Jump to content

cestmoi1337

Honorary Members
  • Posts

    65
  • Joined

  • Last visited

Posts posted by cestmoi1337

  1. Hello guys,

    I'm using a laptop computer running Windows 7 SP1 64bit.  I use Chrome as a browser.  Lately, most of the time a try to access a link from a search result, it takes me to a page displaying a gray screen with some cryptic message saying that my computer is infected and advising me to call a number to have it fixed, all this while making a horrendous loud beep.  The screens vary but most say SYSTEM SHUTDOWN  CALL SUPPORT...  It takes several clicks to make it go away.  Next time I try the same link it works just fine.  I ran MalwareBytes free and Spybot Search & Destroy and had a few things removed but the problem persists.  I have not noted any other problem.  Thanks in advance for your help.

    The FRST.txt file is this:

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2016 03
    Ran by grevolorio (administrator) on TRMDU2 (18-07-2016 11:05:54)
    Running from C:\Users\grevolorio.trmdu2\Desktop
    Loaded Profiles: grevolorio &  (Available Profiles: grevolorio & DefaultAppPool)
    Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Stardock Corporation) C:\Program Files (x86)\Stardock\WindowBlinds\WBSrv.exe
    (Stardock Software, Inc) C:\Program Files (x86)\Stardock\WindowBlinds\WBCore.exe
    (Stardock Corporation) F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\WindowFXSRV.exe
    () F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\wfx32.exe
    (Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
    (hMailServer) F:\Program Files (x86)\hMailServer\Bin\hMailServer.exe
    () F:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    (Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (AVG Technologies) F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
    (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
    (VMware, Inc.) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe
    (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
    (Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (AVG Technologies) F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
    () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
    (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    () C:\Program Files\Synergy\synergyd.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (ZabKat) C:\Program Files\zabkat\xplorer2\xplorer2_64.exe
    () C:\Program Files (x86)\Calibre2\calibre.exe
    () C:\Program Files (x86)\Calibre2\calibre-parallel.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Malwarebytes) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Malwarebytes) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Malwarebytes) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Apple Inc.) C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
    (Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    (Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
    () C:\Program Files\Synergy\synergy.exe
    (MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
    (MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    () C:\Program Files\Synergy\synergys.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
    HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
    HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24204648 2016-07-05] (Dropbox, Inc.)
    HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
    HKLM-x32\...\Run: [AttendeeCommunicator] => C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe [12007776 2016-03-14] (Microsoft Corporation)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [164152 2016-06-01] (Apple Inc.)
    Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X]
    Winlogon\Notify\MCPClient: C:\Program Files (x86)\Common Files\stardock\MCPStub.dll [2005-01-31] (Stardock)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
    HKLM\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
    HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_ActiveX.exe -update activex
    HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b93f89d9-224a-11e0-afff-f04da264333e} - E:\setup.exe
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WinSnap] => C:\Program Files\WinSnap\WinSnap64.exe [3874432 2013-06-18] (NTWind Software)
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BitTorrent Sync] => F:\Program Files (x86)\BitTorrent Sync\BTSync.exe [5514592 2015-06-30] (BitTorrent, Inc.)
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Workrave] => F:\Program Files (x86)\Workrave\lib\workrave.exe [4480000 2013-01-13] (The Workrave development team)
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [HideLogonScripts] 1
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoNotification] 0
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoNotification] 0
    HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Policies\Explorer: [TaskbarNoNotification] 0
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\MountPoints2: {6e07364a-5ca0-11e5-8a8f-0002761ce121} - E:\Setup.exe
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\MountPoints2: {bcc773c2-50b0-11e0-b28d-b7985eaf7599} - "D:\WD SmartWare.exe" autoplay=true
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoNotification] 0
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6e07364a-5ca0-11e5-8a8f-0002761ce121} - E:\Setup.exe
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {bcc773c2-50b0-11e0-b28d-b7985eaf7599} - "D:\WD SmartWare.exe" autoplay=true
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
    HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
    HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_ActiveX.exe -update activex
    HKU\S-1-5-18\...\MountPoints2: {b93f89d9-224a-11e0-afff-f04da264333e} - E:\setup.exe
    Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
    SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
    SSODL-x32: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files (x86)\Common Files\stardock\MCPCore.dll (Stardock)
    SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %SystemRoot%\system32\stobject.dll (Microsoft Corporation)
    SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
    SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
    SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
    ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
    ShellExecuteHooks-x32:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [!BTSync2.0.128Done] -> {581FFA04-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll [2015-06-30] ()
    ShellIconOverlayIdentifiers: [!BTSync2.0.128RO] -> {581FFA03-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll [2015-06-30] ()
    ShellIconOverlayIdentifiers: [!BTSync2.0.128RW] -> {581FFA02-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll [2015-06-30] ()
    ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
    ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
    ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
    ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} =>  No File
    ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [!BTSync2.0.128Done] -> {581FFA04-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension86_33554560.dll [2015-06-30] ()
    ShellIconOverlayIdentifiers-x32: [!BTSync2.0.128RO] -> {581FFA03-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension86_33554560.dll [2015-06-30] ()
    ShellIconOverlayIdentifiers-x32: [!BTSync2.0.128RW] -> {581FFA02-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension86_33554560.dll [2015-06-30] ()
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
    ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DC-2-DB.lnk [2015-09-27]
    ShortcutTarget: DC-2-DB.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DC-3-SP.lnk [2015-09-27]
    ShortcutTarget: DC-3-SP.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DC_1.lnk [2015-09-27]
    ShortcutTarget: DC_1.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Synergy.lnk [2016-03-22]
    ShortcutTarget: Synergy.lnk -> C:\Windows\Installer\{68C1AA13-4370-4761-B53F-1862C2CE26CB}\synergy.ico (No File)
    Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BHODemon 2.0.lnk [2016-07-11]
    ShortcutTarget: BHODemon 2.0.lnk -> C:\Program Files (x86)\BHODemon 2\BHODemon.exe (Definitive Solutions, Inc.)
    Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\calibre - E-book management.lnk [2015-06-19]
    ShortcutTarget: calibre - E-book management.lnk -> C:\Program Files (x86)\Calibre2\calibre.exe ()
    Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-10-02]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
    Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BHODemon 2.0.lnk [2016-07-11]
    ShortcutTarget: BHODemon 2.0.lnk -> C:\Program Files (x86)\BHODemon 2\BHODemon.exe (Definitive Solutions, Inc.)
    Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\calibre - E-book management.lnk [2015-06-19]
    ShortcutTarget: calibre - E-book management.lnk -> C:\Program Files (x86)\Calibre2\calibre.exe ()
    Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-10-02]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\..\Interfaces\{1CC5E133-5EFA-45B6-95E6-3BEBD35BCB03}: [NameServer] 75.75.75.75
    Tcpip\..\Interfaces\{2E7C3C01-490F-4425-84AD-AFDD0E4D2B58}: [NameServer] 192.168.1.1
    Tcpip\..\Interfaces\{5AFE6685-1C35-46C8-A029-662B58E9021D}: [DhcpNameServer] 172.20.10.1
    Tcpip\..\Interfaces\{64CC2F48-277C-4B3F-B096-F134D5C26275}: [NameServer] 192.168.0.1,75.75.76.76
    Tcpip\..\Interfaces\{75F23FE3-1277-4A15-B393-F09B6F2535B6}: [NameServer] 192.168.0.100

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-1085031214-796845957-725345543-2791\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
    HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
    SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
    SearchScopes: HKU\.DEFAULT -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
    SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {15261C5A-E2D7-42B4-AE84-D92AE430C800} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
    SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {15261C5A-E2D7-42B4-AE84-D92AE430C800} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
    SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {91607fa7-3c2f-4f90-93e3-d5337a6b0ac2} URL = Playbryte-fa-outbrowse/search/redirect/?type=default&user_id=f4948b29-18ba-4e54-80f2-876cde2854e2&query={searchTerms}
    SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
    SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2791 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
    SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
    BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-19] (Siber Systems Inc.)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> F:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle Corporation)
    BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-06-11] (LastPass)
    BHO: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll [2015-04-17] (MediaMall Technologies, Inc.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> F:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle Corporation)
    BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
    BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-06-19] (Siber Systems Inc.)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25] (Oracle Corporation)
    BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
    BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-06-11] (LastPass)
    BHO-x32: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho.dll [2015-04-17] (MediaMall Technologies, Inc.)
    BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
    BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
    Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-19] (Siber Systems Inc.)
    Toolbar: HKLM - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll [2015-04-17] (MediaMall Technologies, Inc.)
    Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-06-11] (LastPass)
    Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-06-19] (Siber Systems Inc.)
    Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} -  No File
    Toolbar: HKLM-x32 - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll [2015-04-17] (MediaMall Technologies, Inc.)
    Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-06-11] (LastPass)
    Toolbar: HKU\.DEFAULT -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
    Toolbar: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
    Toolbar: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-19] (Siber Systems Inc.)
    IE Session Restore: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> is enabled.
    IE Session Restore: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009 -> is enabled.
    IE Session Restore: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> is enabled.
    DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
    DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T28L10NSP12_CP1-16851/webex/ieatgpc1.cab
    DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)

