0E0C3C1D368F}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{6A99E4C8-C9F1-47B4-919D-7CEB41FA87E2}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{E06CFF97-5F60-455B-8769-B1E6E5F6BF17}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2006\Agent.exe
FirewallRules: [{055B710B-B756-49BC-847A-56BE2B7BEB3C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2006\Agent.exe
FirewallRules: [TCP Query User{65D9A7F1-0F7B-4DF1-8B7B-9085CACDD502}C:\programdata\battle.net\agent\agent.2045\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2045\agent.exe
FirewallRules: [UDP Query User{3CA9E34F-B144-404D-93B4-A0E049DDB34B}C:\programdata\battle.net\agent\agent.2045\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2045\agent.exe
FirewallRules: [{E7A04078-67AD-4184-A4E0-2C16E85E0060}] => (Allow) C:\programdata\battle.net\agent\agent.2045\agent.exe
FirewallRules: [{2962435F-E7BD-4A73-8B81-90C6FEA4ED0A}] => (Allow) C:\programdata\battle.net\agent\agent.2045\agent.exe
FirewallRules: [{76A56D17-2D2B-4309-B727-74E4DDD2ABBA}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{7F8A0366-AF18-48C7-9BFC-95F9565048B8}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{281B81E0-C998-46DA-9172-E4958A4B9990}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{9DFE9F52-9C33-4CAE-8A67-5B67D18E383D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{8C360730-FCD1-4768-9F0B-765804BC6512}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{41BB5886-52E3-4BC5-8568-989537E0476C}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{A95087A8-B25F-4532-947A-1A90C1F69431}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{E1EC9AF7-5CA6-4023-A75C-574384C30B83}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{19AFF2C2-E1CB-47A5-B619-7DBC632B221D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{52A7E2BE-D54F-45C1-9FFD-9F8A2E9DA702}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [TCP Query User{A66B6067-57B5-41E8-AFB7-286A152D9131}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [UDP Query User{EC357B65-9EC0-41C8-8538-6B5A9C7D9666}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [{51259C96-9769-44C3-8602-7F854BB869DC}] => (Block) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [{D7994EA6-7AF0-46F2-A6EF-CEDAFB12015A}] => (Block) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [{55DA6352-1B95-4357-950E-EAF8710B2486}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7E7D45F4-5B97-487C-A3B8-72F47E296264}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0D763686-C4B2-4CCF-80E1-CE60A71186BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{B59F415C-1999-45C6-967D-88785E1C8B13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{C9F2F6A3-3F37-453E-B950-0778682FC7C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{C30DCE8D-CEB7-456E-B702-1120668CC3C7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{FB01FDD6-6EC2-4EAF-9E09-864B28BBAEAA}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C8109DD9-DBDC-4C0C-BB30-3B7680B828B2}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F5F8191F-7DED-4C3D-A881-C6E868F9C129}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{0C2CC23C-1D13-459B-8F02-90A160BA97B9}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E19B7441-9DF9-40CC-80F3-F02474C51649}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{65C75036-1D56-411C-B2AC-30A5DA58DCDF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{7C667566-A423-4F35-B0AF-467B1DEF7375}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{E3B478B2-760F-4231-890A-A27881531882}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{DA9427D6-995F-4E9A-A22B-A742258AFAEC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{45457675-6EA9-44E6-AFDB-9B7D801BB6A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [TCP Query User{5079AF01-7A78-4A49-AB5F-2B75A8FC2AA7}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{167977FC-55A4-4918-8767-117503ECA4E0}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [{FDE2F4D2-2908-4B94-B413-D8812AFC5571}] => (Block) C:\windows\explorer.exe
FirewallRules: [{913C8377-3C17-409E-A6C0-74CDB7FCBBEA}] => (Block) C:\windows\explorer.exe
FirewallRules: [TCP Query User{973A4FED-4BF0-4F82-844A-62D9636D574A}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [UDP Query User{22DCEC76-12B1-417E-BE8B-B6002FFBACEF}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [{C4FD064E-E2E0-4568-8008-F3504FC6BC92}] => (Allow) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [{45FBDB26-8466-45EE-B702-6589400B4A72}] => (Allow) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [{329B8311-709F-4929-85F9-E928E900EDEF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{5E647BE5-BC9D-4E5F-80DF-0F9F7B078826}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{0FA931EA-1749-4129-AC12-D485FF740991}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{32B547C0-517F-45BC-8066-21BE1C7A8B2F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{390421F5-B767-40BC-A2BD-662F72CEE8A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{C783034B-4765-4F85-843F-1A784A467533}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [TCP Query User{A9A0383D-639B-4ED0-87AA-E2AA651EEC9A}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{6474A88B-A3A0-485E-8DC6-25C957FA69A3}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{2E48F9BD-4362-4054-AE2C-763CDA842EDE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{BB6AF502-8D07-40EC-9167-6B20120EDA99}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{0A8E2DD6-5F5E-4AD6-912C-ADA3405F0971}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{FEAF538F-ED11-48E1-B862-1DC4901466EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{E866C970-008A-4BC8-BDDC-6EAB12C40CD5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{F2FDF403-F3EF-4963-A2EF-8ACBEF40D296}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{1BF29E8D-DBF5-4060-BD9E-7284286E1482}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{B5102D75-34CD-4D0E-9FBC-1ED90AAEAA5C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [TCP Query User{41A8B462-65B2-4D78-834F-049FBBBD1E60}C:\programdata\battle.net\agent\agent.3322\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3322\agent.exe
FirewallRules: [UDP Query User{4B589251-4E15-415D-AB85-8EAD1D5CFDA8}C:\programdata\battle.net\agent\agent.3322\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3322\agent.exe
FirewallRules: [{DCF7D69F-5741-4DE9-815B-14234A4FD5C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{11869FE5-376F-4EF1-8883-711E0EFF1F12}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [TCP Query User{665FC0D7-EED6-4FE9-87F7-54C022093AAB}C:\programdata\battle.net\agent\agent.3346\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3346\agent.exe
FirewallRules: [UDP Query User{EA0728EA-6658-4E5B-83C7-9B823E0585D3}C:\programdata\battle.net\agent\agent.3346\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3346\agent.exe
FirewallRules: [{AC0B278F-EEF6-4E7A-A0DE-E7361110F238}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{3C9C3B88-9687-4A77-97B3-897276E7B8B2}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [UDP Query User{063FC79D-EAEE-49FA-B42F-DA3A4CDBF0A2}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [TCP Query User{30311C7A-16D0-4B36-97CD-EAB75318A108}C:\programdata\battle.net\agent\agent.3427\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3427\agent.exe
FirewallRules: [UDP Query User{6C40C5B4-2949-4A90-8080-C3DF2F4E7A09}C:\programdata\battle.net\agent\agent.3427\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3427\agent.exe
FirewallRules: [{C59B4768-BD92-4CF6-98EA-0C04B31A972F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{D12B031E-6F2F-458A-86A8-BE2F782AB5FF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{D68A4F1E-A018-43C1-854F-F7BF275191A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{ACB2EA39-9222-4D16-9B51-0A1742B7F0C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{B9693B46-7E00-4290-9A77-E9B9787D0B53}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{472A5A39-495E-430C-9E16-7C2BF8884516}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{68375084-C780-46CF-ABFF-9E709DBB3650}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{176D5BB4-2F6D-4F3E-BAD7-A3D3EBFE3D1B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{88D2EAB3-CD28-49CD-AE79-714300FFCADD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{C7045A69-F312-4425-981E-03223E62C44D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{455E74C0-71B6-4594-AA94-CDD57FD95E0D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{61B8A0AC-8A56-4508-8E6D-20DC6529CF49}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{FE444A11-563F-4E1D-946B-1CF85CBFC426}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{BC6C9C10-6246-41E7-B940-E7FCF21B46EE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [TCP Query User{199876D3-9516-413E-99CA-076B723CC78B}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3688\agent.exe
FirewallRules: [UDP Query User{F5BCB9CD-06A6-4588-B324-E1EBF538EAD2}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3688\agent.exe
FirewallRules: [{1C42E836-5A2B-40BF-ADF0-1B0F5C6E40A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{2857FFB3-80CB-4041-A8E8-A255FD2915C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{F9E637B6-FFBF-4C69-998A-E21E326DF840}C:\program files\openssh\usr\sbin\sshd.exe] => (Allow) C:\program files\openssh\usr\sbin\sshd.exe
FirewallRules: [UDP Query User{1ED21FE6-833D-44E6-AF4F-62FF5979F458}C:\program files\openssh\usr\sbin\sshd.exe] => (Allow) C:\program files\openssh\usr\sbin\sshd.exe
FirewallRules: [TCP Query User{271FE21D-3ABF-4168-955B-1F85A7093A97}C:\program files\synergy\synergys.exe] => (Allow) C:\program files\synergy\synergys.exe
FirewallRules: [UDP Query User{4F1F75C4-A547-42C1-A72B-EF6F3597BDE8}C:\program files\synergy\synergys.exe] => (Allow) C:\program files\synergy\synergys.exe
FirewallRules: [TCP Query User{1A44ED49-C1D1-485D-A0EB-9CB0B7A9C945}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2543C287-2D4F-4E38-A5FD-35B893CCE427}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C0B8C541-E649-4D9B-9E8D-B0708380AF39}C:\program files\synergy\synergys.exe] => (Allow) C:\program files\synergy\synergys.exe
FirewallRules: [UDP Query User{74C663A3-46B6-4DF0-BA97-0A22F1F30AEC}C:\program files\synergy\synergys.exe] => (Allow) C:\program files\synergy\synergys.exe
FirewallRules: [TCP Query User{4668F675-3E6C-4D0A-A375-AEC64D88E8A4}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3EB0F1C7-1E68-4883-B4F7-31B771FA8373}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E9BF9402-9D48-462B-B740-681C49CD0397}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{7B5E3B53-2536-42CE-BCD2-5E52BD469B37}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{994113F5-5A17-4FAE-95B9-7962F7F78469}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{FD195709-94E8-4D5E-AA5D-AA6FAB380876}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{A02BE46E-21A6-4EC1-81A5-04D22A628D6E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0FB59C5C-50A8-4005-9D1F-4F7BBB4F87F5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6FFDDDD5-E141-41F8-B67D-D985A66FD189}] => (Allow) C:\Users\havoc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{A1BB2469-8A00-4225-9EF9-FBE8CC28B116}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{57158E1E-33C2-4CAC-A95B-DF746E1D526C}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3866FFBF-D341-44E3-BAD0-D5222CF47252}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{6D05FCA5-1470-4CAE-A084-291CB9907DC0}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B76BF865-ADEB-43FB-9914-B8B4A428813D}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{79E29BBE-3A7A-4F1E-AFE5-94ECA4B18CA7}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [{1DEC7125-7310-4A64-89CF-8B709092A16F}] => (Allow) C:\Program Files\Bitvise SSH Server\BvSshServer.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: EasyTether Network Adapter
Description: EasyTether Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Mobile Stream
Service: easytether
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: LogMeIn Mirror Driver
Description: LogMeIn Mirror Driver
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: lmimirr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet 200 color M251nw
Description: HP LaserJet 200 color M251nw
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet 200 color M251nw
Description: HP LaserJet 200 color M251nw
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2015 08:02:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4.crt> with error: This network connection does not exist.
.

Error: (09/08/2015 08:02:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4.crt> with error: This network connection does not exist.
.

Error: (09/08/2015 08:02:17 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4.crt> with error: This network connection does not exist.
.

Error: (09/08/2015 08:01:52 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4.crt> with error: This operation returned because the timeout period expired.
.

Error: (09/08/2015 08:01:51 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4.crt> with error: This operation returned because the timeout period expired.
.

Error: (09/08/2015 08:01:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/AFE5D244A8D1194230FF479FE2F897BBCD7A8CB4.crt> with error: This operation returned because the timeout period expired.
.

Error: (09/08/2015 07:49:40 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/08/2015 07:49:30 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/06/2015 10:27:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1583409717-3979321060-2320764336-1005.bak). hr = 0x80070539, The security ID structure is invalid.
.

Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {98eb28fd-489c-473f-a2e7-bb7f4d8d9676}

Error: (09/06/2015 10:18:06 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: BEAST)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

System errors:
=============
Error: (09/07/2015 10:27:28 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 115.18.0.0

Update Source: %NT AUTHORITY51

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/07/2015 10:26:55 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.205.1746.0

Update Source: %NT AUTHORITY51

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/07/2015 10:26:55 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.205.1746.0

Update Source: %NT AUTHORITY51

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/07/2015 10:26:23 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.205.1746.0

Update Source: %NT AUTHORITY59

Update Stage: 4.8.0204.00

Source Path: 4.8.0204.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (09/06/2015 10:27:58 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Microsoft Network Inspection service depends the following service: NisDrv. This service might not be installed.

Error: (09/06/2015 10:27:58 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%886

Error Code: 0x80070433

Error description: The dependency service does not exist or has been marked for deletion.

Reason: %%858

Error: (09/06/2015 10:25:40 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (09/06/2015 10:25:38 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (09/06/2015 10:16:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/06/2015 10:15:58 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Microsoft Network Inspection service depends the following service: NisDrv. This service might not be installed.

Microsoft Office:
=========================
Error: (09/08/2015 08:02:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdow...7A8CB4.crtThis network connection does not exist.

Error: (09/08/2015 08:02:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdow...7A8CB4.crtThis network connection does not exist.

Error: (09/08/2015 08:02:17 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdow...7A8CB4.crtThis network connection does not exist.

Error: (09/08/2015 08:01:52 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdow...7A8CB4.crtThis operation returned because the timeout period expired.

Error: (09/08/2015 08:01:51 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdow...7A8CB4.crtThis operation returned because the timeout period expired.

Error: (09/08/2015 08:01:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdow...7A8CB4.crtThis operation returned because the timeout period expired.

Error: (09/08/2015 07:49:40 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Citrix\ICA Client\MFC80.DLLC:\Program Files (x86)\Citrix\ICA Client\Microsoft.VC80.MFCLOC.MANIFEST5

Error: (09/08/2015 07:49:30 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Citrix\ICA Client\MFC80.DLLC:\Program Files (x86)\Citrix\ICA Client\Microsoft.VC80.MFCLOC.MANIFEST5

Error: (09/06/2015 10:27:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1583409717-3979321060-2320764336-1005.bak)0x80070539, The security ID structure is invalid.

Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {98eb28fd-489c-473f-a2e7-bb7f4d8d9676}

Error: (09/06/2015 10:18:06 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: BEAST)
Description:

CodeIntegrity:
===================================
Date: 2015-09-08 08:06:57.896
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-08 08:01:02.318
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-08 07:46:04.933
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-11-25 12:17:52.318
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD FX(tm)-8120 Eight-Core Processor
Percentage of memory in use: 19%
Total physical RAM: 16328.28 MB
Available physical RAM: 13138.34 MB
Total Virtual: 32654.48 MB
Available Virtual: 29344.72 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:109.54 GB) NTFS
Drive v: (Virtuals) (Fixed) (Total:298.09 GB) (Free:223.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EFA8E477)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: A3DC4663)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-09-08 17:58:42
-----------------------------
17:58:42.935 OS Version: Windows x64 6.1.7601 Service Pack 1
17:58:42.935 Number of processors: 8 586 0x102
17:58:42.936 ComputerName: BEAST UserName: havoc
17:58:44.798 Initialize success
17:58:44.863 VM: initialized successfully
17:58:44.864 VM: Amd CPU supported
18:01:52.630 AVAST engine defs: 15090803
18:02:02.691 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-4
18:02:02.693 Disk 0 Vendor: ST500DM002-1BD142 KC44 Size: 476940MB BusType: 11
18:02:02.696 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
18:02:02.698 Disk 1 Vendor: ST3320620AS 3.AAK Size: 305245MB BusType: 11
18:02:02.835 Disk 0 MBR read successfully
18:02:02.838 Disk 0 MBR scan
18:02:02.872 Disk 0 Windows 7 default MBR code
18:02:02.883 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:02:02.888 Disk 0 default boot code
18:02:02.922 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
18:02:02.994 Disk 0 scanning C:\Windows\system32\drivers
18:02:18.696 Service scanning
18:02:53.469 Modules scanning
18:02:53.474 Disk 0 trace - called modules:
18:02:53.482 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
18:02:53.486 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800dc63790]
18:02:53.490 3 CLASSPNP.SYS[fffff880019a743f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP4T0L0-4[0xfffffa800da48060]
18:02:56.876 AVAST engine scan C:\Windows
18:02:59.189 AVAST engine scan C:\Windows\system32
18:07:27.965 AVAST engine scan C:\Windows\system32\drivers
18:07:46.413 AVAST engine scan C:\Users\havoc
18:50:11.932 AVAST engine scan C:\ProgramData
18:53:49.812 Disk 0 statistics 5240656/0/0 @ 1.42 MB/s
18:53:49.818 Scan finished successfully
19:03:54.921 Disk 0 MBR has been saved successfully to "C:\Users\havoc\Desktop\MBR.dat"
19:03:54.954 The log file has been saved successfully to "C:\Users\havoc\Desktop\aswMBR.txt"

Thanks in advance.

↧

Cannot install Spybot - redirect error

September 8, 2015, 5:16 pm

≫ Next: tradeadxchange.com Removal-scan

≪ Previous: Malware Removal Assistance

When I try to install Spybot I get the error message

Error sending request
A redirect request will change a non-secure to a secure connection.

I tried in regular and safe mode. I do have some kind of malware on the computer
Thanks for any help

↧

tradeadxchange.com Removal-scan

September 8, 2015, 8:35 pm

≫ Next: DNS Updater

≪ Previous: Cannot install Spybot - redirect error

Hi,
I believe that I have it together, now.
I am attaching the following:
-aswMBR log
I received a message indicating that both FRST.txt and Addition.txt are to long to be attached.

I am copying them in the reply to the thread:

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
Ran by equipo2 (administrator) on EEZV-EQUIPO2-HP (08-09-2015 22:08:33)
Running from C:\Users\equipo2\Desktop
Loaded Profiles: equipo2 (Available Profiles: equipo2 & DefaultAppPool)
Platform: Windows 10 Home (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\YouCam\YCMMirage.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Hewlett-Packard Co.) C:\Program Files\hp\HP Officejet Pro X476dw MFP\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\hp\HP Officejet Pro X476dw MFP\Bin\HPNetworkCommunicatorCom.exe
(Dropbox, Inc.) C:\Users\equipo2\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1508.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.12711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3730344 2015-07-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2010-10-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iolo Startup] => C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe [4536120 2015-07-24] (iolo technologies, LLC)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911032 2015-03-18] (Microsoft Corporation)
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1079592 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-07-29] (Google)
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Run: [09F184CEBFDA4849CA9645B600CD483758C4028F._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-08-27] (Google Inc.)
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [205480 2007-08-30] (Macrovision Corporation)
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Run: [OneDrive] => C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-25] (Microsoft Corporation)
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Run: [HP Officejet Pro X476dw MFP (NET)] => C:\Program Files\hp\HP Officejet Pro X476dw MFP\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Run: [Dropbox Update] => C:\Users\equipo2\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-24] (Dropbox, Inc.)
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
SSODL: EldosMountNotificator-cbfs4 - {4BD75115-4D24-454C-9213-B9699D8C1893} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs4 - {4BD75115-4D24-454C-9213-B9699D8C1893} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ !0Transporter] -> {D03C19B6-E652-4368-84EC-B86C800C452B} => C:\Program Files (x86)\Connected Data\Transporter\TransporterExt.dll [2014-12-08] (Connected Data Inc.)
ShellIconOverlayIdentifiers: [ !1Transporter] -> {F66A1D45-3345-425C-A62A-33081D7E0338} => C:\Program Files (x86)\Connected Data\Transporter\TransporterExt.dll [2014-12-08] (Connected Data Inc.)
ShellIconOverlayIdentifiers: [ !2Transporter] -> {18640773-7F8C-4F62-AAE1-862F1CCD3FB4} => C:\Program Files (x86)\Connected Data\Transporter\TransporterExt.dll [2014-12-08] (Connected Data Inc.)
ShellIconOverlayIdentifiers: [ !3Transporter] -> {FFB483B1-E093-4457-9547-73D9DDC546A8} => C:\Program Files (x86)\Connected Data\Transporter\TransporterExt.dll [2014-12-08] (Connected Data Inc.)
ShellIconOverlayIdentifiers: [ !4Transporter] -> {A16F6DC0-AB73-4068-8725-0AF867039A78} => C:\Program Files (x86)\Connected Data\Transporter\TransporterExt.dll [2014-12-08] (Connected Data Inc.)
ShellIconOverlayIdentifiers: [ !5Transporter] -> {6590B207-B84E-4054-9102-BE2118932B3B} => C:\Program Files (x86)\Connected Data\Transporter\TransporterExt.dll [2014-12-08] (Connected Data Inc.)
ShellIconOverlayIdentifiers: [ !6Transporter] -> {845192C8-8E68-4B0F-A871-712DEEFB2D16} => C:\Program Files (x86)\Connected Data\Transporter\TransporterExt.dll [2014-12-08] (Connected Data Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs4] -> {3EEF37CF-AABC-40B3-B6B0-EBD7DFFE78E7} => C:\Windows\system32\cbfsMntNtf4.dll [2013-01-30] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs4] -> {3EEF37CF-AABC-40B3-B6B0-EBD7DFFE78E7} => C:\Windows\SysWOW64\cbfsMntNtf4.dll [2013-01-30] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2014-05-19]
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\equipo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\equipo2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\equipo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla y Selector de OneNote 2010.lnk [2014-02-25]
ShortcutTarget: Recorte de pantalla y Selector de OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1bd54d50-7b1a-4d78-9e99-76f3b53439c3}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{5edaff56-6c60-438c-b20d-1ab10bf61517}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{6ec1d726-53ee-4386-95ca-b57d32f4a517}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{91f4d237-9bb8-4106-ad8b-1261088f384c}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c860732a-6130-453d-a27f-03278251d84b}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPALL/111
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-04-07] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-06-09] (HP)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll No File
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-24] (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-06-09] (HP)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: No Name -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> No File
Toolbar: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\equipo2\AppData\Roaming\Mozilla\Firefox\Profiles\lu9ej73p.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-28] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-08-05] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-12-19] (Nero AG)
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-05-19] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2014-04-07] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-04-07] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2014-04-07] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-05-19] (RealPlayer Cloud)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2011-05-26] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-05-19] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-05-19] (RealPlayer Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-01-14] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\equipo2\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-01-14] (Cisco WebEx LLC)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolibre-mx.xml [2014-06-06]
FF Extension: anonymoX - C:\Users\equipo2\AppData\Roaming\Mozilla\Firefox\Profiles\lu9ej73p.default\Extensions\client@anonymox.net.xpi [2013-11-06]
FF Extension: Adblock Edge - C:\Users\equipo2\AppData\Roaming\Mozilla\Firefox\Profiles\lu9ej73p.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-06-26]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-10-02]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-10-15]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-19]
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "about:blank","chrome://apps/","hxxp://mysearch.avg.com?cid={77ADA367-98CB-407E-B209-4EF99607BF1B}&mid=9a5a8c99e44047d29d2bbd72a3fc6142-c2e6da9e5645ab5026b71e1047dddfd883ea88b1&lang=en&ds=jt011&coid=avgtbdisjt&cmpid=&pr=sa&d=2014-06-06 07:07:41&v=18.1.0.443&pid=safeguard&sg=&sap=hp","hxxp://mysearch.avg.com?cid={77ADA367-98CB-407E-B209-4EF99607BF1B}&mid=9a5a8c99e44047d29d2bbd72a3fc6142-c2e6da9e5645ab5026b71e1047dddfd883ea88b1&lang=en&ds=jt011&coid=avgtbdisjt&cmpid=&pr=sa&d=2014-06-06 07:07:41&v=18.1.7.598&pid=safeguard&sg=&sap=hp"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (__MSG_ext_name__) - internal-remoting-viewer
CHR Plugin: (Remoting Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\pdf.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\gcswf32.dll No File
CHR Plugin: (Flash) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\plugins/avgnpss.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe\1.0_0\npwebsitelogon.dll No File
CHR Plugin: (Simple Pass 2011) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (RealPlayer) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (iTunes Application Detector) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Translator for all languages) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdeidgbmcliegnpcbbkhlflkbdpomhk [2014-03-15]
CHR Extension: (Google Drive) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-23]
CHR Extension: (FVD Video Downloader) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjjnhlldkcmeabhjlopelfhidanhdicg [2015-02-16]
CHR Extension: (YouTube) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-24]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2012-06-01]
CHR Extension: (Google Search) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-24]
CHR Extension: (Ortografía, gramática y diccionario) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhindnacjeiaemdobfpmlbgjgbmkjcl [2014-06-16]
CHR Extension: (Google+) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2014-06-11]
CHR Extension: (Chrome Web Store Launcher (by Google)) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gecgipfabdickgidpmbicneamekgbaej [2014-06-16]
CHR Extension: (Google Docs Offline) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Book Search) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hidpecplnodokhjcplkeejdbmjfmlplm [2014-06-16]
CHR Extension: (Kindle Cloud Reader) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-01-10]
CHR Extension: (Dropbox) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-03-15]
CHR Extension: (Cisco WebEx Extension) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2014-06-26]
CHR Extension: (Adblock Super) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-08-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-16]
CHR Extension: (Google Mail Checker) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2012-08-03]
CHR Extension: (Google Play Books) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2014-06-16]
CHR Extension: (OneDrive) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (LogMeIn) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon [2013-09-05]
CHR Extension: (Gmail) - C:\Users\equipo2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-24]
CHR HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\equipo2\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-10-22]
CHR HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3518376 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [314304 2015-07-07] (AVG Technologies CZ, s.r.o.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [129648 2011-05-26] (Portrait Displays, Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4682040 2015-07-24] (iolo technologies, LLC)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-05] (Microsoft Corporation)
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-05] (PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
S2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-19] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-06-24] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-05] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-05] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [293296 2015-06-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [226784 2015-06-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [295400 2015-06-15] (AVG Technologies CZ, s.r.o.)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [381632 2013-01-30] (EldoS Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-05] (Microsoft Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-10-14] ()
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-11-06] (EldoS Corporation)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-08 22:08 - 2015-09-08 22:12 - 00050073 _____ C:\Users\equipo2\Desktop\FRST.txt
2015-09-08 22:08 - 2015-09-08 22:08 - 00000000 ____D C:\FRST
2015-09-08 22:06 - 2015-09-08 22:07 - 05198336 _____ (AVAST Software) C:\Users\equipo2\Desktop\aswMBR.exe
2015-09-08 22:05 - 2015-09-08 22:07 - 02190336 _____ (Farbar) C:\Users\equipo2\Desktop\FRST64.exe
2015-09-08 22:03 - 2015-09-08 22:03 - 00000000 ____D C:\RegBackup
2015-09-08 22:01 - 2015-09-08 22:01 - 02023465 _____ C:\Users\equipo2\Downloads\tweaking.com_registry_backup_portable.zip
2015-09-08 21:56 - 2015-09-08 21:56 - 00016148 _____ C:\WINDOWS\system32\EEZV-EQUIPO2-HP_equipo2_HistoryPrediction.bin
2015-09-07 15:30 - 2015-09-07 15:30 - 00000000 ____D C:\Users\equipo2\AppData\Local\{9E834BE6-A87C-42D1-8ABA-8D4B90727D33}
2015-09-04 18:25 - 2015-09-04 18:25 - 00000051 _____ C:\Users\equipo2\Downloads\bajar audio y video.txt
2015-09-04 18:06 - 2015-09-08 10:46 - 00151552 _____ C:\WINDOWS\KMSEmulator.exe
2015-09-04 16:53 - 2015-09-04 18:04 - 00000000 ____D C:\AdwCleaner
2015-09-03 19:54 - 2015-09-03 19:54 - 00000000 ____D C:\Users\equipo2\AppData\Local\{338CFF5F-D4D9-4345-BE11-67E6BC93B099}
2015-09-03 17:13 - 2015-09-04 18:29 - 00000020 _____ C:\Users\equipo2\Downloads\virus.txt
2015-09-01 19:55 - 2015-09-01 19:55 - 00002040 _____ C:\Users\equipo2\Desktop\LMP771017AM6_SN_147351_ZEVE630620QZ3.pdf - Acceso directo.lnk
2015-09-01 19:55 - 2015-09-01 19:55 - 00002020 _____ C:\Users\equipo2\Desktop\LMP771017AM6_SN_147351_ZEVE630620QZ3.xml - Acceso directo.lnk
2015-09-01 19:55 - 2015-09-01 19:55 - 00001984 _____ C:\Users\equipo2\Desktop\Farmacia del Ahorro (hernia).pdf - Acceso directo.lnk
2015-09-01 19:55 - 2015-09-01 19:55 - 00001931 _____ C:\Users\equipo2\Desktop\SECFD_20150901_020942.pdf - Acceso directo.lnk
2015-09-01 19:55 - 2015-09-01 19:55 - 00001931 _____ C:\Users\equipo2\Desktop\SECFD_20150901_020915.pdf - Acceso directo.lnk
2015-09-01 19:55 - 2015-09-01 19:55 - 00001911 _____ C:\Users\equipo2\Desktop\SECFD_20150901_020942.xml - Acceso directo.lnk
2015-09-01 19:55 - 2015-09-01 19:55 - 00001911 _____ C:\Users\equipo2\Desktop\SECFD_20150901_020915.xml - Acceso directo.lnk
2015-09-01 18:45 - 2015-09-01 18:45 - 00000000 ____D C:\Users\equipo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-29 03:02 - 2015-08-20 01:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 03:02 - 2015-08-20 00:21 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-29 03:02 - 2015-08-19 23:31 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-29 03:01 - 2015-08-20 01:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 03:01 - 2015-08-20 01:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 03:01 - 2015-08-20 00:57 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-29 03:01 - 2015-08-20 00:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 03:01 - 2015-08-20 00:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 03:01 - 2015-08-20 00:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-29 03:01 - 2015-08-20 00:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 03:01 - 2015-08-18 02:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 03:01 - 2015-08-18 02:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 03:01 - 2015-08-18 02:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 03:01 - 2015-08-18 02:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-29 03:01 - 2015-08-18 02:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-29 03:01 - 2015-08-18 02:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 03:01 - 2015-08-18 02:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 03:01 - 2015-08-18 02:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 03:01 - 2015-08-18 02:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 03:01 - 2015-08-18 02:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 03:01 - 2015-08-18 02:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 03:01 - 2015-08-18 01:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 03:01 - 2015-08-18 01:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 03:01 - 2015-08-18 01:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 03:01 - 2015-08-18 01:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 03:01 - 2015-08-18 01:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 03:01 - 2015-08-18 01:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 03:01 - 2015-08-18 01:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 03:01 - 2015-08-18 01:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 03:01 - 2015-08-18 01:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 03:01 - 2015-08-18 01:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 03:01 - 2015-08-18 01:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 03:01 - 2015-08-18 01:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 03:01 - 2015-08-18 01:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 03:01 - 2015-08-18 01:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 03:01 - 2015-08-18 01:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-29 03:01 - 2015-08-18 01:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 03:01 - 2015-08-18 01:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-29 03:01 - 2015-08-18 01:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-29 03:01 - 2015-08-18 01:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-29 03:01 - 2015-08-18 01:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-29 03:01 - 2015-08-18 01:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-29 03:01 - 2015-08-18 01:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-29 03:01 - 2015-08-17 23:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-26 18:00 - 2015-08-26 18:00 - 00000000 ____D C:\Users\equipo2\AppData\Local\{511C519F-3849-4283-9AB5-C3A01D33851A}
2015-08-26 17:45 - 2015-08-26 17:45 - 00056415 _____ C:\Users\equipo2\Desktop\JRT.txt
2015-08-26 17:24 - 2015-08-26 12:34 - 01798560 _____ (Malwarebytes Corporation) C:\Users\equipo2\Desktop\JRT.exe
2015-08-25 23:17 - 2015-08-25 23:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-25 10:47 - 2015-08-25 10:47 - 00002378 _____ C:\Users\equipo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-21 13:58 - 2015-08-21 13:58 - 00003274 _____ C:\Users\equipo2\Downloads\PRESENTACIÓN MEDIACIÓN.txt
2015-08-19 15:21 - 2015-08-12 23:33 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 15:21 - 2015-08-12 23:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-19 15:21 - 2015-08-12 23:07 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-19 15:21 - 2015-08-11 05:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-19 15:21 - 2015-08-11 04:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-19 15:21 - 2015-08-11 04:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-19 15:21 - 2015-08-11 04:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-19 15:21 - 2015-08-11 04:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-19 15:21 - 2015-08-11 04:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-19 15:21 - 2015-08-11 04:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-19 15:21 - 2015-08-11 04:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-19 15:21 - 2015-08-11 03:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-19 15:21 - 2015-08-11 03:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-19 15:20 - 2015-08-12 23:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-19 15:20 - 2015-08-12 22:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-19 15:20 - 2015-08-11 05:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-19 15:20 - 2015-08-11 05:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-19 15:20 - 2015-08-11 05:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-19 15:20 - 2015-08-11 05:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-19 15:20 - 2015-08-11 05:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-19 15:20 - 2015-08-11 05:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-19 15:20 - 2015-08-11 04:57 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-19 15:20 - 2015-08-11 04:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-19 15:20 - 2015-08-11 04:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-19 15:20 - 2015-08-11 04:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-19 15:20 - 2015-08-11 04:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-19 15:20 - 2015-08-11 04:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-19 15:20 - 2015-08-11 04:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-19 15:20 - 2015-08-11 04:31 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-19 15:20 - 2015-08-11 04:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-19 15:20 - 2015-08-11 04:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-19 15:20 - 2015-08-11 04:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-19 15:20 - 2015-08-11 04:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-19 15:20 - 2015-08-11 04:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-19 15:20 - 2015-08-11 04:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-19 15:20 - 2015-08-11 04:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-19 15:20 - 2015-08-11 04:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-19 15:20 - 2015-08-11 04:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-19 15:20 - 2015-08-11 04:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-19 15:20 - 2015-08-11 04:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-19 15:20 - 2015-08-11 04:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 15:20 - 2015-08-11 04:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-19 15:20 - 2015-08-11 04:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-19 15:20 - 2015-08-11 04:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-19 15:20 - 2015-08-11 04:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-19 15:20 - 2015-08-11 04:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-19 15:20 - 2015-08-11 04:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-19 15:20 - 2015-08-11 04:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-19 15:20 - 2015-08-11 04:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-19 15:20 - 2015-08-11 04:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-19 15:20 - 2015-08-11 04:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-19 15:20 - 2015-08-11 04:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-19 15:20 - 2015-08-11 04:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-19 15:20 - 2015-08-11 04:02 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-19 15:20 - 2015-08-11 04:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-19 15:20 - 2015-08-11 04:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-19 15:20 - 2015-08-11 04:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-19 15:20 - 2015-08-11 04:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-19 15:20 - 2015-08-11 04:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-19 15:20 - 2015-08-11 03:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-19 15:20 - 2015-08-11 03:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-19 15:20 - 2015-08-11 03:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-19 15:20 - 2015-08-11 03:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-19 15:20 - 2015-08-11 03:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-19 15:20 - 2015-08-11 03:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-19 15:20 - 2015-08-11 03:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-19 15:20 - 2015-08-11 03:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-19 15:20 - 2015-08-11 03:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-19 15:20 - 2015-08-11 03:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-19 15:20 - 2015-08-11 03:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-19 15:20 - 2015-08-11 03:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-19 15:20 - 2015-08-11 03:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 15:20 - 2015-08-11 03:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-19 15:20 - 2015-08-11 03:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-19 15:20 - 2015-08-11 03:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-19 15:20 - 2015-08-11 03:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-19 15:20 - 2015-08-11 03:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-19 15:20 - 2015-08-11 03:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-19 15:20 - 2015-08-11 03:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-19 15:20 - 2015-08-11 03:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-17 16:37 - 2015-08-17 16:38 - 00000000 ____D C:\Program Files (x86)\Tagscan5.1.668
2015-08-17 11:47 - 2015-08-17 11:47 - 00074703 _____ C:\WINDOWS\SysWOW64\mfc45.dat
2015-08-12 01:56 - 2015-08-08 01:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 01:56 - 2015-08-08 01:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 01:56 - 2015-08-08 01:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 01:56 - 2015-08-04 23:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-12 01:56 - 2015-08-03 23:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-12 01:56 - 2015-08-03 21:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-12 01:56 - 2015-08-03 21:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-12 01:56 - 2015-08-02 21:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-12 01:56 - 2015-08-02 21:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-12 01:56 - 2015-08-02 20:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-12 01:56 - 2015-08-02 20:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-12 01:56 - 2015-08-02 20:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-12 01:56 - 2015-08-02 20:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 01:56 - 2015-08-02 20:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-12 01:56 - 2015-08-02 20:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-12 01:56 - 2015-08-02 20:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-12 01:56 - 2015-08-02 20:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-12 01:56 - 2015-08-02 20:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 01:55 - 2015-08-08 02:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 01:55 - 2015-08-08 02:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-12 01:55 - 2015-08-08 02:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 01:55 - 2015-08-08 01:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-12 01:55 - 2015-08-08 01:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 01:55 - 2015-08-08 01:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 01:55 - 2015-08-05 22:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-12 01:55 - 2015-08-05 22:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-12 01:55 - 2015-08-05 21:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-12 01:55 - 2015-08-04 23:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-12 01:55 - 2015-08-04 23:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-12 01:55 - 2015-08-04 22:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-12 01:55 - 2015-08-04 22:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-12 01:55 - 2015-08-04 22:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-12 01:55 - 2015-08-03 23:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 01:55 - 2015-08-03 23:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-12 01:55 - 2015-08-03 22:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-12 01:55 - 2015-08-02 21:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-12 01:55 - 2015-08-02 21:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-12 01:55 - 2015-08-02 21:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-12 01:55 - 2015-08-02 21:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-12 01:55 - 2015-08-02 21:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-12 01:55 - 2015-08-02 21:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-12 01:55 - 2015-08-02 21:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-12 01:55 - 2015-08-02 21:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-12 01:55 - 2015-08-02 21:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-12 01:55 - 2015-08-02 20:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-12 01:55 - 2015-08-02 20:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-12 01:55 - 2015-08-02 20:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-12 01:55 - 2015-08-02 20:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-12 01:55 - 2015-08-02 20:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-12 01:55 - 2015-08-02 20:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-12 01:55 - 2015-08-02 20:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-12 01:55 - 2015-08-02 20:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-12 01:55 - 2015-08-02 20:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-12 01:55 - 2015-08-02 20:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 01:55 - 2015-08-02 20:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 01:55 - 2015-08-02 20:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-12 01:55 - 2015-08-02 20:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-12 01:55 - 2015-08-02 20:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-12 01:55 - 2015-08-02 20:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-12 01:55 - 2015-08-02 20:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-12 01:55 - 2015-08-02 20:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-12 01:55 - 2015-08-02 20:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-12 01:55 - 2015-08-02 20:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-12 01:55 - 2015-08-02 20:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-12 01:55 - 2015-08-02 20:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-12 01:55 - 2015-08-02 20:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 01:55 - 2015-08-02 20:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-12 01:55 - 2015-08-02 20:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-12 01:55 - 2015-08-02 19:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-09 01:46 - 2014-12-05 21:17 - 00450776 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20150809-014620.backup