    FireFox:
    ========
    FF ProfilePath: C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default
    FF DefaultSearchEngine.US: Google
    FF Session Restore: -> is enabled.
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
    FF Plugin: @java.com/DTPlugin,version=11.45.2 -> F:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-10] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> F:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle Corporation)
    FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-06-11] (LastPass)
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-25] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
    FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-06-11] (LastPass)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-10] (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2010-08-25] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2010-08-25] (NVIDIA Corporation)
    FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll [2015-08-13] (MediaMall Technologies, Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
    FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
    FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-30] (Wacom)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\grevolorio\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-08-11] (Citrix Online)
    FF Plugin HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: LWAPlugin15.8 -> C:\Users\grevolorio\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-09-18] (Microsoft Corporation)
    FF Plugin HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-30] (Wacom)
    FF user.js: detected! => C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\user.js [2015-06-16]
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll [2014-11-19] (Cisco WebEx LLC)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginAOC.dll [2016-03-14] ()
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-02-10] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
    FF Extension: Disconnect - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\2.0@disconnect.me.xpi [2015-06-16]
    FF Extension: Flashblock - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-05-06]
    FF Extension: Turn Off the Lights - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\stefanvandamme@stefanvd.net.xpi [2016-05-06]
    FF Extension: LastPass - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\support@lastpass.com [2016-05-06]
    FF Extension: Amazon Price Tracker - Keepa.com - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\amptra@keepa.com.xpi [2016-05-06]
    FF Extension: PriceZombie, Price Tracker & Price Comparison - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\jid1-a36dFT994VgKDA@jetpack.xpi [2015-10-08]
    FF Extension: PlayOn - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\playonplugin@playon.tv [2015-06-24] [not signed]
    FF Extension: Video DownloadHelper - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
    FF Extension: Adblock Plus - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-22]
    FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\extensions\afproxy@anchorfree.com [2015-09-23] [not signed]
    FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-09-23] [not signed]
    FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2015-09-23] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
    FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-12-06] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
    FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2015-06-19] [not signed]
    FF HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
    FF HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
    FF HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://www.google.com
    CHR DefaultSearchKeyword: Default -> lp
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-11]
    CHR Extension: (Entanglement Web App) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-06-11]
    CHR Extension: (SearchReportRecordResult Class) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-09-16] [UpdateUrl: hxxps://clients2.google/service/cnhpbmgmfaaapmaoibgdmapbjfofolig] <==== ATTENTION
    CHR Extension: (Google Docs) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-11]
    CHR Extension: (Send to OneNote) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aokbjibjnekbfdjilfpoknnokaffoinp [2015-07-01]
    CHR Extension: (Google Drive) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
    CHR Extension: (Turn Off the Lights) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-06-24]
    CHR Extension: (YouTube) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
    CHR Extension: (Honey) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-07-15]
    CHR Extension: (Adblock Plus) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-01]
    CHR Extension: (Incognito-Filter) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik [2015-06-11]
    CHR Extension: (Google Search) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
    CHR Extension: (Tampermonkey) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-07-16]
    CHR Extension: (Unlimited Hotspot Tethering) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\diddhabdhahhfajjfgepdlanilmdnogk [2015-06-24]
    CHR Extension: (Facebook Disconnect) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2015-06-11]
    CHR Extension: (Photo Zoom for Facebook) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2015-06-11]
    CHR Extension: (Google Sheets) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-11]
    CHR Extension: (Chrome Remote Desktop) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-13]
    CHR Extension: (Google Docs Offline) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-22]
    CHR Extension: (Close all Tabs) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghcmiphoepcihlmphakgmpapfpldlleg [2015-06-11]
    CHR Extension: (AdBlock) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-11]
    CHR Extension: (Pin It Button) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-09-26]
    CHR Extension: (TinEye Reverse Image Search) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2015-06-11]
    CHR Extension: (LastPass: Free Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-07-15]
    CHR Extension: (SuperSorter) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij [2015-06-11]
    CHR Extension: (Google Keep - notes and lists) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-07-13]
    CHR Extension: (Google Theme) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\imoaoigekmpoalkbfohhjgkcocjdapne [2015-06-11]
    CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-22]
    CHR Extension: (Cisco WebEx Extension) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-06-11]
    CHR Extension: (Speed Dial 2) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-06-01]
    CHR Extension: (Reddit Enhancement Suite) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-22]
    CHR Extension: (The Great Suspender) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-11-02]
    CHR Extension: (Roomy Bookmarks Toolbar) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmfbpoigddhdibjcilijiejaidggonfc [2015-08-28]
    CHR Extension: (Evernote Web) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-06-11]
    CHR Extension: (Instapaper) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh [2016-03-04]
    CHR Extension: (Facebook Ads Hider) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\leeebdddeggoocipdjiokmjcpidnmoah [2015-06-11]
    CHR Extension: (Unicorn Smasher) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmmeekapjbfjachdkgabdaoccfclpaa [2016-06-17]
    CHR Extension: (PlayOn) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2015-09-15]
    CHR Extension: (Poppit!) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-06-11]
    CHR Extension: (Ghostery) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-03-04]
    CHR Extension: (SharePoint Fix) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbkoobmboaainhbkbdojincpeoldlfc [2015-11-02]
    CHR Extension: (deviantART muro) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\namljbfbglehfnlonjmebceimaalofei [2015-06-11]
    CHR Extension: (Save to Pocket) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-07-13]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-28]
    CHR Extension: (Hover Zoom) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2016-06-01]
    CHR Extension: (Evernote Web Clipper) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2016-07-01]
    CHR Extension: (Gmail) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-11]
    CHR Extension: (Privacy Badger) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2016-06-01]
    CHR Extension: (RSS Feed Reader) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2016-07-11]
    CHR Extension: (RoboForm Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-03-22]
    CHR Profile: C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1
    CHR Extension: (Google Slides) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-01]
    CHR Extension: (Google Docs) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-01]
    CHR Extension: (Google Drive) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-01]
    CHR Extension: (YouTube) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-01]
    CHR Extension: (Google Sheets) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-01]
    CHR Extension: (Chrome Remote Desktop) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-06-01]
    CHR Extension: (20 Cubed) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\geghmabifcdlkmpnkapfefbbfaonhcef [2016-06-01]
    CHR Extension: (Google Docs Offline) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-01]
    CHR Extension: (AdBlock) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-10]
    CHR Extension: (Slinky Wood) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hcaidncenfklbfikefeppfgehcbmmecn [2016-06-01]
    CHR Extension: (LastPass: Free Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-06-24]
    CHR Extension: (Invite All Friends on Facebook) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2016-06-24]
    CHR Extension: (Speed Dial 2) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-06-01]
    CHR Extension: (The Great Suspender) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2016-06-01]
    CHR Extension: (PlayOn) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2016-06-01]
    CHR Extension: (Pocket) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-06-01]
    CHR Extension: (SharePoint Fix) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmbkoobmboaainhbkbdojincpeoldlfc [2016-06-01]
    CHR Extension: (Save to Pocket) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-06-17]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-01]
    CHR Extension: (Context Menu Search) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2016-06-01]
    CHR Extension: (Gmail) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-01]
    CHR Extension: (RSS Feed Reader) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2016-06-25]
    CHR Extension: (RoboForm Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-06-01]
    CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-10]
    CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2014-09-24]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-11-22]
    CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-10]
    StartMenuInternet: Google Chrome.HA3GT6LIC6CKERU66IYIZVETX4 - C:\Users\grevolorio\AppData\Local\Google\Chrome\Application\chrome.exe

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
    R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
    S4 CronService; C:\Prey\platform\windows\cronsvc.exe [19968 2011-02-15] (Fork Ltd.) [File not signed]
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
    R2 hMailServer; F:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [4512768 2015-07-09] (hMailServer) [File not signed]
    R2 KinoniSvc; f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [524800 2014-11-12] () [File not signed]
    R2 MBAMScheduler; f:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
    R2 MBAMService; f:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
    R2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5933872 2015-09-18] (MediaMall Technologies, Inc.)
    S4 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
    S4 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [17920 2011-09-19] (Microsoft) [File not signed]
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
    S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4476096 2005-09-23] (Microsoft Corporation)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
    S3 SandraAgentSrv; f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\RpcAgentSrv.exe [73200 2014-11-05] (SiSoftware) [File not signed]
    R2 SDScannerService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [997568 2014-06-29] (@ByELDI) [File not signed]
    R2 Synergy; C:\Program Files\Synergy\synergyd.exe [312488 2016-03-18] ()
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7184144 2016-07-06] (TeamViewer GmbH)
    R2 TuneUp.UtilitiesSvc; F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
    R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)
    R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
    R2 VMAuthdService; F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [File not signed]
    S2 VMwareHostd; F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-hostd.exe [15680000 2012-08-15] () [File not signed]
    S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    R2 WindowBlinds; C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe [89600 2013-05-16] (Stardock Corporation) [File not signed]
    R2 WindowFX; F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\WindowFXSRV.exe [181904 2012-03-08] (Stardock Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
    S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
    R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-16] (AnchorFree Inc.)
    R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel  Corporation)
    S3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2014-11-12] (Windows (R) Win 7 DDK provider)
    S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2014-11-12] (Windows (R) Win 7 DDK provider)
    S4 LMIRfsClientNP; no ImagePath
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-18] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
    R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)
    R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
    S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
    S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
    S3 SANDRA; f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
    R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
    R3 TuneUpUtilitiesDrv; F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
    R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
    U5 UnlockerDriver5; F:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
    R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
    R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
    R0 vsock; C:\Windows\System32\drivers\vsock.sys [70256 2012-07-06] (VMware, Inc.)
    R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-03-22] (WinISO.com)
    S1 bbstlqcp; \??\C:\Windows\system32\drivers\bbstlqcp.sys [X]
    S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
    S1 ekgpaanc; \??\C:\Windows\system32\drivers\ekgpaanc.sys [X]
    S1 emzyrjza; \??\C:\Windows\system32\drivers\emzyrjza.sys [X]
    S1 fzqrwich; \??\C:\Windows\system32\drivers\fzqrwich.sys [X]
    S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
    S1 mttwbomv; \??\C:\Windows\system32\drivers\mttwbomv.sys [X]
    S1 ouqyzldm; \??\C:\Windows\system32\drivers\ouqyzldm.sys [X]
    S1 sesugyny; \??\C:\Windows\system32\drivers\sesugyny.sys [X]
    S3 SliceDisk5; \??\C:\Users\grevolorio\AppData\Local\Temp\HBCD\PartitionFindAndMount\slicedisk-x64.sys [X]
    S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
    S1 vixxdple; \??\C:\Windows\system32\drivers\vixxdple.sys [X]
    S2 WGX; System32\Drivers\WGX64.SYS [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-07-18 11:05 - 2016-07-18 11:07 - 00067984 _____ C:\Users\grevolorio.trmdu2\Desktop\FRST.txt
    2016-07-18 11:03 - 2016-07-18 11:03 - 02391040 _____ (Farbar) C:\Users\grevolorio.trmdu2\Desktop\FRST64.exe
    2016-07-18 10:07 - 2016-07-18 10:07 - 00000000 ____D C:\Program Files\Common Files\AV
    2016-07-18 10:07 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
    2016-07-16 08:38 - 2016-05-09 16:48 - 00450051 _____ C:\Windows\system32\Drivers\etc\hosts.20160716-083854.backup
    2016-07-13 09:49 - 2016-07-13 09:50 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Roaming\vlc
    2016-07-13 09:22 - 2016-07-13 09:22 - 00000000 ____D C:\Users\grevolorio.trmdu2\Projects Series
    2016-07-13 09:22 - 2016-07-13 09:22 - 00000000 ____D C:\Users\grevolorio.trmdu2\HDR Projects 4 Pro
    2016-07-13 09:20 - 2016-07-13 09:20 - 00001162 _____ C:\Users\Public\Desktop\HDR projects 4 professional (64-Bit).lnk
    2016-07-13 09:20 - 2016-07-13 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
    2016-07-13 09:20 - 2016-07-13 09:20 - 00000000 ____D C:\Program Files\Franzis
    2016-07-11 14:07 - 2016-07-11 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2016-07-11 10:48 - 2016-07-11 10:48 - 00000957 _____ C:\Users\grevolorio.trmdu2\Desktop\BHODemon 2.0.lnk
    2016-07-11 10:48 - 2016-07-11 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BHODemon 2.0
    2016-07-11 10:48 - 2016-07-11 10:48 - 00000000 ____D C:\Program Files (x86)\BHODemon 2
    2016-07-09 08:49 - 2016-07-09 08:49 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
    2016-07-09 08:49 - 2016-07-09 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2016-07-09 08:49 - 2016-07-09 08:49 - 00000000 ____D C:\Program Files\iTunes
    2016-07-09 08:49 - 2016-07-09 08:49 - 00000000 ____D C:\Program Files\iPod
    2016-06-24 09:43 - 2016-07-08 21:18 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-07-18 11:05 - 2014-01-30 12:00 - 00000548 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1085031214-796845957-725345543-2108.job
    2016-07-18 11:05 - 2012-05-23 18:15 - 00000000 ____D C:\FRST
    2016-07-18 11:05 - 2011-08-04 09:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-07-18 11:01 - 2014-11-04 15:34 - 00000382 _____ C:\Windows\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job
    2016-07-18 10:55 - 2015-09-16 12:08 - 00192216 ____C (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-07-18 10:32 - 2015-07-02 10:19 - 00000644 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1085031214-796845957-725345543-2108.job
    2016-07-18 10:21 - 2012-07-27 08:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2016-07-18 10:08 - 2015-06-30 08:58 - 00000916 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
    2016-07-18 10:07 - 2014-08-20 09:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2016-07-18 06:15 - 2009-07-14 00:45 - 00033392 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2016-07-18 06:15 - 2009-07-14 00:45 - 00033392 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2016-07-18 02:07 - 2015-06-11 15:15 - 00000000 ____D C:\ProgramData\MediaMall
    2016-07-18 01:19 - 2015-06-30 08:58 - 00000912 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
    2016-07-17 22:59 - 2015-09-30 10:32 - 00000000 ____D C:\Program Files\KMSpico
    2016-07-17 20:05 - 2011-08-04 09:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-07-17 09:28 - 2009-07-14 01:13 - 00845984 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-07-17 09:28 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
    2016-07-14 20:21 - 2012-07-27 08:46 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2016-07-14 20:21 - 2012-04-13 10:28 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-07-14 20:21 - 2011-05-20 16:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-07-13 15:39 - 2015-06-11 20:52 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Local\CrashDumps
    2016-07-13 13:18 - 2011-01-21 14:14 - 00000000 ____D C:\Program Files (x86)\TeamViewer
    2016-07-13 12:43 - 2015-07-07 13:19 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent
    2016-07-13 09:22 - 2015-06-11 14:53 - 00000000 ____D C:\Users\grevolorio.trmdu2
    2016-07-12 16:21 - 2012-01-26 17:19 - 00000000 ____D C:\Windows\system32\Macromed
    2016-07-12 16:21 - 2011-01-21 11:27 - 00000000 ____D C:\Windows\SysWOW64\Macromed
    2016-07-11 14:08 - 2015-06-30 08:57 - 00000000 ____D C:\Program Files (x86)\Dropbox
    2016-07-11 10:59 - 2012-06-11 10:02 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-07-09 08:49 - 2015-07-07 11:43 - 00000000 ____D C:\Program Files\Common Files\Apple
    2016-07-09 08:49 - 2014-02-28 10:55 - 00000000 ____D C:\Program Files (x86)\iTunes
    2016-07-07 09:58 - 2015-06-17 13:26 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Local\calibre-cache
    2016-07-07 09:22 - 2015-06-17 13:25 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Roaming\calibre
    2016-07-01 13:31 - 2015-11-02 15:45 - 00000960 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
    2016-07-01 13:31 - 2011-06-09 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
    2016-07-01 13:31 - 2011-06-09 14:01 - 00000000 ____D C:\Program Files (x86)\Calibre2
    2016-06-27 11:21 - 2015-09-23 03:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2016-06-27 11:21 - 2012-10-10 13:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2016-06-27 10:24 - 2015-06-11 20:51 - 00000000 ____D C:\Users\grevolorio.trmdu2\.VirtualBox
    2016-06-24 17:46 - 2015-06-17 09:21 - 00143848 _____ C:\Users\grevolorio.trmdu2\AppData\Local\GDIPFONTCACHEV1.DAT
    2016-06-21 05:42 - 2013-11-12 12:46 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2016-06-21 05:41 - 2014-03-18 09:15 - 00000000 ____D C:\Program Files\Microsoft Office 15