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-08 22:13 - 2012-04-25 16:32 - 00000838 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-08 22:06 - 2013-05-08 19:17 - 00000000 ____D C:\Users\equipo2\Downloads\soporte
2015-09-08 22:01 - 2012-04-24 20:06 - 00001076 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-08 21:56 - 2012-04-17 17:37 - 00000000 ____D C:\Users\equipo2\Documents\Archivos de Outlook
2015-09-08 21:55 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-08 21:35 - 2013-06-05 20:21 - 00000000 ____D C:\Users\equipo2\AppData\Local\07EEFC3E-BFFF-4F02-A4B1-F6FAD94C9CFC.aplzod
2015-09-08 21:29 - 2015-06-24 11:18 - 00000968 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1836801894-3176324447-3799621063-1000UA.job
2015-09-08 16:57 - 2014-10-30 12:45 - 00000036 ____H C:\Users\equipo2\Documents\PP11Thumbs.ptn2
2015-09-08 16:57 - 2014-07-15 12:56 - 00806360 ____H C:\Users\equipo2\Documents\PP11Thumbs.ptn
2015-09-08 16:57 - 2013-11-04 14:36 - 00000142 ____H C:\Users\equipo2\Documents\maxdesk.ini2
2015-09-08 16:56 - 2013-11-28 12:10 - 00004224 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{341B1B07-5BFC-4DE2-AB2A-5B3A62028BA8}
2015-09-08 16:01 - 2012-04-24 20:06 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-08 14:03 - 2015-07-31 12:03 - 00000000 _____ C:\Users\equipo2\Documents\Nuance Image Printer Writer Port
2015-09-08 12:06 - 2015-07-10 07:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-08 10:51 - 2012-05-21 18:56 - 00000000 ____D C:\ProgramData\MFAData
2015-09-08 10:49 - 2014-08-18 11:24 - 00000000 ____D C:\Users\equipo2\OneDrive
2015-09-08 10:49 - 2013-10-22 18:24 - 00000000 ___RD C:\Users\equipo2\Google Drive
2015-09-08 10:49 - 2012-04-17 18:21 - 00000000 ___RD C:\Users\equipo2\Dropbox
2015-09-08 10:49 - 2012-04-17 18:20 - 00000000 ____D C:\Users\equipo2\AppData\Roaming\Dropbox
2015-09-08 10:48 - 2014-09-22 10:56 - 00000000 ___RD C:\Users\equipo2\iCloudDrive
2015-09-08 10:47 - 2013-01-22 17:43 - 00000354 _____ C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job
2015-09-08 10:46 - 2015-08-05 11:35 - 00000000 ____D C:\Users\equipo2
2015-09-08 10:46 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-08 10:46 - 2014-08-29 11:08 - 00003052 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-09-08 10:46 - 2014-08-29 11:08 - 00000332 _____ C:\WINDOWS\Tasks\AutoKMS.job
2015-09-08 10:46 - 2011-10-14 05:12 - 00000000 ____D C:\ProgramData\truesuite
2015-09-08 10:46 - 2011-10-14 05:07 - 00000000 ____D C:\ProgramData\PDFC
2015-09-08 10:45 - 2015-08-05 11:28 - 00090144 _____ C:\WINDOWS\PFRO.log
2015-09-07 19:06 - 2015-07-10 07:20 - 00018033 _____ C:\WINDOWS\setupact.log
2015-09-07 18:25 - 2015-08-05 05:23 - 00000000 ____D C:\Windows.old
2015-09-07 13:56 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-07 02:29 - 2015-06-24 11:18 - 00000916 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1836801894-3176324447-3799621063-1000Core.job
2015-09-05 02:11 - 2012-04-19 19:10 - 00000000 ____D C:\Users\equipo2\AppData\Roaming\Skype
2015-09-04 18:05 - 2015-07-10 04:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-04 13:15 - 2012-09-20 12:37 - 00003292 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForEEZV-EQUIPO2-HP$
2015-09-04 13:15 - 2012-09-20 12:37 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForEEZV-EQUIPO2-HP$.job
2015-09-03 22:33 - 2013-12-20 20:07 - 00000000 ____D C:\Doctos_Digitales
2015-09-03 14:42 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-03 12:57 - 2013-12-20 20:59 - 00000636 _____ C:\Users\equipo2\CACUSERW.ini
2015-09-02 22:03 - 2015-07-10 04:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-02 18:31 - 2012-04-18 18:44 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-09-01 18:44 - 2014-01-28 14:41 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-01 03:00 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-01 03:00 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-31 06:20 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-28 13:38 - 2015-07-10 11:26 - 00000000 ____D C:\WINDOWS\OCR
2015-08-27 15:56 - 2012-04-24 20:06 - 00004134 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-27 15:56 - 2012-04-24 20:06 - 00003902 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-27 14:48 - 2012-04-17 20:53 - 00000000 ____D C:\Users\equipo2\AppData\Local\Apple Computer
2015-08-26 19:47 - 2012-04-17 01:32 - 00000000 ____D C:\Users\equipo2\AppData\Local\Microsoft Help
2015-08-26 14:49 - 2012-04-17 22:13 - 00000000 ____D C:\Users\equipo2\AppData\Roaming\BitTorrent
2015-08-25 10:39 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-24 21:27 - 2012-04-24 20:06 - 00000000 ____D C:\Users\equipo2\AppData\Local\Google
2015-08-24 19:32 - 2015-08-07 19:13 - 00001481 _____ C:\Users\equipo2\Desktop\DivX Movies.lnk
2015-08-24 19:32 - 2012-04-24 20:06 - 00000000 ____D C:\ProgramData\DivX
2015-08-24 19:32 - 2012-04-24 20:06 - 00000000 ____D C:\Program Files (x86)\DivX
2015-08-24 19:27 - 2014-12-01 11:24 - 00001141 _____ C:\Users\Public\Desktop\DivX Player.lnk
2015-08-24 19:27 - 2013-09-26 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-08-24 19:26 - 2013-09-26 17:44 - 00001206 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2015-08-24 19:26 - 2012-04-24 20:08 - 00000000 ____D C:\Program Files\DivX
2015-08-21 18:19 - 2014-10-29 19:25 - 00003240 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForequipo2
2015-08-21 18:19 - 2014-10-29 19:25 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForequipo2.job
2015-08-20 19:05 - 2015-08-05 11:34 - 02138758 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-20 19:05 - 2015-07-10 11:26 - 00929740 _____ C:\WINDOWS\system32\perfh00A.dat
2015-08-20 19:05 - 2015-07-10 11:26 - 00207582 _____ C:\WINDOWS\system32\perfc00A.dat
2015-08-19 21:21 - 2015-08-05 18:25 - 00000000 ____D C:\Users\equipo2\AppData\Local\Comms
2015-08-17 18:30 - 2015-06-16 18:05 - 00000340 _____ C:\Users\equipo2\Downloads\pendientes.txt
2015-08-17 16:38 - 2012-11-09 11:53 - 00000000 ____D C:\Users\equipo2\AppData\Local\Packages
2015-08-17 11:47 - 2015-07-10 07:20 - 05009120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-17 11:46 - 2013-03-13 09:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-17 11:46 - 2013-03-13 09:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-17 11:44 - 2015-07-10 06:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-17 11:44 - 2015-07-10 06:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-17 10:54 - 2012-04-19 19:10 - 00000000 ____D C:\ProgramData\Skype
2015-08-16 10:54 - 2013-10-22 18:20 - 00002117 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-08-16 10:54 - 2013-10-22 18:20 - 00002115 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-08-16 10:54 - 2013-10-22 18:20 - 00002105 _____ C:\Users\Public\Desktop\Google Docs.lnk
2015-08-16 10:54 - 2013-10-22 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-14 13:30 - 2015-04-20 17:39 - 00001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-08-14 13:30 - 2015-04-20 17:39 - 00001030 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-08-13 02:30 - 2012-04-17 01:32 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 02:30 - 2009-07-13 21:34 - 00000513 _____ C:\WINDOWS\win.ini
2015-08-13 02:26 - 2013-03-13 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 02:24 - 2013-08-09 17:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-13 01:59 - 2012-04-23 11:29 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-10 12:45 - 2015-08-05 13:50 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-09 01:45 - 2015-08-05 13:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

==================== Files in the root of some directories =======

2011-10-14 05:12 - 2011-06-09 18:44 - 0002792 _____ () C:\Program Files\HP SimplePass 2011
2012-05-03 20:45 - 2012-05-03 20:45 - 0000701 _____ () C:\Users\equipo2\AppData\Roaming\ConvAPIPlugin.log
2012-04-18 12:55 - 2013-10-24 12:31 - 0003073 _____ () C:\Users\equipo2\AppData\Roaming\Rim.Desktop.Exception.log
2012-04-18 12:41 - 2012-04-18 12:41 - 0001153 _____ () C:\Users\equipo2\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-04-18 12:55 - 2013-10-24 12:31 - 0001232 _____ () C:\Users\equipo2\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-04-26 13:23 - 2014-12-05 16:25 - 0114688 _____ () C:\Users\equipo2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-05-28 16:49 - 2012-05-28 16:49 - 0034814 _____ () C:\Users\equipo2\AppData\Local\dt.dat
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivx04e0
2015-07-08 02:08 - 2015-07-08 02:08 - 0253196 _____ () C:\Users\equipo2\AppData\Local\Tempdivx0d85
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivx0e50
2015-06-17 15:05 - 2015-06-17 15:05 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivx1411
2015-06-24 15:36 - 2015-06-24 15:36 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivx2814
2015-07-08 02:08 - 2015-07-08 02:08 - 0253196 _____ () C:\Users\equipo2\AppData\Local\Tempdivx2b34
2015-06-16 14:38 - 2015-06-16 14:38 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivx3652
2015-06-17 14:57 - 2015-06-17 14:57 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivx3864
2015-06-29 14:11 - 2015-06-29 14:11 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivx3b1a
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivx3b32
2015-07-27 14:40 - 2015-07-27 14:40 - 0043494 _____ () C:\Users\equipo2\AppData\Local\Tempdivx4778
2015-08-07 14:46 - 2015-08-07 14:46 - 0043494 _____ () C:\Users\equipo2\AppData\Local\Tempdivx4afe
2015-07-08 02:08 - 2015-07-08 02:08 - 0253196 _____ () C:\Users\equipo2\AppData\Local\Tempdivx4d05
2015-06-24 15:33 - 2015-06-24 15:33 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivx56a7
2015-06-16 14:35 - 2015-06-16 14:35 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivx599c
2015-06-26 14:15 - 2015-06-26 14:15 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivx5b3e
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivx613c
2015-07-03 14:12 - 2015-07-03 14:12 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivx679b
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivx67f3
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivx73f1
2015-07-08 02:08 - 2015-07-08 02:08 - 0253196 _____ () C:\Users\equipo2\AppData\Local\Tempdivx768d
2015-07-08 14:19 - 2015-07-08 14:19 - 0043485 _____ () C:\Users\equipo2\AppData\Local\Tempdivx7f41
2015-07-06 08:02 - 2015-07-06 08:02 - 0253160 _____ () C:\Users\equipo2\AppData\Local\Tempdivx82f1
2015-07-08 02:08 - 2015-07-08 02:08 - 0253196 _____ () C:\Users\equipo2\AppData\Local\Tempdivx8726
2015-07-08 02:08 - 2015-07-08 02:08 - 0253196 _____ () C:\Users\equipo2\AppData\Local\Tempdivx8b82
2015-08-03 14:53 - 2015-08-03 14:53 - 0043494 _____ () C:\Users\equipo2\AppData\Local\Tempdivx9060
2015-06-24 14:39 - 2015-06-24 14:39 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivx9325
2015-07-08 02:08 - 2015-07-08 02:08 - 0253196 _____ () C:\Users\equipo2\AppData\Local\Tempdivx932f
2015-07-27 14:02 - 2015-07-27 14:02 - 0043494 _____ () C:\Users\equipo2\AppData\Local\Tempdivx9879
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivxa66e
2015-06-26 14:25 - 2015-06-26 14:25 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivxa794
2015-08-07 14:57 - 2015-08-07 14:57 - 0043494 _____ () C:\Users\equipo2\AppData\Local\Tempdivxb293
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivxbc46
2015-07-08 02:08 - 2015-07-08 02:08 - 0253196 _____ () C:\Users\equipo2\AppData\Local\Tempdivxbedd
2015-06-22 19:56 - 2015-06-22 19:56 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivxc020
2015-06-19 14:39 - 2015-06-19 14:39 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivxc52e
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivxc810
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivxc816
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivxcec1
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivxd342
2015-06-11 15:17 - 2015-06-11 15:17 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivxddb4
2015-08-07 14:20 - 2015-08-07 14:20 - 0043494 _____ () C:\Users\equipo2\AppData\Local\Tempdivxe7a0
2015-06-23 14:11 - 2015-06-23 14:11 - 0043682 _____ () C:\Users\equipo2\AppData\Local\Tempdivxe7fc
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivxebe7
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivxec16
2015-08-07 19:11 - 2015-08-07 19:11 - 0043494 _____ () C:\Users\equipo2\AppData\Local\Tempdivxf228
2015-07-31 14:14 - 2015-07-31 14:14 - 0043494 _____ () C:\Users\equipo2\AppData\Local\Tempdivxf44c
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\equipo2\AppData\Local\Tempdivxf6dc
2012-10-15 17:01 - 2012-10-15 17:01 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-04-19 18:24 - 2012-12-13 22:32 - 0026774 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\equipo2\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9tr6sx.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-04 12:51

==================== End of FRST.txt ============================

2. Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-09-2015
Ran by equipo2 (2015-09-08 22:13:52)
Running from C:\Users\equipo2\Desktop
Windows 10 Home (X64) (2015-08-05 17:09:18)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrador (S-1-5-21-1836801894-3176324447-3799621063-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1836801894-3176324447-3799621063-503 - Limited - Disabled)
equipo2 (S-1-5-21-1836801894-3176324447-3799621063-1000 - Administrator - Enabled) => C:\Users\equipo2
Invitado (S-1-5-21-1836801894-3176324447-3799621063-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Spybot - Search and Destroy (Enabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.01.18.0 - Ralink)
8500A909_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909a (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
ABC Amber Text Converter (HKLM-x32\...\ABC Amber Text Converter) (Version: - )
AC3Filter 1.62b (HKLM-x32\...\AC3Filter_is1) (Version: 1.62b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Analizador y SDK de MSXML 4.0 SP2 (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Apple Application Support (32 bits) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft ShowBiz (HKLM-x32\...\{4653DA78-3DB2-4F38-A35D-675CA0AF49CA}) (Version: - ArcSoft)
Assemblies Redistribuibles de Terceros para GAC (HKLM-x32\...\InstallShield_{A3057FDA-7A5E-4978-A918-F526AC203383}) (Version: 1.00.0000 - Suprema Corte de Justicia de la Nación)
Assemblies Redistribuibles de Terceros para GAC (x32 Version: 1.00.0000 - Suprema Corte de Justicia de la Nación) Hidden
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6086 - AVG Technologies)
AVG 2015 (Version: 15.0.4409 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6086 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.6.1 - BitTorrent Inc.)
BlackBerry Desktop Software 6.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.1.0.36 - Research In Motion Ltd.)
BlackBerry Desktop Software 6.1 (x32 Version: 6.1.0.36 - Research In Motion Ltd.) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
BPD_DSWizards (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Brother BRAdmin Light 1.18.0001 (HKLM-x32\...\{DB75941E-30C4-4D97-B000-D17C764B998C}) (Version: 1.18.0001 - Brother)
Brother MFL-Pro Suite MFC-7460DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 0.0.78.0 - Brother Industries, Ltd.)
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CardRecovery 6.00 (HKLM-x32\...\{88D68A69-D247-466B-90DD-575F6BE16230}_is1) (Version: - WinRecovery Software)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
CONTPAQ i® FACTURA ELECTRONICA (Terminal) (HKLM-x32\...\{2BE30865-34B9-418C-84F3-2C9912C2E31E}) (Version: - )
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.2.1.3922 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
DiskAid 6.7.6.0 (HKLM\...\DiskAid_is1) (Version: 6.7.6.0 - DigiDNA)
DocMgr (x32 Version: 140.0.65.000 - Nombre de su organización) Hidden
DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden
Documents To Go Desktop de iOS (HKLM-x32\...\DTGDesktop) (Version: 4.0001.010 - DataViz, Inc.)
DoubleCAD XT 5 - 32 bit (HKLM-x32\...\{62D7EE29-DCCB-4AC6-A491-753C2E01F480}) (Version: 5.0.302 - IMSIDesign)
Dropbox (HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
ePUBee DRM Removal (HKLM-x32\...\ePUBee DRM Removal) (Version: 3.0.5.1 - ePUBee Inc.)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
FileMerlin (HKLM-x32\...\FileMerlin) (Version: - Advanced Computer Innovations, Inc.)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Books Downloader version 2.5 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.5 - GBOOKSDOWNLOADER.COM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
hopTo (x32 Version: 2.2.8.99 - hopTo Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
hp LaserJet-all-in-one (HKLM-x32\...\hp LaserJet-all-in-one) (Version: - hp)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP My Display (HKLM-x32\...\{1F4DDC90-5923-4E49-A4C7-F3CCC954DCA0}) (Version: 1.03.026 - Portrait Displays, Inc.)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet Pro X476dw MFP Ayuda (HKLM-x32\...\{34A5CFB7-5DD0-486B-9769-E0B2A40D54CB}) (Version: 29.0.0 - Hewlett Packard)
HP Officejet Pro X476dw MFP Software básico del dispositivo (HKLM\...\{35008C62-420F-475B-AD69-37A07E8EB5C7}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
iDealshare VideoGo 5.4.3.5410 (HKLM-x32\...\{CC4C06C4-7C78-4aab-B5AF-33FB11CCD829}_is1) (Version: - iDealshare Corporation)
Instalación de DivX (HKLM-x32\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2430 - Intel Corporation)
iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 14.6.0 - iolo technologies, LLC)
IRISCompressor Pro (HKLM\...\{8F9B92B7-4542-4B54-8957-B2CFCFA3A28F}) (Version: 1.03.0000 - I.R.I.S.)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
LaserAIO (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
liteCam HD (HKLM-x32\...\{49D77BFA-135A-49AD-9A8A-8488EADA562D}) (Version: 5.02.0000 - RSUPPORT)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Laguna (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Language Interface Pack 2010 - Català (HKLM-x32\...\{95140000-00FF-0403-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0C0A-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Online Services - Ayudante para el inicio de sesión (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Microsoft Outlook Hotmail Connector de 64 bits (HKLM\...\{95140000-0081-0C0A-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Monkey's Audio (HKLM-x32\...\Monkey's Audio_is1) (Version: - )
Mozilla Firefox 30.0 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 es-MX)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MPM (HKLM-x32\...\{8AEA6737-8AF3-47BB-95CE-AAB62BE68985}) (Version: 1.00.0000 - Hewlett-Packard)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero 12 (HKLM-x32\...\{80836C86-1305-40C9-B7C9-F3A75266070D}) (Version: 12.5.01900 - Nero AG)
Nero 12 Content Pack (HKLM-x32\...\{4E7AC009-5212-499F-942F-A5AA42AE359E}) (Version: 12.0.00400 - Nero AG)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PC Suite 2.0 (HKLM-x32\...\PC Suite 2.0) (Version: 12 - Huawei Technologies Co.,Ltd)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5331 - CyberLink Corp.) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
QFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
QGIS Chugiak 2.4.0 Chugiak (HKLM\...\QGIS Chugiak) (Version: - QGIS Development Team)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.9 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.9 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.82 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RMP4 (HKLM-x32\...\{F78FC958-7354-43EA-BF26-AFCBFE7B9C18}) (Version: 1.05.0000 - RSUPPORT)
RSCC (HKLM-x32\...\{562CBD30-CA59-4640-862C-99C0ECED4B4C}) (Version: 2.02.0000 - RSUPPORT)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden
Scansoft PDF Professional (x32 Version: - ) Hidden
SDK (x32 Version: 2.26.005 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Sistema Único de Autodeterminación (HKLM-x32\...\{F5DF0EC4-EDCB-43A8-B153-2D1A084EC886}) (Version: 3.3.2 - Instituto Mexicano del Seguro Social)
Skype 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Translation Wizard (HKLM-x32\...\ST6UNST #1) (Version: - )
Transporter Desktop (HKLM\...\{b195b641-ea6f-450a-af72-1cc9e8150f67}) (Version: 3.0.23.16902 - Connected Data)
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinHTTrack Website Copier 3.46-1 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.46.1 - HTTrack)
WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Xml Viewer (HKLM-x32\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\equipo2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1836801894-3176324447-3799621063-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\equipo2\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Restore Points =========================

31-08-2015 06:17:53 Windows Update
07-09-2015 21:00:38 Punto de control programado

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2015-08-09 01:46 - 00450892 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123moviedownload.com

There are 1000 more lines.