    ==================== Files in the root of some directories =======

    2012-01-30 09:55 - 2015-06-11 15:56 - 16258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
    2015-06-12 19:46 - 2015-06-12 19:46 - 0000064 _____ () C:\Users\grevolorio.trmdu2\AppData\Roaming\Sandra.ldb
    2015-06-12 19:46 - 2015-06-12 21:14 - 14417920 _____ () C:\Users\grevolorio.trmdu2\AppData\Roaming\Sandra.mdb
    2015-08-28 17:23 - 2015-08-28 17:23 - 0000020 ___SH () C:\Users\grevolorio.trmdu2\AppData\Roaming\Sys11965 DataCollection.dat
    2015-08-28 17:23 - 2015-08-28 17:23 - 0000020 ___SH () C:\Users\grevolorio.trmdu2\AppData\Roaming\System413_DataDB.ind
    2015-07-04 08:40 - 2015-07-09 19:01 - 0000600 _____ () C:\Users\grevolorio.trmdu2\AppData\Roaming\winscp.rnd
    2015-09-28 09:21 - 2015-09-28 09:21 - 0000038 ___SH () C:\Users\grevolorio.trmdu2\AppData\Local\5678c43253f8bbb5ed82a9.59421958
    2015-07-04 08:47 - 2015-07-13 11:07 - 0000600 _____ () C:\Users\grevolorio.trmdu2\AppData\Local\PUTTY.RND
    2015-09-16 12:03 - 2015-09-16 12:03 - 0045957 _____ () C:\ProgramData\HELP_DECRYPT.PNG
    2015-09-16 12:03 - 2015-09-16 12:03 - 0000296 _____ () C:\ProgramData\HELP_DECRYPT.URL
    2012-08-20 10:22 - 2012-08-28 15:25 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
    2014-12-18 12:06 - 2014-12-18 12:06 - 0000202 _____ () C:\ProgramData\nbinst.ini
    2013-11-25 17:35 - 2013-11-25 17:35 - 0000018 _____ () C:\ProgramData\ruby-uuid

    Files to move or delete:
    ====================
    C:\Users\grevolorio\SyncToy_6f9d1157-50ab-4e8a-b246-c8013fe8d91a.dat
    C:\Users\grevolorio\SyncToy_eb83ad46-2f1d-44ad-8333-991854e5ef51.dat


    Some files in TEMP:
    ====================
    C:\Users\grevolorio\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_kz8ag.dll
    C:\Users\grevolorio\AppData\Local\Temp\RoboForm-Setup.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-07-07 10:41

    ==================== End of FRST.txt ============================

     

     

    And the Addition.txt is:

     

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2016 03
    Ran by grevolorio (2016-07-18 11:08:11)
    Running from C:\Users\grevolorio.trmdu2\Desktop
    Windows 7 Professional Service Pack 1 (X64) (2012-06-05 17:59:53)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3578782807-1016812498-1856270605-500 - Administrator - Disabled)
    grevolorio (S-1-5-21-3578782807-1016812498-1856270605-1009 - Administrator - Enabled) => C:\Users\grevolorio.trmdu2
    Guest (S-1-5-21-3578782807-1016812498-1856270605-501 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Out of date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
    AS: Microsoft Security Essentials (Enabled - Out of date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
    µTorrent (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\uTorrent) (Version: 3.4.3.40466 - BitTorrent Inc.)
    µTorrent (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.3.40466 - BitTorrent Inc.)
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.15 - STMicroelectronics)
    Acute Email IDs Production Engine (HKLM-x32\...\{CB72E17B-1BCA-441F-A8A0-64C6FDF09425}) (Version: 10.3.5 - SAGAWEBS.COM)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
    Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
    Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
    Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
    Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
    Adobe LiveCycle Designer 7.1 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\InstallShield_{B8420E42-9664-43AF-BD01-F7B12EBA92CF}) (Version: 7.1.0000 - Adobe)
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.8 - Adobe Systems Incorporated)
    Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
    Adobe Reader 64-bit fixes (HKLM\...\{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1) (Version:  - Leo Davidson / Pretentious Name)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
    Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
    Allway Sync version 10.3.25 (HKLM\...\Allway Sync_is1) (Version:  - Botkind Inc)
    Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
    Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{6F085FCD-4B6A-4F63-AF23-B74629C40797}) (Version: 9.3.0.15 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
    AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
    AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies)
    AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
    AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
    Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-5 - Wacom Technology Corp.)
    Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.0 - Wacom Co., Ltd.)
    Bamboo Dock (x32 Version: 4.0.0 - Wacom Europe GmbH) Hidden
    Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    BHODemon 2.0.0.23 (HKLM-x32\...\BHODemon_is1) (Version:  - Definitive Solutions, Inc.)
    BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 2.0.128 - BitTorrent Inc.)
    Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Box Edit (HKLM-x32\...\{8887D190-E3EC-45D9-A62D-DF423B53CBEE}) (Version: 3.0.25.511 - Box)
    Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    calibre (HKLM-x32\...\{BA623AFD-BE42-4B5F-9B8E-01FAB9BB2B51}) (Version: 2.61.0 - Kovid Goyal)
    CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
    Chrome Remote Desktop Host (HKLM-x32\...\{95EB2FCC-AE0B-40E9-B804-347C6358923B}) (Version: 51.0.2704.7 - Google Inc.)
    Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
    Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
    Citrix Online Launcher (HKLM-x32\...\{AFB80939-4486-49D8-A04E-2B05C0F2DE39}) (Version: 1.0.252 - Citrix)
    ClipX (HKLM-x32\...\ClipX) (Version:  - )
    Color Cop 5.4.3 (HKLM-x32\...\Color Cop_is1) (Version:  - Jay Prall)
    Color Picker (HKLM-x32\...\ST6UNST #1) (Version:  - )
    Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
    Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
    Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
    CutePDF Professional 3.3 (HKLM-x32\...\{F10D1D8F-C20C-4F0D-B243-688C0C6873F6}) (Version: 3.30.1001 - Acro Software Inc.)
    CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
    Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
    Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
    eReader (HKLM-x32\...\{453C9E55-80DF-4BD2-9885-52A1FB0D9382}) (Version: 3.0.3 - Palm Digital Media)
    Evernote v. 5.2 (HKLM-x32\...\{090931D6-A2F4-11E3-AD9C-00163E98E7D0}) (Version: 5.2.0.2946 - Evernote Corp.)
    ExtraPutty 0.22 (HKLM-x32\...\{14C76057-E495-47E1-BDF0-1A1CC1752ADF}) (Version: 0.22 - )
    Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
    Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.5.6 - Telerik)
    FileMenu Tools (HKLM\...\FileMenu Tools_is1) (Version:  - LopeSoft - Rubén López Hernández)
    FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
    Fine Woodworking Archive (HKLM-x32\...\{84D74E02-0F71-4107-B92F-48848C06ABB0}) (Version: 2.0.1 - Taunton)
    Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
    Git version 1.7.6-preview20110708 (HKLM-x32\...\Git_is1) (Version: 1.7.6-preview20110708 - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
    GoToMeeting 7.2.0.2759 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.2.0.2759 - CitrixOnline)
    Gtk# for .Net 2.12.25 (HKLM-x32\...\{889E7D77-2A98-4020-83B1-0296FA1BDE8A}) (Version: 2.12.25 - Xamarin, Inc.)
    HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
    HDR projects 4 professional (64-Bit) (HKLM\...\HDR_PROJECTS_4_3_3BF7CE82_is1) (Version: 4.41 - Franzis Verlag GmbH)
    hMailServer 5.6.4-B2283 (HKLM-x32\...\hMailServer_is1) (Version:  - )
    huey 1.0.5 (HKLM-x32\...\huey_is1) (Version:  - Pantone & GretagMacbeth)
    IdeaRoom (HKLM-x32\...\{9D3E0103-F902-4368-8CAE-21EE46F2DE9E}) (Version: 1.36.0070 - Sawtooth Ideas)
    IETester v0.4.10 (remove only) (HKLM-x32\...\IETester) (Version: 0.4.10 - Core Services)
    iExplorer 3.2.2.6 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
    IMG to ISO (HKLM-x32\...\{F10528D1-6478-4F67-A393-CCAC1DB958C1}_is1) (Version:  - imgtoiso.com)
    Inkscape 0.48.1  (HKLM-x32\...\Inkscape) (Version: 0.48.1 - )
    Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
    Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
    iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
    IsoBuster 3.4 (HKLM-x32\...\IsoBuster_is1) (Version: 3.4 - Smart Projects)
    iTunes (HKLM\...\{709990D1-03DA-4302-B364-E4D9F17E2198}) (Version: 12.4.1.6 - Apple Inc.)
    Java 2 Runtime Environment, SE v1.4.1 (HKLM-x32\...\{CD0159C9-17FB-11D6-A76A-00B0D079AF64}) (Version:  - )
    Java 2 Runtime Environment, SE v1.4.1_07 (HKLM-x32\...\{CA532E73-1BB7-11D8-9D6A-00010240CE95}) (Version:  - )
    Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
    Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
    Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
    Java Web Start (HKLM-x32\...\Java Web Start) (Version:  - )
    Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
    Java(TM) 6 Update 29 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416029FF}) (Version: 6.0.290 - Oracle)
    Java(TM) 6 Update 39 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216039FF}) (Version: 6.0.390 - Oracle)
    Java(TM) SE Development Kit 6 Update 39 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160390}) (Version: 1.6.0.390 - Oracle)
    Java(TM) SE Development Kit 7 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
    JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
    JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
    JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
    join.me (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\JoinMe) (Version: 1.17.0.156 - LogMeIn, Inc.)
    Keywords Studio Pro (HKLM-x32\...\Keywords Studio Pro 1.0.0) (Version: 1.0.0 - intraSEO)
    Keywords Studio Pro (x32 Version: 1.0.0 - intraSEO) Hidden
    KinoniDrivers 2.8.1 (HKLM-x32\...\KinoniDrivers) (Version: 2.8.1 - Kinoni)
    K-Lite Codec Pack 8.6.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.6.0 - )
    KMSpico v9.3.1 (HKLM\...\KMSpico_is1) (Version: 9.3.1 - )
    kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    LAN-Fax Utilities (HKLM\...\LAN-Fax Utilities) (Version:  - )
    LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
    Launchy 2.5 (HKLM-x32\...\Launchy_21344213_is1) (Version:  - Code Jelly)
    LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
    LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.71 - Alliance Software Pty Ltd)
    Market Samurai (x32 Version: 0.93.71 - Alliance Software Pty Ltd) Hidden
    Maxwell for SketchUp 2014 (HKLM-x32\...\{E3FA7086-A065-4FAF-B819-400927194F80}) (Version: 3.0.11 - Next Limit Technologies)
    MDF to ISO version 1.0 (HKLM-x32\...\{79DDA36F-B19E-4293-A4F2-FA3EC1C06E6E}_is1) (Version: 1.0 - mdftoiso.com)
    MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
    Metalogix Content Matrix Console - File Share Edition (HKLM-x32\...\{99641A98-EE9B-4521-916C-DF09AC9DD4A3}) (Version: 6.2.0302 - Metalogix Software Corp.)
    Metalogix Content Matrix Console - Public Folder Edition (HKLM-x32\...\{E18CB092-505F-4FE1-B4C7-C53DBBBBA938}) (Version: 6.2.0302 - Metalogix Software Corp.)
    Metalogix Content Matrix Console - SharePoint Edition (HKLM-x32\...\{A4E8B4B5-C6D6-414B-A513-EDDB70F58959}) (Version: 6.2.0302 - Metalogix Software Corp.)
    Micro-Measure (HKLM-x32\...\{75E1D518-6772-4073-A71C-354B71181391}) (Version: 1.0.0 - Brightwell)
    Microsoft .NET Compact Framework 1.0 SP3 Developer (HKLM-x32\...\{6C531060-84FB-4F96-8F33-29DF020632EB}) (Version: 1.0.4292 - Microsoft Corporation)
    Microsoft .NET Compact Framework 2.0 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5238 - Microsoft Corporation)
    Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft Device Emulator version 1.0 - ENU (HKLM-x32\...\{78B75C6D-E53C-424C-BF83-4B63BD4A6682}) (Version: 1.0.50727.42 - Microsoft Corporation)
    Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version:  - Microsoft Corporation)
    Microsoft Exchange Web Services Managed API 2.1 (HKLM-x32\...\{24CA683D-8174-4EBF-AD4D-3F2DD7814716}) (Version: 15.0.847.30 - Microsoft Corporation)
    Microsoft Expression Blend 3 SDK (HKLM-x32\...\{256E7DAC-9BE8-494E-8DE7-7857BF96B774}) (Version: 1.0.1343.0 - Microsoft Corporation)
    Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.20525.0) (Version: 4.0.20525.0 - Microsoft Corporation)
    Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{9B3A1C97-A361-463E-8817-444F9F88CDFE}) (Version: 2.0.20525.0 - Microsoft Corporation)
    Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}) (Version: 2.0.20525.0 - Microsoft Corporation)
    Microsoft Expression Design 4 (HKLM-x32\...\Design_7.0.20516.0) (Version: 7.0.20516.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1639.0) (Version: 4.0.1639.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{BF127B80-CFD5-4379-9752-E8AF1A5D0141}) (Version: 4.0.1639.0 - Microsoft Corporation)
    Microsoft Expression Studio 4 (HKLM-x32\...\ExpressionStudio_4.0.20525.0) (Version: 4.0.20525.0 - Microsoft Corporation)
    Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1303.0) (Version: 4.0.1303.0 - Microsoft Corporation)
    Microsoft Expression Web 4 Service Pack 2 (HKLM-x32\...\{F5993FCC-DF5D-4879-B70D-AA1F379C5C6B}) (Version:  - Microsoft Corporation)
    Microsoft Filter Pack 1.0 (HKLM\...\{95120000-2000-0409-1000-0000000FF1CE}) (Version: 12.0.4518.1104 - Microsoft Corporation)
    Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
    Microsoft Lync 2010 Attendee (HKLM-x32\...\{09335E49-1C8F-4973-9929-941BE9C6EF33}) (Version: 4.0.7577.4498 - Microsoft Corporation)
    Microsoft Lync Web App Plug-in (HKLM\...\{52CAD0B7-8759-4CE5-94D7-8825BBFD7445}) (Version: 15.8.8653.0 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
    Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4833.1001 - Microsoft Corporation)
    Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Developer Tools for Visual Studio 2013 - November 2014 Update (HKLM-x32\...\{ac415136-ae46-4301-b23e-6559062bfa7b}) (Version: 12.0.31105.0 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version:  - Microsoft)
    Microsoft Office Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesignerR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version:  - Microsoft)
    Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version:  - Microsoft)
    Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
    Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
    Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft Robocopy GUI (HKLM-x32\...\{107C666F-63C5-4263-8D40-8B9CFB5FED08}) (Version: 1.0.0 - Microsoft)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
    Microsoft SharePoint Designer 2010 (HKLM-x32\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
    Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
    Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{62D2F823-0EAA-496D-B0F9-A869BFC51550}) (Version: 8.05.2312 - Microsoft Corporation)
    Microsoft SQL Server 2005 Books Online (English) (September 2007) (HKLM-x32\...\{6FDD4688-E063-401D-B6BE-7234E20B9173}) (Version: 9.00.3104 - Microsoft Corporation)
    Microsoft SQL Server 2005 Mobile [ENU] Developer Tools (HKLM-x32\...\{1389C6A4-4965-4AEC-9175-08B54A10FA48}) (Version: 3.0.0.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Policies  (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{88CB5DFD-6CE1-486F-998C-9FC090FCE5E2}) (Version: 11.1.3128.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
    Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
    Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
    Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
    Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
    Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
    Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
    Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
    Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
    Microsoft Visual Studio 2005 64bit Prerequisites (x64) - ENU (HKLM\...\{75F299F3-8234-47CD-BB40-2994C1B1105E}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual Studio 2005 Premier Partner Edition - ENU (HKLM-x32\...\{C25EF637-BE7A-4761-9B45-9069989C319F}) (Version: 8.0.50728 - Microsoft Corporation)
    Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601) (HKLM-x32\...\KB926601.T2_29ToU260_29) (Version: 1 - Microsoft Corporation)
    Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU) (Version:  - Microsoft Corporation)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 SharePoint Power Tools (HKLM-x32\...\{FD84580C-12DC-3BA4-ABE8-1E337F776F1D}) (Version: 10.0.30604 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
    Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
    MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
    MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
    MoSync (HKLM-x32\...\MoSync) (Version:  - Mobile Sorcery)
    MotoHelper 2.1.32 Driver 5.2.0 (HKLM-x32\...\MotoHelper) (Version: 2.1.32 - Motorola)
    MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
    Motorola Mobile Drivers Installation 5.2.0 (Version: 5.2.0 - Motorola Inc.) Hidden
    Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
    MSDN Library for Visual Studio 2005 (HKLM-x32\...\MSDN Library for Visual Studio 2005) (Version: 8.0.50727.42 - Microsoft)
    MSDN Library for Visual Studio 2005 (x32 Version: 8.0.50727.42 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MyLifeOrganized v. 4.3.1 (HKLM-x32\...\MyLife Organized) (Version: 4.3.1 - MyLifeOrganized.net)
    MySQL Connector/ODBC 5.3 (HKLM\...\{43E572BC-B21F-4BEC-94CA-2D4AA6F53246}) (Version: 5.3.2 - Oracle Corporation)
    MySQL Tools for 5.0 (HKLM-x32\...\{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}) (Version: 5.0.17 - MySQL AB, Sun Microsystems, Inc.)
    Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
    Node.js (HKLM\...\{FC4E166C-598C-48CC-BFAC-A709121D3B2C}) (Version: 0.10.22 - Joyent, Inc. and other Node contributors)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.6.2 - )
    NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5951 - NVIDIA Corporation)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
    NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.5951 - NVIDIA Corporation)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
    Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
    Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    OutlookTools 2 (HKLM-x32\...\{E69BB189-4B20-46AE-93CF-59099F05FC3F}) (Version: 2.3.0 - HowTo-Outlook)
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 Design-Time - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
    paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
    Pandora (HKLM-x32\...\com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1) (Version: 2.0.5 - Pandora Media, Inc.)
    Pandora (x32 Version: 2.0.5 - Pandora Media, Inc.) Hidden
    Paprika Recipe Manager (HKLM-x32\...\{E9AC2A1E-F693-43D0-BBF4-C57A4D9BDFCF}) (Version: 1.0.4 - Hindsight Labs LLC)
    ParetoLogic Data Recovery (HKLM-x32\...\{B1C2398C-6FAB-46D1-806C-5942F0829994}) (Version: 1.1.0 - ParetoLogic)
    PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
    PDFill PDF Editor with FREE PDF Writer and Tools (HKLM-x32\...\{D12EBB4E-CF21-496D-979F-89D9DE58C5B8}) (Version: 5.0 - PlotSoft LLC)
    PDFill PDF Writer (HKLM-x32\...\PDFill PDF Writer) (Version:  - )
    Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
    Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
    PlayLater (HKLM-x32\...\{B9050F2D-0F98-4530-A494-FCA63931FBE5}) (Version: 1.6.42 - MediaMall Technologies, Inc.)
    PlayOn (HKLM-x32\...\{8D437274-5816-474B-B57C-C28D62433F8F}) (Version: 3.10.42 - MediaMall Technologies, Inc.)
    Plex (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Plex) (Version: 0.9.502 - Plex, Inc)
    Polipo 1.0.4.1 (HKLM-x32\...\Polipo) (Version:  - )
    PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Python 2.6 pycrypto-2.3 (HKLM-x32\...\{D6242566-9EF5-426E-8F75-F4FBCC010186}) (Version: 2.3.0 - Dwayne C. Litzenberger)
    Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
    Qdabra Rules Library (HKLM\...\{50F764E1-0DB5-4252-8AE9-780BB3A3B16C}) (Version: 2.3.0005 - Qdabra Software)
    Qdabra Rules Library (HKLM-x32\...\{0643AB4D-8502-47FF-AB27-FCF3649CC3C3}) (Version: 6.1.0001 - Qdabra Software)
    Qdabra Rules Library (HKLM-x32\...\{2CEB2CBB-6939-48B7-989A-AB01FBB6B14E}) (Version: 5.1.0000 - Qdabra Software)
    QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
    RAMDisk (HKLM-x32\...\{01D5FF1F-BB19-4387-8EF1-C6319037EC12}) (Version: 3.5.130 - Dataram, Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