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {006191C9-775F-4673-B578-AABA033E06A0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0E38F228-2857-4D99-88FC-690BE548996F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {189CA6A3-B3B8-4C0C-A8F1-B15CDDB8316E} - System32\Tasks\MirageAgent => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-23] (CyberLink)
Task: {18A5EAFF-70B9-45DF-B911-C5760DC40E7F} - System32\Tasks\HPCeeScheduleForequipo2 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1DAA6CC7-49C9-45C8-B645-C9A27F6392E9} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: {271ED20E-013A-49C2-A6A4-6FA471DA7C76} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1836801894-3176324447-3799621063-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {290A84AC-3A74-4DEE-9A8A-206E00B6CBAC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {2A0778E6-D680-4121-B7C7-217A3C744130} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2E6D2F06-598C-409A-9E90-985D6459973E} - System32\Tasks\{DDB84190-CB82-4AAB-AB9A-3B9F7A7BBD94} => S:\HP Scanjet 8250\setup_full_8200.exe
Task: {307DC8E1-3453-447A-9909-83D07C6B7C06} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {34CE0038-9637-4678-9024-491DCB4DFDBF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {4644A635-D4A3-4C0E-9EF7-98A2D6AA94B3} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1836801894-3176324447-3799621063-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {497ECEE3-4A31-48AC-8C38-D141291AE86E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {4B14F45D-97BE-4BD8-8288-9DA13F859EED} - System32\Tasks\Spybot - Search & Destroy - Scheduled Task => C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
Task: {4BAF5E77-C14C-452B-BDB8-EF63B38A85BD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4E8CE9A6-2CEE-4D74-9D3A-2A521D6065CB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {572C995A-008E-4CF8-939D-9840EB1EC558} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5D07D650-C6CC-41AE-9CB7-115408DF2120} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {62EB1E4A-67A7-4012-8410-72B683E68BBC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1836801894-3176324447-3799621063-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {6504B57E-3169-482D-A9E0-8F7EAB10F9CD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1836801894-3176324447-3799621063-1000UA => C:\Users\equipo2\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.)
Task: {69205643-4A80-4EC5-A257-9243D2A8E5E1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6BF60896-C741-4A8F-90B9-1B1F96359D8D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {74993205-E975-4D15-9401-C902079B4FBF} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2015-07-25] (iolo technologies, LLC)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {81498868-0FFC-45A8-A738-FE45A3A61771} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {8482C49E-578D-44E8-9BFF-5ACCD4ADDE01} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1836801894-3176324447-3799621063-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {8D6E827B-F416-4048-A2F0-B034DFD70A2D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-05] (Microsoft Corporation)
Task: {931BE731-178B-4F77-B064-A3227D2D877A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {976F1F90-1724-4A36-8124-30F584A46022} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1836801894-3176324447-3799621063-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {9B0B90A0-57FB-49B9-A6D8-5140FA92FBC9} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1836801894-3176324447-3799621063-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {9F47B539-7830-4989-BAA6-4AFADF212E22} - System32\Tasks\{53CE4FEB-32B7-456B-8FBE-2582413AD833} => pcalua.exe -a "C:\Program Files (x86)\Real\RealPlayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|15.0
Task: {A05B959A-054F-440F-B11E-3E31FD077B33} - System32\Tasks\{7DD3D58F-DC20-4065-BAD9-22E2ADBAF0B0} => S:\HP Scanjet 8250\setup_full_8200.exe
Task: {A1AEA44F-F45F-4FF2-9E74-7D606735847E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {A38C9F11-9DEC-4773-AE74-8D79825B45C1} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {B27B5690-5A31-4A5A-98A8-471A0EDF8AC8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B4FA781E-305B-4E67-83F0-164A3A4303D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {BC560980-D3B9-4296-B243-74DF38CAC8AC} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-08-29] ()
Task: {C2B263D0-E185-4FA0-8FFF-1DFCB02285EB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1836801894-3176324447-3799621063-1000Core => C:\Users\equipo2\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-24] (Dropbox, Inc.)
Task: {C46979B8-45E8-418B-AE41-D176FE0404BA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {C8061E61-6883-4F1D-8D99-46162B98E72C} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1836801894-3176324447-3799621063-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-04-06] (RealNetworks, Inc.)
Task: {D03F5BC8-358C-496F-B6D1-E8D291EB978B} - System32\Tasks\BackItUp_Launch => C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe
Task: {D29E1030-441E-4C22-9744-CE6DE935EE09} - System32\Tasks\HPCeeScheduleForEEZV-EQUIPO2-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {D941DE45-E67D-4787-9EF8-067FD0475725} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {EDF7F459-4DF0-4902-B286-63933FD51365} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1836801894-3176324447-3799621063-1000Core.job => C:\Users\equipo2\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1836801894-3176324447-3799621063-1000UA.job => C:\Users\equipo2\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForEEZV-EQUIPO2-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForequipo2.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job => C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-05 05:22 - 2015-08-05 05:22 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-19 15:20 - 2015-08-11 04:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-04-07 03:06 - 2014-04-07 03:06 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2013-04-15 16:02 - 2010-03-15 18:04 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2015-08-29 03:01 - 2015-08-18 02:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 03:01 - 2015-08-18 02:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-10 05:59 - 2015-07-10 05:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 05:59 - 2015-07-10 05:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-12 01:55 - 2015-08-02 20:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 06:00 - 2015-07-10 11:34 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 15:21 - 2015-08-11 03:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-12 01:55 - 2015-08-02 20:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 06:00 - 2015-07-10 11:34 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-08-26 10:50 - 2015-08-26 10:50 - 03637248 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1508.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-08-05 13:50 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-05 13:50 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-08-05 13:50 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-08-05 13:50 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-08 10:49 - 2015-09-08 10:49 - 00071168 _____ () c:\users\equipo2\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9tr6sx.dll
2015-09-01 18:45 - 2015-08-05 00:26 - 00012800 _____ () C:\Users\equipo2\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-09-01 18:45 - 2015-08-05 00:26 - 00779776 _____ () C:\Users\equipo2\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-09-01 18:45 - 2015-08-05 00:26 - 00056320 _____ () C:\Users\equipo2\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-09-01 18:45 - 2015-08-05 00:26 - 00012288 _____ () C:\Users\equipo2\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2012-11-07 14:02 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-09-08 10:48 - 2015-09-08 10:48 - 00098816 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32api.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00110080 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\pywintypes27.dll
2015-09-08 10:48 - 2015-09-08 10:48 - 00364544 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\pythoncom27.dll
2015-09-08 10:48 - 2015-09-08 10:48 - 00045568 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\_socket.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 01161216 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\_ssl.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00320512 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32com.shell.shell.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00713216 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\_hashlib.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 01176576 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\wx._core_.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00806400 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\wx._gdi_.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00816128 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\wx._windows_.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 01067008 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\wx._controls_.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00733184 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\wx._misc_.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00682496 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\pysqlite2._sqlite.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00087552 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\_ctypes.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00119808 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32file.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00108544 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32security.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00007168 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\hashobjs_ext.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00068096 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\usb_ext.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00167936 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32gui.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00018432 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32event.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00128512 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\_elementtree.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00127488 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\pyexpat.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00013824 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\common.time34.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00036864 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\_psutil_windows.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00038912 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32inet.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00011264 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32crypt.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00077312 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\wx._html2.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00027136 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\_multiprocessing.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00020480 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\_yappi.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00035840 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32process.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00686080 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\unicodedata.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00123392 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\wx._wizard.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00024064 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32pipe.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00010240 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\select.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00025600 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32pdh.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00525640 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\windows._lib_cacheinvalidation.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00017408 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32profile.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00022528 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\win32ts.pyd
2015-09-08 10:48 - 2015-09-08 10:48 - 00078848 _____ () C:\Users\equipo2\AppData\Local\Temp\_MEI78442\wx._animate.pyd
2015-09-03 05:02 - 2015-08-27 19:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-03 05:02 - 2015-08-27 19:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:18C06F28
AlternateDataStreams: C:\ProgramData\Temp:48C1F0D9
AlternateDataStreams: C:\ProgramData\Temp:54FC943C
AlternateDataStreams: C:\ProgramData\Temp:7EE134B6
AlternateDataStreams: C:\ProgramData\Temp:AA6D0077
AlternateDataStreams: C:\ProgramData\Temp:D2C8DFF8