    Recover My Files (HKLM-x32\...\Recover My Files_is1) (Version: 4.9.2.1240 - GetData Pty Ltd)
    Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
    Reflector (HKLM\...\{77342B24-A2A9-4420-8C9C-C109EE201CBC}) (Version: 1.3.3.1 - Squirrels)
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
    Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
    Revo Uninstaller 1.92 (HKLM-x32\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
    Revo Uninstaller Pro 2.4.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.4.3 - VS Revo Group, Ltd.)
    Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
    RoboForm 7-9-14-4 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-14-4 - Siber Systems)
    Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.66.00(10/30/2014) - Samsung Electronics Co., Ltd.)
    Samsung M2020 Series (HKLM-x32\...\Samsung M2020 Series) (Version: 1.23 (12/24/2014) - Samsung Electronics Co., Ltd.)
    Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
    Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
    Saver2 (HKLM-x32\...\Saver2) (Version: 1.3.2 - ZZJ)
    ScanSoft PDF Create! 4 (HKLM\...\{33307810-2945-4F3F-8FEA-0BF522AEFCA7}) (Version: 4.01.0069 - Nuance Communications, Inc.)
    Scrum Solution Starter for Microsoft Project 2010 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CC7790844E65D3F0F0686CF43FEDFB17AA666F95) (Version: 1.0.0.71 - Microsoft)
    SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
    SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
    Send to OneNote 2007 (HKLM-x32\...\{D0180909-85ED-4F97-B12C-C9E3129F78DC}) (Version: 1.0.0 - Microsoft Office OneNote 2007 PowerToys)
    SendToOneNote for Chrome (HKLM-x32\...\{62A77CC8-B17A-49C0-9BE6-E77216E86BD3}) (Version: 1.2.0 - Aspark Software)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0017-0000-0000-0000000FF1CE}_Office14.SharePointDesigner_{8B883A57-E4BC-4745-8E6C-68168850F9DD}) (Version:  - Microsoft)
    SharePoint Client Components (HKLM\...\{95150003-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4641.1002 - Microsoft Corporation)
    SharePoint Client Components (HKLM\...\{95160002-1163-0409-1000-0000000FF1CE}) (Version: 16.0.3104.1200 - Microsoft Corporation)
    Sharpener Pro 3.0 (HKLM-x32\...\Sharpener Pro 3.0 Stand-Alone) (Version: 3.0.0.5 - Nik Software, Inc.)
    Sigil 0.4.2 (HKLM\...\Sigil_is1) (Version:  - John Schember)
    SiSoftware Sandra Business 2015 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.10.2015.1 - SiSoftware)
    SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
    SketchUp 2015 (HKLM\...\{90A6F70E-96AD-4054-AB8F-42BCFA75F8EC}) (Version: 15.0.9350 - Trimble Navigation Limited)
    Skype Toolbars (HKLM-x32\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4137 - Skype Technologies S.A.)
    Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    Sparkol VideoScribe (HKLM-x32\...\Sparkol VideoScribe 2.0) (Version: 2.0 - Sparkol)
    Sparkol VideoScribe (x32 Version: 2.0 - Sparkol) Hidden
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    SQL Server 2012 Client Tools (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Common Files (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Management Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQLXML4 (HKLM\...\{DEA9F247-F832-4E36-90BF-D8EDA206521A}) (Version: 9.00.5000.00 - Microsoft Corporation)
    Stardock WindowBlinds (HKLM-x32\...\Stardock WindowBlinds) (Version: 8.12 - Stardock Software, Inc.)
    Stickies 7.1e (HKLM-x32\...\ZhornStickies) (Version:  - Zhorn Software)
    Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
    SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
    Synergy (64-bit) (HKLM\...\{77865914-4067-41D2-8DE0-ACFA9C83351D}) (Version: 1.7.6 - The Synergy Project)
    Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.62308 - TeamViewer)
    TeraCopy 2.12 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector Inc.)
    TopStyle (Version 3) (HKLM-x32\...\TopStyle (Version 3)) (Version: 3.1.0 - Bradbury Software, LLC)
    Tor 0.2.1.30 (HKLM-x32\...\Tor) (Version:  - )
    Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84.4 - Transmission)
    TreeSize Free V2.6 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.6 - JAM Software)
    TreeSize Professional 5.3.4 (HKLM-x32\...\TreeSize Professional_is1) (Version: 5.3.4 - JAM Software)
    TuneUp 2.5.0.0 (HKLM-x32\...\TuneUpMedia) (Version: 2.5.0.0 - TuneUp Media, Inc.)
    TuneWiki (HKLM-x32\...\TuneWiki) (Version: 1.0.165.0 - TuneWiki)
    U2 PCAM (HKLM-x32\...\{F89DC420-FF15-485D-8254-67A27ED1313B}) (Version: 1.2.3.4 - Genesys Logic)
    Unlocker 1.9.1 (HKLM-x32\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version:  - Microsoft)
    Update or Uninstall SENukeX (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\2ce4fd5e017fe1d3) (Version: 3.0.0.56 - SENukeX)
    Update or Uninstall SENukeX (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\2ce4fd5e017fe1d3) (Version: 3.0.0.56 - SENukeX)
    Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
    Velvia Vision (HKLM-x32\...\{F02DBC56-E5AB-4F74-B995-4586F91D4BDC}) (Version: 1.0 - Fred Miranda)
    Vertus Fluid Mask 3 2.100.2-RC2 (HKLM-x32\...\VertusFluidMask3) (Version: 2.100.2-RC2 - )
    Vidalia 0.2.12 (HKLM-x32\...\Vidalia) (Version:  - )
    Video Enhancer 1.9.6 (HKLM-x32\...\Video Enhancer_is1) (Version:  - Infognition Co. Ltd.)
    VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
    Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
    VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
    VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 9.0.0 - VMware, Inc)
    VMware Workstation (Version: 9.0.0 - VMware, Inc.) Hidden
    WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
    Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
    WebTablet FB Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.1 - Wacom Technology Corp.)
    WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
    WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
    WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
    Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
    WinDirStat 1.1.2 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WinDirStat) (Version:  - )
    WinDjView 2.0.2 (HKLM\...\WinDjView) (Version: 2.0.2 - Andrew Zhezherun)
    WindowFX (x32 Version: 5.01 - Stardock Corporation) Hidden
    Windows Driver Package - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
    Windows Driver Package - Apple Inc. Apple Wireless Mouse (09/17/2009 3.0.0.5) (HKLM\...\929413420CDE2F0C2C08C06E73FF16D9CB6C9807) (Version: 09/17/2009 3.0.0.5 - Apple Inc.)
    Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
    Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    Windows Resource Kit Tools (HKLM-x32\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation)
    WinISO (HKLM-x32\...\WinISO) (Version: 6.3.0.4829 - WinISO Computing Inc.)
    WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
    WinSCP 4.3.5 (HKLM-x32\...\winscp3_is1) (Version: 4.3.5 - Martin Prikryl)
    WinSnap (HKLM-x32\...\WinSnap) (Version: 4.0.8 - NTWind Software)
    WinX DVD Author 5.8 (HKLM-x32\...\WinX DVD Author_is1) (Version:  - FreetimeSoft, Inc.)
    Workflow Manager Client 1.0 (HKLM\...\{A5ABAF5F-B5B6-44B3-B69F-2E13DC60FC9F}) (Version: 2.0.40131.0 - Microsoft Corporation)
    Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{A79F6653-6AF1-4AF2-BC15-F5D6C05E1E6A}) (Version: 2.0.40326.0 - Microsoft Corporation)
    Workrave 1.10 (HKLM-x32\...\Workrave_is1) (Version:  - Rob Caelers & Raymond Penners)
    WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)
    xplorer² professional 64 bit (HKLM\...\xplorer2p64) (Version: 2.5.0.2 - Zabkat)
    yEd Graph Editor 3.9.2 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.9.2 - yWorks GmbH)
    Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
    Языковой пакет для среды разработки набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\grevolorio\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\2185\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\grevolorio\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {01948B03-BD45-4976-8D31-7855925672EC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => F:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {05C8BCBA-5173-4FD5-AB52-1671D7DC2D35} - System32\Tasks\{6D5E1E37-7B03-499C-9F90-D7F8A3F44FD4} => pcalua.exe -a "F:\Adobe CS4\Master Collection\Adobe CS4\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files (x86)\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02" -c -silent
    Task: {0DA826DA-C315-408E-A81B-346FA731E686} - System32\Tasks\{4BD142E9-8A9E-4CF1-8E08-D7B5ABC463F4} => pcalua.exe -a "F:\kodiRelated\FTV v0.52\FTV\Amazon FireTV Utility App.exe"
    Task: {13009AEA-3E20-4C03-98ED-1DDAA2CBE59A} - System32\Tasks\{1E1D40DD-B7F0-437F-919E-7299C2A201C8} => pcalua.exe -a C:\Users\grevolorio\Desktop\vpnclient-win-msi-5.0.01.0600-k9.exe -d C:\Users\grevolorio\Desktop
    Task: {1CA54BD7-F8FE-43D7-A568-902BD730F451} - System32\Tasks\{C9D0DEFF-43BC-4715-854F-00A22264221D} => pcalua.exe -a F:\Downloads\Drawing\Pencil-Portrait-Tutorial--How-Beginners-Learn-To-Draw-Pencil-Portraits-Quickly-And-Easily.exe -d F:\Downloads\Drawing
    Task: {1D334B1E-CF07-488F-9133-6C6018482BF0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {220D5B9C-CC4B-43A8-BE1B-5AA45467AF92} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {2541E100-9850-45B0-8A0C-D00427497A49} - System32\Tasks\{2662DE15-9BFB-4C94-ABE1-B60C1CDBE28D} => pcalua.exe -a "C:\Users\grevolorio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H3XG5VDK\lastpass_x64[1].exe" -d C:\Users\grevolorio\Desktop
    Task: {2A46E8FA-0109-4EB2-8581-D8E1CC3F8D47} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
    Task: {2AC1D17C-EA09-4710-85F9-66D640AA0BF3} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {2C2A0C7C-A15F-473C-9A03-A80299CEEC13} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation)
    Task: {3100B96D-BB14-4990-BD3D-54ABC9D6445D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
    Task: {327B3BA7-B8A2-4705-A7D4-9A7536F0D564} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
    Task: {379F9252-C770-44AA-AF2C-037D7FDACF84} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-06-19] (Siber Systems)
    Task: {384B22B0-4F48-47CA-A1B8-7D998C13032C} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {4D0D22B8-4C7A-44F5-B04F-96AB41E171EF} - System32\Tasks\ParetoLogic Update Version2 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2008-02-22] ()
    Task: {58289E57-EE9B-437E-9BF3-CCB6ABF1E425} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {59479587-6ECE-4E1C-9E21-55309D69125C} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJMKMGMNJLJIMKJJJCNOMMJOJKMCNLMJMIMJMCNGMLJIMPMCNLMJMPMMMMJKMLMOJKJKJPMIMJNJICMIMCNGMCNOMLMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMEKMICNJJCKFMLMLMPMJNHICMEKMICNJJCKJNBJCMJNKJCMJNNICMJNDJCMKJBJJNMJCMOMFMKMKMFMPMJN (the data entry has 33 more characters).
    Task: {5B725530-FFAB-4A23-8563-A928DF68D79B} - System32\Tasks\G2MUpdateTask-S-1-5-21-1085031214-796845957-725345543-2108 => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupdate.exe [2015-07-02] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {5D3FF025-C318-46AB-A7A4-5A8F209A70F7} - \SidebarExecute -> No File <==== ATTENTION
    Task: {6184FBBE-4AA1-42ED-A3A1-E6838CA95637} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {65EDF042-6E5E-4A9C-BCE8-01793ED9162F} - System32\Tasks\{DEDC4BB3-71C0-40D4-9A13-E7BEA775B519} => pcalua.exe -a F:\Downloads\AppleWirelessMouse64.exe
    Task: {6E0AF919-E2BB-4343-80BD-9DB7B1320AC0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
    Task: {729AE2CB-D745-4FDE-AD60-D0A8A4636D78} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => F:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-08-04] (AVG Technologies)
    Task: {7CFEC956-1854-4D03-AC69-5FCACF3ED978} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
    Task: {83A73D3C-C015-43F6-ABAB-27E7FC5C6590} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns
    Task: {88FD29A9-84EF-4B5D-B6F4-945733D892B5} - System32\Tasks\{A2F28A60-837B-4A08-93CF-C81107A19128} => pcalua.exe -a "F:\Downloads\Stardock Object Desktop Suite\Stardock Object Desktop Suite\WindowBlinds 5 [Enhanced] - With Crack\WindowBlinds 5 [Enhanced].exe" -d "F:\Downloads\Stardock Object Desktop Suite\Stardock Object Desktop Suite\WindowBlinds 5 [Enhanced] - With Crack"
    Task: {8B9FD64D-EE19-4346-AB88-F4084AA5EF60} - System32\Tasks\{E725F200-DE8A-4285-85FF-D7DA2DFE1545} => pcalua.exe -a F:\Downloads\solutoinstaller.exe
    Task: {90FFDBF2-C8F2-4A2B-99C2-BD4B2BA8849B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
    Task: {92FC9152-3CF6-4DC4-A1FF-8B31A85EC68D} - System32\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB} => F:\Program Files\Allway Sync\Bin\syncappw.exe [2010-05-31] ()
    Task: {93F228DA-AB4B-4BD9-B6D4-456EB46BA16D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
    Task: {97F9187F-9225-4089-8965-5A446FE551E5} - System32\Tasks\{6C938882-44FC-4762-8288-22AC4957F8AB} => pcalua.exe -a "C:\Users\grevolorio\Desktop\MsiZap (1).exe" -d C:\Users\grevolorio\Desktop
    Task: {9D8F7C35-05F3-4098-A58A-CFDCE2571B56} - System32\Tasks\{A90FC29D-33BB-491B-AED4-86D69213CF61} => pcalua.exe -a "F:\Downloads\Microsoft Office 2010 Professional (No Key Required)\setup.exe" -d "F:\Downloads\Microsoft Office 2010 Professional (No Key Required)"
    Task: {A10AE438-01D3-48A2-B1F9-9CFCF67E0B22} - System32\Tasks\{E00AD51B-21C4-4D8F-A4AB-7CC5931C85E2} => pcalua.exe -a "C:\FTV\Amazon FireTV Utility App.exe"
    Task: {A2C753BE-80E2-4C1E-A35B-C6B17C5DE41F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
    Task: {AD4D132B-F589-4AB7-9AC7-8E881E3CA6BA} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
    Task: {AD684464-6AA5-4425-9D51-8804B6F5C03B} - System32\Tasks\{B40ADBCF-29B3-4A89-B5F3-2C6807F2DECB} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall INFOPATHR /dll OSETUP.DLL
    Task: {AD9C8945-6414-46A1-B1CB-9348EE400E4F} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2013-03-21] ()
    Task: {AFDFFF62-8D44-4454-8431-F540107AFF83} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJMGMJJLJJMMMLJNJCNMMPMPMHMCNLMGMKMOJCNHMMMNJHMCNNMKJKJOMLMLMKMKJOMPMMJJJJNJICMIMCNOMCNPMFMHMCNPMCNIMJMPMPMFMJMCNOMCNIMJMPMPMCNNMJNPICMLMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMIJNIKJJIAJDJAJNIGJAJJNKJCMJNNICMJNDJCMKJBJ"
    Task: {B421371D-E6A0-44B4-B84E-BEB704B7D919} - System32\Tasks\{DBF89E59-98BD-464C-821B-C714ACBF7D00} => pcalua.exe -a "C:\Users\grevolorio\AppData\Local\Temp\Temp1_Drivers for apple majic mouse.zip\Drivers for apple majic mouse\64bit driver.exe"
    Task: {B42859F1-52BE-4C0B-87A0-089A8A9525FE} - System32\Tasks\{A86051CA-CB2D-4CFC-AA2E-F97F003E332E} => pcalua.exe -a C:\Users\grevolorio.trmdu2\Downloads\VirtualBox-5.0.4-102546-Win.exe
    Task: {B6124405-83CA-4BD7-9DFD-1176D9CFEA66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
    Task: {B7D682DD-52E1-43BE-BBF8-FDC6840A7669} - System32\Tasks\{AEC957EE-1707-435F-9324-C5329BCEB8F2} => pcalua.exe -a F:\Downloads\AppleWirelessMouse64UNEASY.exe
    Task: {BA7A7309-376A-49C5-8980-876C5ACE8DDE} - System32\Tasks\DocumentsBackupToNetworkDrive => C:\Program Files\SyncToy 2.1\SyncToyCmd.exe [2009-10-19] (Microsoft Corporation)
    Task: {BFAECEBD-7839-4DE8-825D-A11D11B4ABE5} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-06-29] (@ByELDI)
    Task: {C3513C86-0619-4FBC-B521-2594460A8AB7} - System32\Tasks\{5EF141E4-698E-4751-AFC4-21FB5FB4CCC4} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
    Task: {C7E44BE0-CBC9-4833-85C7-DCDE3709A73A} - System32\Tasks\{3EE8355E-6EFE-4231-BA1C-0027510C8764} => pcalua.exe -a F:\Downloads\OfficeExcel2003XMLToolsAddin.exe -d F:\Downloads
    Task: {D6847D8E-3585-4794-AD85-56EB9F05F9FA} - System32\Tasks\G2MUploadTask-S-1-5-21-1085031214-796845957-725345543-2108 => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupload.exe [2015-07-02] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {DDBE4BC3-4239-45EA-85A5-E4557D3F2AD6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {DE2F2154-92E1-40E2-8EB6-A80435CCCFB7} - System32\Tasks\{9AA97C05-331D-48E7-B2B6-393DA5DB59E3} => pcalua.exe -a F:\Downloads\Vertus_Fluid_Mask_3.2.1_MegaRapidshare.com\fluid_mask_3_setup_2.100.2-RC2.exe
    Task: {E121D49B-E0A6-45BA-9FBA-E6A579E8DCAE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
    Task: {E62AE87E-4B4E-4A62-A2A5-C62E351425B8} - System32\Tasks\{FB5637CE-774D-41E9-8A18-A66C6F08DE12} => pcalua.exe -a "F:\Downloads\windirstat1_1_2_setup (1).exe" -d F:\Downloads
    Task: {E86215D1-331F-46EA-B5D2-DD63481E1867} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
    Task: {E8FC4795-B64E-463C-96A9-BE0B8DBF960D} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {E96AA20C-5A24-4099-8877-9D626337E24D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {F0F929D8-853A-41D7-BF97-78FBA3A7E8E9} - System32\Tasks\{5F894392-522C-4E66-80C8-E72C3D3AD54E} => pcalua.exe -a F:\Downloads\applewirelessmouse.exe
    Task: {F379DF3B-1EC4-4330-84B3-57537B17F6CE} - System32\Tasks\CopyMyDocsToU_Drive => 
    Task: {F787EACE-34DC-43A0-9DA4-440D0A487857} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {FC31E385-F59B-4071-A73F-53FC0F691907} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => F:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {FCAEA3E8-B27E-4792-96C7-DE1B513D73A6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
    Task: {FE0A6D57-BA94-4854-A4CF-ED585B3BB4B5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job => F:\Program Files\Allway Sync\Bin\syncappw.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1085031214-796845957-725345543-2108.job => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupdate.exe
    Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1085031214-796845957-725345543-2108.job => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupload.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\ParetoLogic Registration.job => rundll32.exe  C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll
    Task: C:\Windows\Tasks\ParetoLogic Update Version2.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ShortcutWithArgument: C:\Users\grevolorio.trmdu2\Desktop\Gus - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
    ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
    ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
    ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
    ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk
    ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9cc420c2be074d9\Identity API Scope Approval UI.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ahjaciijnoiaklcomgnblndopackapon

    ==================== Loaded Modules (Whitelisted) ==============

    2012-05-15 13:12 - 2012-05-15 13:12 - 00385680 _____ () F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\WFX32.exe
    2011-01-11 10:52 - 2009-11-05 08:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
    2015-08-28 15:35 - 2014-10-30 08:18 - 00029184 ____C () C:\Windows\System32\ssj2mlm.dll
    2014-11-12 05:20 - 2014-11-12 05:20 - 00524800 _____ () f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
    2015-08-04 08:26 - 2015-08-04 08:26 - 00718040 _____ () F:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
    2016-03-18 14:52 - 2016-03-18 14:52 - 00018600 _____ () C:\Program Files\Synergy\synwinhk.DLL
    2016-03-16 06:17 - 2016-03-16 06:17 - 00052912 _____ () F:\Program Files\FileZilla FTP Client\fzshellext_64.dll
    2010-07-15 00:44 - 2010-07-15 00:44 - 00020032 _____ () F:\Program Files (x86)\Unlocker\UnlockerCOM.dll
    2011-02-14 17:55 - 2009-06-21 08:52 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
    2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2015-08-04 08:26 - 2015-08-04 08:26 - 00861912 _____ () F:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
    2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    2014-09-08 13:38 - 2014-09-08 13:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
    2016-03-18 14:52 - 2016-03-18 14:52 - 00312488 _____ () C:\Program Files\Synergy\synergyd.exe
    2015-07-08 16:59 - 2016-04-19 19:26 - 00114888 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2010-11-08 11:15 - 2010-11-08 11:15 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
    2015-06-30 08:24 - 2015-06-30 08:24 - 00408576 _____ () F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll
    2014-05-01 10:13 - 2014-05-01 10:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
    2016-07-01 08:50 - 2016-07-01 08:50 - 00171520 ____R () C:\Program Files (x86)\Calibre2\calibre.exe
    2016-07-01 08:50 - 2016-07-01 08:50 - 00024576 ____R () C:\Program Files (x86)\Calibre2\calibre-parallel.exe
    2016-06-17 17:07 - 2016-06-15 04:26 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
    2016-06-17 17:07 - 2016-06-15 04:26 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
    2016-03-18 14:52 - 2016-03-18 14:52 - 01881256 _____ () C:\Program Files\Synergy\synergy.exe
    2016-03-18 14:52 - 2016-03-18 14:52 - 00979112 _____ () C:\Program Files\Synergy\synergys.exe
    2014-08-20 09:47 - 2014-05-13 12:04 - 00109400 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2014-08-20 09:47 - 2014-05-13 12:04 - 00416600 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2014-08-20 09:47 - 2014-05-13 12:04 - 00167768 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2014-08-20 09:47 - 2012-08-23 10:38 - 00574840 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2014-08-20 09:47 - 2012-04-03 17:06 - 00565640 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2012-08-15 14:11 - 2012-08-15 14:11 - 01222656 _____ () F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\libxml2.dll
    2016-07-01 08:47 - 2016-07-01 08:47 - 00037376 ____R () C:\Program Files (x86)\Calibre2\calibre-launcher.dll
    2014-05-03 23:25 - 2014-05-03 23:25 - 00110080 ____R () C:\Program Files (x86)\Calibre2\DLLs\pywintypes27.dll
    2016-07-01 08:47 - 2016-07-01 08:47 - 00057344 ____R () C:\Program Files (x86)\Calibre2\plugins2\progress_indicator.pyd
    2016-07-01 08:47 - 2016-07-01 08:47 - 00069632 ____R () C:\Program Files (x86)\Calibre2\plugins2\imageops.pyd
    2016-07-01 08:50 - 2016-07-01 08:50 - 00176128 ____R () C:\Program Files (x86)\Calibre2\DLLs\libxslt.dll
    2016-07-01 08:50 - 2016-07-01 08:50 - 01069568 ____R () C:\Program Files (x86)\Calibre2\DLLs\libxml2.dll
    2016-07-01 08:50 - 2016-07-01 08:50 - 00064000 ____R () C:\Program Files (x86)\Calibre2\DLLs\libexslt.dll
    2014-12-10 12:23 - 2014-12-10 12:23 - 00426496 ____R () C:\Program Files (x86)\Calibre2\DLLs\sqlite3.dll
    2016-07-01 08:47 - 2016-07-01 08:47 - 00035840 ____R () C:\Program Files (x86)\Calibre2\plugins2\wpd.pyd
    2014-05-03 23:29 - 2014-05-03 23:29 - 00396800 ____R () C:\Program Files (x86)\Calibre2\DLLs\pythoncom27.dll
    2016-07-01 08:46 - 2016-07-01 08:46 - 00262144 ____R () C:\Program Files (x86)\Calibre2\plugins2\hunspell.pyd
    2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2015-10-30 05:53 - 2015-09-01 08:25 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
    2016-05-12 19:57 - 2016-06-06 21:58 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
    2016-07-11 14:07 - 2016-06-06 21:58 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
    2016-07-11 14:07 - 2016-06-06 21:59 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
    2016-07-11 14:07 - 2016-06-06 21:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
    2016-05-12 19:57 - 2016-06-06 21:58 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
    2016-05-12 19:57 - 2016-06-06 21:58 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
    2016-07-11 14:07 - 2016-06-06 21:58 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
    2016-05-12 19:57 - 2016-07-05 14:00 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
    2016-05-12 19:57 - 2016-06-06 21:58 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
    2016-07-11 14:07 - 2016-07-05 13:59 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
    2016-05-12 19:57 - 2016-06-06 21:59 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
    2016-07-11 14:07 - 2016-07-05 13:59 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
    2016-07-11 14:07 - 2016-07-05 13:59 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
    2016-07-11 14:07 - 2016-06-06 22:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
    2016-07-11 14:07 - 2016-07-05 13:59 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
    2016-05-12 19:57 - 2016-06-06 21:58 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
    2016-07-11 14:07 - 2016-06-06 21:59 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
    2016-07-11 14:07 - 2016-07-05 13:59 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
    2016-07-11 14:07 - 2016-06-06 22:01 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
    2016-07-11 14:07 - 2016-07-05 14:00 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
    2016-07-11 14:07 - 2016-07-05 14:00 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
    2016-05-12 19:57 - 2016-06-06 21:59 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
    2014-08-20 09:47 - 2014-04-25 14:11 - 02972112 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\NotificationSpreader.dll
    2016-03-08 09:04 - 2016-03-08 09:04 - 02415104 _____ () C:\Program Files\Synergy\QtCore4.dll
    2009-01-10 10:32 - 2009-01-10 10:32 - 00011362 _____ () C:\Program Files\Synergy\mingwm10.dll
    2009-06-22 18:42 - 2009-06-22 18:42 - 00043008 _____ () C:\Program Files\Synergy\libgcc_s_dw2-1.dll
    2010-02-10 14:43 - 2010-02-10 14:43 - 09515520 _____ () C:\Program Files\Synergy\QtGui4.dll
    2010-02-10 14:10 - 2010-02-10 14:10 - 01148416 _____ () C:\Program Files\Synergy\QtNetwork4.dll
    2013-12-17 04:42 - 2013-12-17 04:42 - 00335872 _____ () C:\Program Files (x86)\MediaMall\lua51a.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Windows: [108]
    AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [125]
    AlternateDataStreams: C:\Users\grevolorio.trmdu2\.DS_Store:AFP_AfpInfo [122]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

    There are 7867 more sites.

    IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\bunker -> hxxps://bunker
    IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\calshr01 -> hxxp://calshr01
    IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\calshr02 -> hxxp://calshr02
    IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\emmarx.com -> hxxp://reports.emmarx.com
    IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\inrangesystems.com -> hxxp://intranet.inrangesystems.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-se.com -> 1-se.com

    There are 11773 more sites.

    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

    There are 7867 more sites.

    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123simsen.com -> www.123simsen.com

    There are 7867 more sites.

    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

    There are 7867 more sites.

    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

    There are 7866 more sites.

    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

    There are 7866 more sites.

    IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\dell.com -> dell.com
    IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\greenskybrands.com -> hxxp://intranet.greenskybrands.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123simsen.com -> www.123simsen.com

    There are 7866 more sites.

    IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\dell.com -> dell.com
    IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\greenskybrands.com -> hxxp://intranet.greenskybrands.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

    There are 7866 more sites.

    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

    There are 7867 more sites.


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2011-10-28 15:03 - 2016-07-16 08:38 - 00450173 ____R C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1    localhost127.0.0.1    www.007guard.com
    127.0.0.1    007guard.com
    127.0.0.1    008i.com
    127.0.0.1    www.008k.com
    127.0.0.1    008k.com
    127.0.0.1    www.00hq.com
    127.0.0.1    00hq.com
    127.0.0.1    010402.com
    127.0.0.1    www.032439.com
    127.0.0.1    032439.com
    127.0.0.1    www.0scan.com
    127.0.0.1    0scan.com
    127.0.0.1    www.1000gratisproben.com
    127.0.0.1    1000gratisproben.com
    127.0.0.1    1001namen.com
    127.0.0.1    www.1001namen.com
    127.0.0.1    100888290cs.com
    127.0.0.1    www.100888290cs.com
    127.0.0.1    www.100sexlinks.com
    127.0.0.1    100sexlinks.com
    127.0.0.1    www.10sek.com
    127.0.0.1    10sek.com
    127.0.0.1    www.1-2005-search.com
    127.0.0.1    1-2005-search.com
    127.0.0.1    www.123fporn.info
    127.0.0.1    123fporn.info
    127.0.0.1    123haustiereundmehr.com
    127.0.0.1    www.123haustiereundmehr.com
    127.0.0.1    123moviedownload.com
    127.0.0.1    www.123moviedownload.com

    There are 15466 more lines.