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7867 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\equipo2\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Papel tapiz de Galería fotográfica de Windows Live.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^equipo2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk => C:\Windows\pss\Microsoft SharePoint Workspace.lnk.Startup
MSCONFIG\startupfolder: C:^Users^equipo2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^My Program.lnk => C:\Windows\pss\My Program.lnk.Startup
MSCONFIG\startupfolder: C:^Users^equipo2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla y Selector de OneNote 2010.lnk => C:\Windows\pss\Recorte de pantalla y Selector de OneNote 2010.lnk.Startup
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DT HPO => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPO
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: ZumoCast => C:\Program Files (x86)\Zecter\ZumoCast(1.3.2)\ZumoLauncher.lnk
HKLM\...\StartupApproved\StartupFolder: => "RealPlayer Cloud Service UI.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "mobilegeni daemon"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKU\S-1-5-21-1836801894-3176324447-3799621063-1000\...\StartupApproved\StartupFolder: => "Recorte de pantalla y Selector de OneNote 2010.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{602670B1-414B-4FD9-9D0D-A433ACA01190}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{9EF0DA04-7EB2-434D-8372-7864FE461F2E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{EA3D567F-6ED6-41FC-8A52-9CAA4234D00A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{C4568F58-DCE9-459D-B414-F30D05272655}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{3F41E0DC-ABBA-47E2-AEFE-2FACDA8AF2F0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{ABAA59FE-ABE1-43D1-AD2F-AB1026824621}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{4619D0BD-B52F-47F0-86D7-8F3AE64A209D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A65AF8B3-D47D-4D95-874C-5B3BEDDBEAB2}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{13C7C6C3-18BD-48C0-ABD1-CE0DA86AB4D5}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{90551A8F-06A0-4B8D-9C32-291735D01F5D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F6598A83-4BE8-4EF0-A9E2-4ACC5A4D1392}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E0F5D52A-8A06-4E94-B8A1-AF047702CAA9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D12A4DED-285B-41E1-B890-26A29B61E1E9}] => (Allow) C:\Program Files\HP\HP Officejet Pro X476dw MFP\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{56E32CA6-E4D7-4FF3-9E41-547CC22620E8}] => (Allow) LPort=5357
FirewallRules: [{D540AAC5-1C17-4643-A6A8-92B77D36E9BE}] => (Allow) C:\Program Files\HP\HP Officejet Pro X476dw MFP\Bin\DeviceSetup.exe
FirewallRules: [{3B56BC6C-C0F3-400A-A7F1-C4E6082CCFCC}] => (Allow) C:\Program Files\HP\HP Officejet Pro X476dw MFP\bin\SendAFax.exe
FirewallRules: [{D178DA30-B2D2-4680-8763-0C9314199739}] => (Allow) C:\Program Files\HP\HP Officejet Pro X476dw MFP\bin\DigitalWizards.exe
FirewallRules: [{B3D96062-510B-4005-AAFE-A9CA6040BBB9}] => (Allow) C:\Program Files\HP\HP Officejet Pro X476dw MFP\bin\FaxApplications.exe
FirewallRules: [{DE5BAF1A-524B-4A21-B4EC-BF228576E48C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7D3063DC-666F-4CB3-AAC4-3D0F71836533}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C6173889-D1C0-462E-914F-8232A938EB7D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{1BDC3605-544F-4D8F-9239-6BC9C4FDFFC3}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0B6EAAE3-680D-41E0-A5CF-53364B2CE701}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{90B6F2A8-2464-4BA4-B501-9D56C59DCB87}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A867EE5F-B524-4614-A064-4B57A1713F78}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{03CC303E-B0F8-4459-ABF8-A981BFBB8BB5}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2F7D2BE0-574B-44F4-ADF4-76CBC5C82143}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DBC6725B-7AD7-4037-B5D8-9378F8F735A1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{04FD52DB-401C-4BF2-B868-F62929628D68}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EC4498B6-37C6-470F-A94E-E9D3ED13AD2F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C2ABDBD0-082C-4EB9-B30C-6855C79774D6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4EE2AE59-40CA-49D7-8E15-FCBD02230C90}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E5CDE0C8-1392-4CA3-AA12-4F4A1DB64B7A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6B7619BD-0ACD-4684-B908-10BA2A0AEFD1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D7BA6844-B4D6-4BC1-AB7F-4F91EBAAA1A6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6DD76C3C-6DB8-428F-9F6E-A95DC8EE9C26}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4F414A8F-724B-41B6-836F-7D9138422E6F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{463AF312-EAAD-4409-9F5D-15B59ECD75DA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{BC370537-04B5-495E-B27E-EFC9AA89E522}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B5E51CA6-E31F-4316-AF94-DC9723C2FA55}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{05559FC2-036C-4778-90AB-E2FCB21F1A35}] => (Allow) C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{2F191DBE-70A7-4A5F-BD40-B94FECFC9777}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9D4F038E-657C-45DF-8093-472ACD0ECA81}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{94FDA9B0-8CD3-4218-8BDC-EFE63EAE0B49}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{765E9C24-60B0-4A2A-9F81-E8A81067300E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{1350EC8B-616A-4813-97C3-CE8D32A6DFC4}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9135E5E8-CEC8-43EC-863A-235D2698D514}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B0167045-4531-4324-8C51-CF03768AA921}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{21B82B6A-6959-4003-B3D9-B35C2EFF27A5}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EEFD998C-D074-4599-B368-0F4A237A23D0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{07246634-E388-4904-B8F8-41731D54C091}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{03A3AD35-B5E3-4BE0-96D9-1FE8BC2C8810}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{64E8BDB5-18C8-40DA-BA46-457F663E06E1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{72429B90-06DB-4A4A-B6C0-FAA62C5EAB00}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B95EEA77-A059-4C16-8F0B-8E41E95FA2BE}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4C85EE3B-87DF-4C08-AB0A-9052BECC6D03}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{7ACC47BD-F892-4277-9602-F84FE1E5EEA2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{1AB2B9DB-91A4-4B76-99AB-EE52ECD716BA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6C001C1B-A909-4914-BC14-6A47411658FC}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C2BA24C7-0D16-406A-8655-70C9631FFFA0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C01F28DC-7D39-4FCA-9D12-AE3D42C2E40C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{65559B2A-5E3A-4FA0-9CF3-D6065B85CF29}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B1CC9843-9941-4F37-A3BC-17872AF9891C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CE630510-07EA-4BED-8743-78FDC7847722}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DF6F4657-79A8-416B-891A-A183932B213F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3C7EDE0E-8744-4555-BDF4-2EDEE6904E88}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{08299849-C495-4E18-8FB1-481A1580F966}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5A0B98DD-C180-41FC-9C24-A6EBA799D7AD}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2D9492DA-4735-4257-9E80-8F372B308BFF}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [UDP Query User{0BBD4AB3-3459-4569-8DB8-1DFA03DADD07}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{BC179648-AE58-40ED-9936-3083D58FCBD5}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{9E27297B-4310-48F0-AF06-AFA34A686A7F}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{E089E5DF-FBFF-4459-B8F1-CD449C8D5FE9}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{AEBA4B43-86C8-4FEA-86C4-07D2DE523BDD}C:\program files (x86)\logmein\ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein\ignition\lmiignition.exe
FirewallRules: [TCP Query User{E84F1C21-144D-4D9E-A536-09C75F98237F}C:\program files (x86)\logmein\ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein\ignition\lmiignition.exe
FirewallRules: [UDP Query User{6A43DE16-6D88-445B-8C9F-1FC76745B121}C:\users\equipo2\appdata\local\temp\lmiaba4.tmp\logmein client.exe] => (Allow) C:\users\equipo2\appdata\local\temp\lmiaba4.tmp\logmein client.exe
FirewallRules: [TCP Query User{2188EABB-CBCA-478B-9730-7A905D1BE913}C:\users\equipo2\appdata\local\temp\lmiaba4.tmp\logmein client.exe] => (Allow) C:\users\equipo2\appdata\local\temp\lmiaba4.tmp\logmein client.exe
FirewallRules: [{B608C4BA-C864-4742-9AFF-612F771A1A2E}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{3C817A44-C518-4513-85DA-E42A28139AFB}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{025BB7D8-BBCF-45CB-86FD-522D77F329A6}] => (Allow) C:\Program Files (x86)\Connected Data\Transporter\Transporter Desktop.exe
FirewallRules: [UDP Query User{1833F072-94CB-410C-ACA2-D88E9D5EB30A}C:\users\equipo2\appdata\local\temp\lmiaeeb.tmp\logmein client.exe] => (Allow) C:\users\equipo2\appdata\local\temp\lmiaeeb.tmp\logmein client.exe
FirewallRules: [TCP Query User{0CD46CB2-6ADA-4C40-B43A-E00D4A5C6BF0}C:\users\equipo2\appdata\local\temp\lmiaeeb.tmp\logmein client.exe] => (Allow) C:\users\equipo2\appdata\local\temp\lmiaeeb.tmp\logmein client.exe
FirewallRules: [{4EBC6261-02A3-47B3-8844-2FB41BC352D4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{FA89BB91-50EC-402E-B050-F505ED543201}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{4F19CBB7-58E1-43B3-ABEF-C03EC7E93C92}] => (Allow) C:\Program Files (x86)\Compacw\Servidor de Licencias\Facturacion\AppKeyLicenseServerFacturacionI.exe
FirewallRules: [{2948DBF9-0757-488F-9AA0-D534C5493AEB}] => (Allow) C:\Program Files (x86)\Compacw\Servidor de Licencias\Facturacion\AppKeyLicenseServerFacturacionI.exe
FirewallRules: [{654C287A-EA1C-4DCB-B894-D89581E017BF}] => (Allow) C:\Program Files (x86)\Compacw\Servidor de Licencias\Facturacion\AppKeyLicenseServerFacturacionI.exe
FirewallRules: [{8F095B1E-CC56-47DA-A11F-B73F15240EDC}] => (Allow) C:\Program Files (x86)\Compacw\Servidor de Licencias\Facturacion\AppKeyLicenseServerFacturacionI.exe
FirewallRules: [UDP Query User{38097A57-131C-453E-8A03-2BFC33DDAEE7}C:\users\equipo2\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\equipo2\appdata\local\logmein client\logmein client.exe
FirewallRules: [TCP Query User{25365052-EB66-4A93-9EF1-14DB17FB8259}C:\users\equipo2\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\equipo2\appdata\local\logmein client\logmein client.exe
FirewallRules: [UDP Query User{37E65D63-0252-4923-A778-9415D666428F}C:\users\equipo2\appdata\local\temp\lmi3b60.tmp\logmein client.exe] => (Allow) C:\users\equipo2\appdata\local\temp\lmi3b60.tmp\logmein client.exe
FirewallRules: [TCP Query User{4665D7E1-F2D1-4269-A94C-ADAFE9AD3DB5}C:\users\equipo2\appdata\local\temp\lmi3b60.tmp\logmein client.exe] => (Allow) C:\users\equipo2\appdata\local\temp\lmi3b60.tmp\logmein client.exe
FirewallRules: [{3F72E247-865D-44FC-A6AA-7DDFF295652A}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{34B9A1C2-D660-474B-A8E6-6C7B845EB10A}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{7AB7D975-AE28-4324-9867-73A91914651E}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{7A732070-C9B9-41C9-A830-FF6D81655FFC}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{2F8AF402-9E02-4B34-85E7-A03C0727B0E1}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{43376642-8294-45A8-8802-773C5766F83A}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [UDP Query User{FC955311-9C96-4D94-8FC6-3EC64EE155EB}C:\users\equipo2\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\equipo2\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{D1410A63-11BF-4F44-BD99-C28A628B4A54}C:\users\equipo2\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\equipo2\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E7663A1E-8003-412F-8C87-ADAA5B295FA6}] => (Allow) LPort=54925
FirewallRules: [{754582DE-71AD-4804-8EC0-2BBB616B1E21}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{E507F550-5D25-4F7C-B52E-8A7F5CF9D9E2}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{605478D8-8C32-4C8C-A773-86AE50419E36}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Light\BRAdmLight.exe
FirewallRules: [{955DEBE9-D2A1-4A90-8CB7-F8EF690C6989}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Light\BRAdmLight.exe
FirewallRules: [{9085D237-CA4A-4BD8-A758-88BD7069BCDA}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{D94EC7C4-6B42-4949-8C68-C7E7EDA38694}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{62049D99-A391-4D91-9566-E465D06991AF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{F56986E6-BC07-4200-BD70-367DCA0A8563}] => (Allow) LPort=54925
FirewallRules: [{EF10913C-FCC3-430E-98B2-4E1569C75706}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe
FirewallRules: [{C7B8ACAA-C5DB-4AD8-AB64-094EADEF3F74}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe
FirewallRules: [{F31D639D-B73A-45A5-BF3A-91D1D3D49313}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{D2C83DF4-465D-41CA-B77B-AD4AA337EAE1}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{653E307D-3F07-45BF-B734-6B6C814E817A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EA18EE5F-9B7E-496E-8509-910F9D0AF196}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{41B5E0FA-9B38-4DD0-858F-550EC3040301}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6D34A4AB-6A69-40BE-8CB4-4C4E0D05468C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7828EAEA-7150-42B2-89DC-966F0D46697C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{54FF357B-B14B-4801-A99A-8E11B7AD6BB9}C:\users\equipo2\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\equipo2\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{F92B35F8-0C21-4DE6-93DC-0D00A7009A32}C:\users\equipo2\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\equipo2\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{2EEEDAB2-5103-4649-B978-58D722DDC1BF}] => (Allow) C:\Users\equipo2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{5A54F9FB-B61D-440B-876E-B2600E138529}] => (Allow) C:\Users\equipo2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{7429280E-0C5C-40E4-A41D-880F82D239D2}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{CC8023A0-1A9D-4DF1-B9CA-BA1E1DA58FAE}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{24958381-3093-434E-BB0D-4968D20ADB62}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{78D02479-FDEF-4BFB-B8D6-D49877BB9D3A}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{8C13627C-5605-40FF-BAD4-9353ED1ACFA0}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{8D0EED06-0876-4587-90BE-F2C5EEDF83B2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{189B5AC1-93F9-4EE4-9033-A3C9F3CF6948}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{77BE7ADB-12F4-41E9-A198-003C0334E968}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{C31A5A43-B510-4C4F-B116-84D57967A9A5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{FFE0A5A8-6B38-4C5E-974F-E21193999788}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{BA5583A6-633F-4582-A57F-0F689E9E351A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{F8DCCF01-3281-479D-9F0A-1F333DF476A4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{04FD3552-FE58-483E-BAC7-28E4B4C17960}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A88F6FEA-CCF2-4E47-A590-733D7269FBAB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{BEB4433D-88BA-4BE7-9B9B-E55396FF3B76}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{57AC2DBB-A10B-42A4-BD05-3890B1157CF4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{D3FE9A6F-7787-4456-AAFA-888F90F19C12}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{ED034A66-C206-47B1-B945-8E1C03543A06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{F973E62E-B4EC-4025-A7C6-B35C6225B168}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{A17567C6-5590-4FCB-96EB-58218C541409}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{124DDDCF-D36E-4D38-BCF0-3647CE9E03AD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{43417169-D021-4F69-B4A7-875A86BE4403}] => (Allow) C:\Users\equipo2\AppData\Local\Temp\7zS47FD\OJP8500vA909_Full_14\setup\hpznui40.exe
FirewallRules: [{E2CA82A1-0617-460E-A7B3-6F332686646A}] => (Allow) LPort=4482
FirewallRules: [{C35ED76C-4409-42E8-AD89-6EC916F22FD1}] => (Allow) LPort=4482
FirewallRules: [{AB72EDCD-CF18-4148-B99A-E38CF7446458}] => (Allow) LPort=4481
FirewallRules: [{9D440BED-8346-4307-9052-249DA8AD363B}] => (Allow) LPort=4481
FirewallRules: [{705C06F5-0490-4F6F-9ED8-3E1C17691A22}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{05B1F651-B7D9-41B9-B077-D9920BA4A75E}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{E2AF41BF-3BE8-4C62-A739-D1D958B7D334}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{DB13A562-E256-45AE-8736-21DCD61EF939}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{71870BD2-0670-4C77-B701-1748E424A02C}] => (Allow) C:\Users\equipo2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E8FF83C9-3F7E-454E-AD44-52FB8BEDDFCE}] => (Allow) C:\Users\equipo2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{807D0420-20D9-4E4F-8E95-35FC8C0C4B78}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{FF9635DD-8FD8-4E30-9865-81DF5A3BB4F7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7B8A9B38-A1DA-4025-A318-AAF279E5704B}] => (Allow) LPort=1900
FirewallRules: [{C524C2DE-430B-447B-AB62-A1EF73264CD6}] => (Allow) LPort=2869
FirewallRules: [{4B73E59D-3482-4B24-B2E6-39A3E104AE0D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E3FCD2B5-C78B-4BFF-BCF6-3E475E04C1D1}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E8F87674-6090-43F7-9A37-D212E932530F}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{98DB4464-E44E-4B2E-BF18-A9499232001F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{4BE995B8-6C6A-4630-B25F-092BA2FB07B8}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{8557FB3D-A5D0-4A5B-A900-93A02EB5F1A5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{0DCAC1C9-D53B-4811-A09B-0580517EF398}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{C4B7DC19-1EAA-4D1A-9E61-9A261AA0DB1E}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{2165EFE7-7347-4D7F-BA51-69688E898B8A}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{EAFFE664-1D01-4AE3-AF6A-8D16AED31156}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FB9871E1-F6C4-4983-B78D-B6F5E2AC428D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{462059B2-51E4-489C-98C0-E2279C44664D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{48424CDA-75F3-4FB4-95DB-2BE2EF8B252A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{02BCB6C9-0961-4370-89AD-1DF3E2622A12}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2015 06:54:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa WLXPhotoGallery.exe, versión 15.4.3555.308, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 2ba0