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\grevolorio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\sharepointadmin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\Control Panel\Desktop\\Wallpaper -> 
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
    DNS Servers: 75.75.75.75 - 192.168.0.100
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    mpsdrv => Firewall Service is not running.
    MpsSvc => Firewall Service is not running.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: !SASCORE => 2
    MSCONFIG\Services: AERTFilters => 2
    MSCONFIG\Services: CronService => 2
    MSCONFIG\Services: FLEXnet Licensing Service => 3
    MSCONFIG\Services: nvsvc => 2
    MSCONFIG\Services: sdAuxService => 3
    MSCONFIG\Services: sdCoreService => 3
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^monitorpad.lnk => C:\Windows\pss\monitorpad.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Tor.lnk => C:\Windows\pss\Tor.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^grevolorio.trmdu2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^grevolorio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MLO.lnk => C:\Windows\pss\MLO.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^grevolorio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyLife Organized.lnk => C:\Windows\pss\MyLife Organized.lnk.Startup
    MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
    MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files (x86)\Common Files\Acronis\Timounter\TimounterMonitor.exe
    MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: ApplePhotoStreams => 
    MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    MSCONFIG\startupreg: AttendeeCommunicator => "C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe" /fromrunkey
    MSCONFIG\startupreg: BackupAndRecoveryMonitor.exe => C:\Program Files (x86)\Acronis\BackupAndRecovery\BackupAndRecoveryMonitor.exe
    MSCONFIG\startupreg: Box Edit => C:\Users\grevolorio.trmdu2\AppData\Local\Box\Box Edit\Box Edit.exe
    MSCONFIG\startupreg: Box Local Com Server => C:\ProgramData\Box\ComServer\Box Local Com Service.exe
    MSCONFIG\startupreg: ccApp => "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
    MSCONFIG\startupreg: ClipToOneNote => 
    MSCONFIG\startupreg: EEDSpeedLauncher => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
    MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
    MSCONFIG\startupreg: Google Desktop Search => 
    MSCONFIG\startupreg: iCloudServices => 
    MSCONFIG\startupreg: itype => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    MSCONFIG\startupreg: MobileDocuments => 
    MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
    MSCONFIG\startupreg: PlayOn => C:\Program Files (x86)\MediaMall\PlayOn.exe
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 
    MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
    MSCONFIG\startupreg: SDTray => "F:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    MSCONFIG\startupreg: Spybot-S&D Cleaning => "F:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MSCONFIG\startupreg: uTorrent => "C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
    MSCONFIG\startupreg: Vidalia => "C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe"
    MSCONFIG\startupreg: vmware-tray => 
    MSCONFIG\startupreg: vmware-tray.exe => "F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-tray.exe"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [TCP Query User{2C84D7A8-185F-48F0-997F-3A814FEB1212}C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe] => (Allow) C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe
    FirewallRules: [UDP Query User{76BCF8C2-EC1E-47FD-A852-CE49592796D5}C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe] => (Allow) C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe
    FirewallRules: [{E4DAC48E-0F06-4425-87B9-7BD5994267BF}] => (Allow) F:\Downloads\solutoinstaller-Lc51Pys8GM.exe
    FirewallRules: [{DE5F8045-275F-4630-8682-8236CFC1A9FA}] => (Allow) F:\Downloads\solutoinstaller-Lc51Pys8GM.exe
    FirewallRules: [{3CAF5393-735B-4381-9C98-BE52D398D458}] => (Allow) C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe
    FirewallRules: [{D093949F-C20C-4810-B36E-6B28E571CC81}] => (Allow) C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe
    FirewallRules: [{C6F07D1B-04C4-4F10-BDA4-374E78C5EF19}] => (Allow) C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe
    FirewallRules: [{24C77659-9DEF-4ABA-B4B9-64F8BC15A943}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{B5BA6578-03EA-4F19-B6A2-C924C6C8E14F}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe
    FirewallRules: [{758E4422-978B-47A4-86E4-B8F589FB2F26}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe
    FirewallRules: [{051D6AFF-140B-4251-A785-C60079EDB7FD}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-hostd.exe
    FirewallRules: [{7AC51C86-1E31-4E96-A1FF-7A9E9D7CE9C1}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-hostd.exe
    FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    FirewallRules: [{E82D2D2F-BFBD-41F4-A369-818C95FE2B09}] => (Allow) C:\Users\grevolorio\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{B9EB0C5C-06D4-405B-BFEF-E1240AFC3A92}] => (Allow) C:\Users\grevolorio\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{4FE7CDC6-7A33-4C99-ABED-B4C4EA2F2743}] => (Allow) C:\Program Files (x86)\Fiddler2\Fiddler.exe
    FirewallRules: [{46A01AAE-281A-4A88-9B9E-D5E9DD8EF2B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{AA765390-3C76-4719-96A5-CFF7997FFC8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{51707004-99BF-4B82-866C-6DBD656522DB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{6EE70C80-E842-4BB8-8FB2-4183E0A2B6CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{B261E1BA-7CCA-4BDA-A864-90AD5F09B541}] => (Allow) C:\Users\grevolorio\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{B05ABD30-952F-4977-88FB-0BF6B0D8486C}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
    FirewallRules: [{0E804373-A724-4174-95E8-11BF1A486C38}] => (Allow) F:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{482C2904-B9EB-460A-B24A-CDE0111F39B6}] => (Allow) F:\Program Files (x86)\BitTorrent Sync\BTSync.exe
    FirewallRules: [{30113CC9-EA36-40C1-ACE3-9C07A0D32065}] => (Allow) F:\Program Files (x86)\BitTorrent Sync\BTSync.exe
    FirewallRules: [{455BC505-116E-4778-9C47-D0039C5ABD3F}] => (Allow) LPort=12292
    FirewallRules: [{48E75E71-2CBD-4890-8FDF-D76036F2069D}] => (Allow) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
    FirewallRules: [{B80C427A-4A78-4C8F-8C5A-F9137515E7DA}] => (Allow) C:\Program Files (x86)\MediaMall\SettingsManager.exe
    FirewallRules: [{97D36CA4-D871-4663-BF1F-D7D27925F9D4}] => (Allow) C:\Program Files (x86)\MediaMall\PlayMark.exe
    FirewallRules: [{53162F45-0E3E-441F-AD2A-795DD8EBAB2D}] => (Allow) C:\Program Files (x86)\MediaMall\Surfer.exe
    FirewallRules: [{CB2F542C-B0A8-44DC-87F1-457206EFAC68}] => (Allow) C:\Program Files (x86)\MediaMall\PlayLater.exe
    FirewallRules: [{69B9AE74-7660-4131-A026-481F146680CA}] => (Allow) f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\RpcAgentSrv.exe
    FirewallRules: [{8A1F8345-6A95-49F8-A078-63007A1228A3}] => (Allow) f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\WNt600x64\RpcSandraSrv.exe
    FirewallRules: [{C974CD50-7415-43E1-9081-9640AB51C81D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{CE7E25B2-F63F-4E9B-8373-0A23074C71B1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{EBC71303-5F45-4EDC-8E05-A3C6405AF3E8}C:\program files (x86)\calibre2\calibre.exe] => (Allow) C:\program files (x86)\calibre2\calibre.exe
    FirewallRules: [UDP Query User{49A87548-8B14-4D3A-BA89-3E30CBD64639}C:\program files (x86)\calibre2\calibre.exe] => (Allow) C:\program files (x86)\calibre2\calibre.exe
    FirewallRules: [{8A45DF66-77B3-47F5-9E5B-6E67E8CD3672}] => (Block) C:\program files (x86)\calibre2\calibre.exe
    FirewallRules: [{2358E7EC-EE95-49BE-8DE1-26AF8F97ADAD}] => (Block) C:\program files (x86)\calibre2\calibre.exe
    FirewallRules: [TCP Query User{011516DF-6F3F-479A-8621-1D0D84A0991F}F:\program files\transmission\transmission-qt.exe] => (Allow) F:\program files\transmission\transmission-qt.exe
    FirewallRules: [UDP Query User{ABA9851F-F69F-4C9D-A24E-A115D08E0AB4}F:\program files\transmission\transmission-qt.exe] => (Allow) F:\program files\transmission\transmission-qt.exe
    FirewallRules: [{4095281A-CA21-41D6-BA24-5FE980C904D0}] => (Block) F:\program files\transmission\transmission-qt.exe
    FirewallRules: [{24B34338-DD29-4CA9-AD70-42F3924DD47F}] => (Block) F:\program files\transmission\transmission-qt.exe
    FirewallRules: [{AED27814-FFA9-4899-B195-BE194AA6F13A}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    FirewallRules: [{A0DE4516-2BD6-4D21-AE2B-124A3B182B0C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{E0D62CAE-785A-402E-A297-8B4033C9B7A7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [{932729FC-8CEF-4D87-B35B-8778A82696D8}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{1706A022-0050-4667-91AA-26B728B5ADD8}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{1EBA2EAC-E1BE-48CE-A61E-C0BEF9EC4047}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{583FE798-093F-4AFC-87FB-6E46B63294A7}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{EA173698-EF6B-4459-A147-42C9EDA2520C}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{F3E80BF7-DA3F-42AB-84EB-C25F52B2AF47}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{71CA5F73-AFD7-40C6-BDAF-10CC1A9579E5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
    FirewallRules: [{4D1F3054-3DA7-46C6-BF81-7F064302A7E6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{29A5A62E-BA87-4660-B3AA-624A5051E5F2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [{6369152E-C858-4EDF-BB52-6895496F3D74}] => (Allow) f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
    FirewallRules: [{E78D9C97-08D7-434F-8123-13261C4D9C6A}] => (Allow) f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
    FirewallRules: [{3792C9C6-450E-426B-986C-5824239E896A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{F3E4F551-C952-46A2-9CD8-2A5715867AC2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{02F4B432-CBA2-4E39-B3FF-F55F89EC7B68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{8A0142B3-4C3B-4255-ABA5-96A1B1BD07D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{F598C328-3FB4-42B6-899B-A8D1E5B2EC43}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    FirewallRules: [{7F10E473-1BCA-4539-B818-F0EF53397B0F}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
    FirewallRules: [{CBD9A108-FE5D-4C30-A810-642437C8E1F8}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    FirewallRules: [{6DD6D3DB-85B6-4E8A-B606-85CA460F802A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    FirewallRules: [{20FAFEED-FBD1-44C6-8EFB-994DC36F082C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
    FirewallRules: [{EB4B33CD-E952-4BFC-B5DE-B6D3A09356AF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
    FirewallRules: [{EC02FE5E-F982-4195-96AA-CE84BEECCF6A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
    FirewallRules: [{21DD25A7-A8D1-4916-A603-11C1BC9AD862}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
    FirewallRules: [{14B43CDE-088B-4241-AE08-1E53015DBD6D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
    FirewallRules: [{1FBAD7D8-6F46-41E4-961C-0EAB6CA8B4BE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
    FirewallRules: [{B7D324F3-4B17-46E4-9913-152127D321A5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
    FirewallRules: [{422A2506-3182-4452-B20C-5EC8186315FD}] => (Allow) C:\Program Files\Synergy\synergys.exe
    FirewallRules: [{C86D90D8-8EFA-49AF-93C1-3293B433ED7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{6E079AAB-5654-4264-8491-85AF7E253C08}] => (Allow) C:\Windows\explorer.exe
    FirewallRules: [{98CBFD6B-3FB9-488B-A3C8-3C054460A2B1}] => (Allow) C:\Windows\system32\rundll32.exe
    StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Restore Points =========================

    ATTENTION: System Restore is disabled
    Check "winmgmt" service or repair WMI.


    ==================== Faulty Device Manager Devices =============

    Name: Intel(R) Centrino(R) Advanced-N 6200 AGN
    Description: Intel(R) Centrino(R) Advanced-N 6200 AGN
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel Corporation
    Service: NETw5s64
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Microsoft Loopback Adapter
    Description: Microsoft Loopback Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: msloop
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/18/2016 09:05:53 AM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
    Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

    Error: (07/18/2016 04:05:57 AM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
    Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

    Error: (07/17/2016 11:05:25 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
    Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

    Error: (07/17/2016 10:59:21 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: AutoPico.exe, version: 12.3.0.0, time stamp: 0x53b06ef5
    Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
    Exception code: 0xe0434352
    Fault offset: 0x000000000001a06d
    Faulting process id: 0x18438
    Faulting application start time: 0xAutoPico.exe0
    Faulting application path: AutoPico.exe1
    Faulting module path: AutoPico.exe2
    Report Id: AutoPico.exe3

    Error: (07/17/2016 10:59:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: AutoPico.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.IO.IOException
    Stack:
       at System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
       at AutoPico.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
       at System.Net.LazyAsyncResult.Complete(IntPtr)
       at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
       at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
       at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
       at System.Net.ContextAwareResult.Complete(IntPtr)
       at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
       at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

    Error: (07/17/2016 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
    Description: The backup did not complete because of an error writing to the backup location I:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

    Error: (07/17/2016 06:05:33 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
    Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

    Error: (07/17/2016 05:29:17 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: AutoPico.exe, version: 12.3.0.0, time stamp: 0x53b06ef5
    Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
    Exception code: 0xe0434352
    Fault offset: 0x000000000001a06d
    Faulting process id: 0x184bc
    Faulting application start time: 0xAutoPico.exe0
    Faulting application path: AutoPico.exe1
    Faulting module path: AutoPico.exe2
    Report Id: AutoPico.exe3

    Error: (07/17/2016 05:29:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: AutoPico.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.IO.IOException
    Stack:
       at System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
       at AutoPico.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
       at System.Net.LazyAsyncResult.Complete(IntPtr)
       at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
       at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
       at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
       at System.Net.ContextAwareResult.Complete(IntPtr)
       at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
       at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

    Error: (07/17/2016 01:05:09 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
    Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.