Hora de inicio: 01d0ea9177c4c804

Hora de finalización: 59676

Ruta de la aplicación: C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe

Identificador de informe: bec7affb-5684-11e5-9bcd-e89a8fd5e356

Nombre completo de paquete con errores:

Identificador de aplicación relativa del paquete con errores:

Error: (09/08/2015 10:49:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OneDrive.exe, versión: 17.3.5930.814, marca de tiempo: 0x55ce6c29
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.10240.16384, marca de tiempo: 0x559f3b2a
Código de excepción: 0x80000003
Desplazamiento de errores: 0x00132bd2
Identificador del proceso con errores: 0x1db0
Hora de inicio de la aplicación con errores: 0xOneDrive.exe0
Ruta de acceso de la aplicación con errores: OneDrive.exe1
Ruta de acceso del módulo con errores: OneDrive.exe2
Identificador del informe: OneDrive.exe3
Nombre completo del paquete con errores: OneDrive.exe4
Identificador de aplicación relativa del paquete con errores: OneDrive.exe5

Error: (09/07/2015 11:23:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: backgroundTaskHost.exe, versión: 10.0.10240.16384, marca de tiempo: 0x559f38c5
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.10240.16397, marca de tiempo: 0x55af1390
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x000000000006687f
Identificador del proceso con errores: 0x3130
Hora de inicio de la aplicación con errores: 0xbackgroundTaskHost.exe0
Ruta de acceso de la aplicación con errores: backgroundTaskHost.exe1
Ruta de acceso del módulo con errores: backgroundTaskHost.exe2
Identificador del informe: backgroundTaskHost.exe3
Nombre completo del paquete con errores: backgroundTaskHost.exe4
Identificador de aplicación relativa del paquete con errores: backgroundTaskHost.exe5

Error: (09/07/2015 09:00:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.

Error: (09/07/2015 08:59:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: backgroundTaskHost.exe, versión: 10.0.10240.16384, marca de tiempo: 0x559f38c5
Nombre del módulo con errores: twinapi.appcore.dll, versión: 10.0.10240.16397, marca de tiempo: 0x55af1390
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x000000000006687f
Identificador del proceso con errores: 0x39d0
Hora de inicio de la aplicación con errores: 0xbackgroundTaskHost.exe0
Ruta de acceso de la aplicación con errores: backgroundTaskHost.exe1
Ruta de acceso del módulo con errores: backgroundTaskHost.exe2
Identificador del informe: backgroundTaskHost.exe3
Nombre completo del paquete con errores: backgroundTaskHost.exe4
Identificador de aplicación relativa del paquete con errores: backgroundTaskHost.exe5

Error: (09/07/2015 07:07:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 13

Error: (09/07/2015 07:07:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 13

Error: (09/07/2015 07:07:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 13

Error: (09/07/2015 05:07:51 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/09/07 17:07:51.049]: [00008812]: Initialize TwdsMain Class failed!

Error: (09/07/2015 05:07:51 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/09/07 17:07:51.048]: [00008812]: ##### Fatal ERROR!! Create STI-device failed! #####

System errors:
=============
Error: (09/08/2015 10:51:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: específico de la aplicaciónLocalActivación{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSERVICIO LOCALS-1-5-19LocalHost (con LRPC)No disponibleNo disponible

Error: (09/08/2015 10:46:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio RealPlayer Cloud Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (09/08/2015 10:46:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Adaptador de escucha Net.Tcp depende del servicio Servicio de uso compartido de puertos Net.Tcp, el cual no pudo iniciarse debido al siguiente error:
%%1058

Error: (09/08/2015 10:46:07 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 23:36:23 del ‎07/‎09/‎2015 resultó inesperado.

Error: (09/04/2015 06:13:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: específico de la aplicaciónLocalActivación{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSERVICIO LOCALS-1-5-19LocalHost (con LRPC)No disponibleNo disponible

Error: (09/04/2015 06:06:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio RealPlayer Cloud Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (09/04/2015 06:06:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Adaptador de escucha Net.Tcp depende del servicio Servicio de uso compartido de puertos Net.Tcp, el cual no pudo iniciarse debido al siguiente error:
%%1058

Error: (09/04/2015 06:04:46 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Windows Search, pero ocurrió el siguiente error:
%%1056

Error: (09/04/2015 06:04:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Acceso a datos de usuarios_Session1 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (09/04/2015 06:04:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Almacenamiento de datos de usuarios_Session1 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Microsoft Office:
=========================
Error: (09/08/2015 06:54:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WLXPhotoGallery.exe15.4.3555.3082ba001d0ea9177c4c80459676C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exebec7affb-5684-11e5-9bcd-e89a8fd5e356

Error: (09/08/2015 10:49:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: OneDrive.exe17.3.5930.81455ce6c29KERNELBASE.dll10.0.10240.16384559f3b2a8000000300132bd21db001d0ea4dcdb6ab93C:\Users\equipo2\AppData\Local\Microsoft\OneDrive\OneDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dllad0978e4-a809-4e1d-a95a-754fe52f5fc2

Error: (09/07/2015 11:23:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe10.0.10240.16384559f38c5twinapi.appcore.dll10.0.10240.1639755af1390c000027b000000000006687f313001d0e9edd1112d29C:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll22b35ac4-b7bc-4a12-82bd-7dd223dd8b9dMicrosoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbweApp

Error: (09/07/2015 09:00:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.

Error: (09/07/2015 08:59:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe10.0.10240.16384559f38c5twinapi.appcore.dll10.0.10240.1639755af1390c000027b000000000006687f39d001d0e9d99dfbb7c0C:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll69666ae7-0198-4777-af62-c3813d4f9f2eMicrosoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbweApp

Error: (09/07/2015 07:07:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 13

Error: (09/07/2015 07:07:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 13

Error: (09/07/2015 07:07:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 13

Error: (09/07/2015 05:07:51 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2015/09/07 17:07:51.049]: [00008812]: Initialize TwdsMain Class failed!

Error: (09/07/2015 05:07:51 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2015/09/07 17:07:51.048]: [00008812]: ##### Fatal ERROR!! Create STI-device failed! #####

CodeIntegrity:
===================================
Date: 2015-08-25 11:19:35.909
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-08-25 11:19:35.850
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2015-08-25 11:19:35.778
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2015-08-25 11:19:35.678
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-08-25 11:19:35.626
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2015-08-25 11:19:35.568
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2015-08-25 11:19:31.662
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2015-08-25 11:19:29.477
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2015-08-25 11:15:53.044
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-08-25 11:15:52.995
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 85%
Total physical RAM: 4008.46 MB
Available physical RAM: 568.04 MB
Total Virtual: 5804.85 MB
Available Virtual: 2078.28 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:917.74 GB) (Free:469.92 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:13.24 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive h: (EEZV-1TB) (Fixed) (Total:931.28 GB) (Free:92.25 GB) FAT32
Drive l: () (Network) (Total:1863.01 GB) (Free:1449.06 GB) NTFS
Drive r: () (Network) (Total:1863.01 GB) (Free:1449.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 825DA4EB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=917.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=13.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 64C09F51)
Partition 1: (Active) - (Size=931.5 GB) - (Type=0C)

==================== End of Addition.txt ============================

Thanks

EEZV

PS. Please let me know what do later, for I have installed the Spybot - Search & Destroy version 2.5

Attached Files

aswMBR.txt (1.8 KB)

↧

DNS Updater

September 9, 2015, 3:09 pm

≫ Next: BIOS infected: How can I clean a BIOS infected?

≪ Previous: tradeadxchange.com Removal-scan

For the record, I already have a Removal Assistance thread open for this ... https://forums.spybot.info/showthrea...e&goto=newpost

But, when I saw this Sub-Forum, I figured I would make a note here. My initial problem started with a very annoying program(?) called DNS Updater. If you're not familiar with this digital migraine, it selects random bits of web text from any web page and turns it into hyperlinks for ads. It's not even shy about telling you who/what is responsible as each annoying thumbnail clearly and proudly states DNS Updater (typically at the bottom).

Currently, Juliet is helping me with eradication of this perpetual nightmare ... but, if Spybot could detect and remove it from the initial scan, then all the better, right?

Either way, just figured since it gave me such grief, it's likely giving others grief as well, so it was at the very least worth a mention.

Thanks!!

↧

BIOS infected: How can I clean a BIOS infected?

September 9, 2015, 5:22 pm

≫ Next: Can not update all files

≪ Previous: DNS Updater

I have a machine with these features:
1. MSI-U100/windowsXp
2. Once the OS is up, it deletes what I write and I can not navigate through the file manager because it sends me always to the desktop.
3. I disconnected the HD from the Laptop.
4. I test it booting with a USB live Linux. Surprise! The laptop made the same things like point 2.
5. I disconnected the battery from CMOS RAM during 1 hour, and reconnect it later.
6. I did a Flash to the BIOS with the last update obtained from the website of MSI and with help of FreeDOS.
7. The Laptop keeps making the same thing like point 2.
8. I've tried with different distributions of USB-Linux, and what I observed is that the "thing which is inside BIOS" rises similar privileges like root or administrator, so in this way it owns the Laptop.
9. My great question: How can I clean the BIOS and all the stuff related to the boot process? In order to get a clean boot.
10. Do you know about some tools that run with FreeDOS and remove rootkits, bootkits, and rare things from my BIOS.
10. I would appreciate your sincere help.
Thanks for your attention.

↧

Can not update all files

September 9, 2015, 11:24 pm

≫ Next: New Hardware/Software issue question

≪ Previous: BIOS infected: How can I clean a BIOS infected?

The update screen is going red. Also the top update screen is saying "updates available" even though I have already ran the update process.

↧

New Hardware/Software issue question

September 9, 2015, 11:43 pm

≫ Next: how to uninstall spybot silent using GPO

≪ Previous: Can not update all files

I just received a brand new sealed package with a programmable 12 button USB game controller. In the package (listed contents: game controller, driver CD and basic installation guide) came a notice that the product user manual would be on the CD included in the package along with a trouble shooting guide. The CD that I received had the following options: 1) "Files Currently on the Disc (1)" A folder listed as "USB-Gamepad" containing 4 driver files 2) an option listed as "Files Ready to Be Written to the Disc (1)" "desktop.ini".
My issue is that I have never seen another "driver CD" with this apparent option to write on the CD and there is no trouble shooting guide or user manual. I am wondering at the suspect way a supposed bigger electronics company has packaged this product. As a person who has suffered a brain injury I am uncertain if I am just being paranoid or if I should do something to protect my computer in regards to installing this software?
OS Windows 10
Show hidden files is turned on
Hide extensions for known file types is off
PS I need the programmable features of the controller to allow me to configure it for different games.

↧