    System errors:
    =============
    Error: (07/09/2016 08:46:16 AM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk3\DR3.

    Error: (06/17/2016 03:52:14 PM) (Source: VDS Dynamic Provider) (EventID: 40) (User: )
    Description: The remove plex operation failed to complete. status=C038003B

    Error: (06/17/2016 03:48:38 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
    Description: Unexpected failure. Error code: 490@01010004

    Error: (06/17/2016 03:40:15 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
    Description: Unexpected failure. Error code: 490@01010004

    Error: (06/13/2016 06:09:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

        New Signature Version: 

        Previous Signature Version: 1.223.1357.0

        Update Source: %NT AUTHORITY51

        Update Stage: 4.9.0218.00

        Source Path: 4.9.0218.01

        Signature Type: %NT AUTHORITY602

        Update Type: %NT AUTHORITY604

        User: NT AUTHORITY\NETWORK SERVICE

        Current Engine Version: %NT AUTHORITY605

        Previous Engine Version: %NT AUTHORITY606

        Error code: %NT AUTHORITY607

        Error description: %NT AUTHORITY608

    Error: (06/13/2016 06:09:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

        New Signature Version: 

        Previous Signature Version: 1.223.1357.0

        Update Source: %NT AUTHORITY51

        Update Stage: 4.9.0218.00

        Source Path: 4.9.0218.01

        Signature Type: %NT AUTHORITY602

        Update Type: %NT AUTHORITY604

        User: NT AUTHORITY\NETWORK SERVICE

        Current Engine Version: %NT AUTHORITY605

        Previous Engine Version: %NT AUTHORITY606

        Error code: %NT AUTHORITY607

        Error description: %NT AUTHORITY608

    Error: (06/13/2016 06:09:09 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

        New Signature Version: 

        Previous Signature Version: 1.223.1357.0

        Update Source: %NT AUTHORITY59

        Update Stage: 4.9.0218.00

        Source Path: 4.9.0218.01

        Signature Type: %NT AUTHORITY602

        Update Type: %NT AUTHORITY604

        User: NT AUTHORITY\SYSTEM

        Current Engine Version: %NT AUTHORITY605

        Previous Engine Version: %NT AUTHORITY606

        Error code: %NT AUTHORITY607

        Error description: %NT AUTHORITY608

    Error: (06/13/2016 05:47:28 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: The Service Control Manager tried to take a corrective action (Run the configured recovery program) after the unexpected termination of the VMware Workstation Server service, but this action failed with the following error: 
    %%193

    Error: (06/13/2016 05:46:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The VMware Workstation Server service terminated unexpectedly.  It has done this 3 time(s).  The following corrective action will be taken in 60000 milliseconds: Run the configured recovery program.

    Error: (06/13/2016 05:45:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


    CodeIntegrity:
    ===================================
      Date: 2016-07-17 04:56:59.348
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-17 04:56:59.258
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-17 04:56:59.099
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-16 03:52:04.984
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-16 03:52:04.894
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-16 03:52:04.509
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-15 04:55:34.023
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-15 04:55:33.925
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-15 04:55:33.538
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-14 03:10:30.776
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


    ==================== Memory info =========================== 

    Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
    Percentage of memory in use: 93%
    Total physical RAM: 16316.38 MB
    Available physical RAM: 1045.3 MB
    Total Virtual: 16826.56 MB
    Available Virtual: 528.85 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:100 GB) (Free:22.36 GB) NTFS
    Drive d: (WD SmartWare) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF
    Drive f: (SoftRaid) (Fixed) (Total:731.32 GB) (Free:32.08 GB) NTFS
    Drive g: (Virtual) (Fixed) (Total:465.76 GB) (Free:412.86 GB) NTFS
    Drive i: (My Passport) (Fixed) (Total:930.86 GB) (Free:710.41 GB) NTFS
    Drive m: () (Fixed) (Total:465.75 GB) (Free:268.39 GB) NTFS
    Drive n: () (Fixed) (Total:465.75 GB) (Free:432.04 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D040DF6)
    Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
    Partition 2: (Active) - (Size=100 MB) - (Type=42)
    Partition 3: (Not Active) - (Size=100 GB) - (Type=42)
    Partition 4: (Not Active) - (Size=831.4 GB) - (Type=42)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 08C4D7E9)
    Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
    Partition 2: (Active) - (Size=100 MB) - (Type=42)
    Partition 3: (Not Active) - (Size=100 GB) - (Type=42)
    Partition 4: (Not Active) - (Size=831.4 GB) - (Type=42)

    ========================================================
    Disk: 2 (Size: 465.8 GB) (Disk ID: 00000000)

    Partition: GPT.

    ========================================================
    Disk: 3 (MBR Code: Windows XP) (Size: 930.9 GB) (Disk ID: 00052F35)
    Partition 1: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

    bho.png

  2. Hello guys,

    I'm using a laptop computer running Windows 7 SP1 64bit.  I use Chrome as a browser.  Lately, most of the time a try to access a link from a search result, it takes me to a page displaying a gray screen with some cryptic message saying that my computer is infected and advising me to call a number to have it fixed, all this while making a horrendous loud beep.  The screens vary but most say SYSTEM SHUTDOWN  CALL SUPPORT...  It takes several clicks to make it go away.  Next time I try the same link it works just fine.  I ran MalwareBytes free and Spybot Search & Destroy and had a few things removed but the problem persists.  I have not noted any other problem.  Thanks in advance for your help.

    The FRST.txt file is this:

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2016 03
    Ran by grevolorio (administrator) on TRMDU2 (18-07-2016 11:05:54)
    Running from C:\Users\grevolorio.trmdu2\Desktop
    Loaded Profiles: grevolorio &  (Available Profiles: grevolorio & DefaultAppPool)
    Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Stardock Corporation) C:\Program Files (x86)\Stardock\WindowBlinds\WBSrv.exe
    (Stardock Software, Inc) C:\Program Files (x86)\Stardock\WindowBlinds\WBCore.exe
    (Stardock Corporation) F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\WindowFXSRV.exe
    () F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\wfx32.exe
    (Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
    (hMailServer) F:\Program Files (x86)\hMailServer\Bin\hMailServer.exe
    () F:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    (Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (AVG Technologies) F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
    (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
    (VMware, Inc.) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe
    (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
    (Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (AVG Technologies) F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
    () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
    (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    () C:\Program Files\Synergy\synergyd.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (ZabKat) C:\Program Files\zabkat\xplorer2\xplorer2_64.exe
    () C:\Program Files (x86)\Calibre2\calibre.exe
    () C:\Program Files (x86)\Calibre2\calibre-parallel.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Malwarebytes) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Malwarebytes) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    (Malwarebytes) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Apple Inc.) C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
    (Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    (Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
    () C:\Program Files\Synergy\synergy.exe
    (MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
    (MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    () C:\Program Files\Synergy\synergys.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
    HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
    HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24204648 2016-07-05] (Dropbox, Inc.)
    HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
    HKLM-x32\...\Run: [AttendeeCommunicator] => C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe [12007776 2016-03-14] (Microsoft Corporation)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [164152 2016-06-01] (Apple Inc.)
    Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X]
    Winlogon\Notify\MCPClient: C:\Program Files (x86)\Common Files\stardock\MCPStub.dll [2005-01-31] (Stardock)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
    HKLM\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
    HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_ActiveX.exe -update activex
    HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b93f89d9-224a-11e0-afff-f04da264333e} - E:\setup.exe
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WinSnap] => C:\Program Files\WinSnap\WinSnap64.exe [3874432 2013-06-18] (NTWind Software)
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BitTorrent Sync] => F:\Program Files (x86)\BitTorrent Sync\BTSync.exe [5514592 2015-06-30] (BitTorrent, Inc.)
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Workrave] => F:\Program Files (x86)\Workrave\lib\workrave.exe [4480000 2013-01-13] (The Workrave development team)
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [HideLogonScripts] 1
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoNotification] 0
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoNotification] 0
    HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Policies\Explorer: [TaskbarNoNotification] 0
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\MountPoints2: {6e07364a-5ca0-11e5-8a8f-0002761ce121} - E:\Setup.exe
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\MountPoints2: {bcc773c2-50b0-11e0-b28d-b7985eaf7599} - "D:\WD SmartWare.exe" autoplay=true
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoNotification] 0
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6e07364a-5ca0-11e5-8a8f-0002761ce121} - E:\Setup.exe
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {bcc773c2-50b0-11e0-b28d-b7985eaf7599} - "D:\WD SmartWare.exe" autoplay=true
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
    HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
    HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_ActiveX.exe -update activex
    HKU\S-1-5-18\...\MountPoints2: {b93f89d9-224a-11e0-afff-f04da264333e} - E:\setup.exe
    Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
    SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
    SSODL-x32: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files (x86)\Common Files\stardock\MCPCore.dll (Stardock)
    SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %SystemRoot%\system32\stobject.dll (Microsoft Corporation)
    SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
    SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
    SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
    ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
    ShellExecuteHooks-x32:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [!BTSync2.0.128Done] -> {581FFA04-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll [2015-06-30] ()
    ShellIconOverlayIdentifiers: [!BTSync2.0.128RO] -> {581FFA03-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll [2015-06-30] ()
    ShellIconOverlayIdentifiers: [!BTSync2.0.128RW] -> {581FFA02-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll [2015-06-30] ()
    ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
    ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
    ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
    ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} =>  No File
    ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [!BTSync2.0.128Done] -> {581FFA04-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension86_33554560.dll [2015-06-30] ()
    ShellIconOverlayIdentifiers-x32: [!BTSync2.0.128RO] -> {581FFA03-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension86_33554560.dll [2015-06-30] ()
    ShellIconOverlayIdentifiers-x32: [!BTSync2.0.128RW] -> {581FFA02-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension86_33554560.dll [2015-06-30] ()
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
    ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
    ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DC-2-DB.lnk [2015-09-27]
    ShortcutTarget: DC-2-DB.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DC-3-SP.lnk [2015-09-27]
    ShortcutTarget: DC-3-SP.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DC_1.lnk [2015-09-27]
    ShortcutTarget: DC_1.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Synergy.lnk [2016-03-22]
    ShortcutTarget: Synergy.lnk -> C:\Windows\Installer\{68C1AA13-4370-4761-B53F-1862C2CE26CB}\synergy.ico (No File)
    Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BHODemon 2.0.lnk [2016-07-11]
    ShortcutTarget: BHODemon 2.0.lnk -> C:\Program Files (x86)\BHODemon 2\BHODemon.exe (Definitive Solutions, Inc.)
    Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\calibre - E-book management.lnk [2015-06-19]
    ShortcutTarget: calibre - E-book management.lnk -> C:\Program Files (x86)\Calibre2\calibre.exe ()
    Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-10-02]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
    Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BHODemon 2.0.lnk [2016-07-11]
    ShortcutTarget: BHODemon 2.0.lnk -> C:\Program Files (x86)\BHODemon 2\BHODemon.exe (Definitive Solutions, Inc.)
    Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\calibre - E-book management.lnk [2015-06-19]
    ShortcutTarget: calibre - E-book management.lnk -> C:\Program Files (x86)\Calibre2\calibre.exe ()
    Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-10-02]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\..\Interfaces\{1CC5E133-5EFA-45B6-95E6-3BEBD35BCB03}: [NameServer] 75.75.75.75
    Tcpip\..\Interfaces\{2E7C3C01-490F-4425-84AD-AFDD0E4D2B58}: [NameServer] 192.168.1.1
    Tcpip\..\Interfaces\{5AFE6685-1C35-46C8-A029-662B58E9021D}: [DhcpNameServer] 172.20.10.1
    Tcpip\..\Interfaces\{64CC2F48-277C-4B3F-B096-F134D5C26275}: [NameServer] 192.168.0.1,75.75.76.76
    Tcpip\..\Interfaces\{75F23FE3-1277-4A15-B393-F09B6F2535B6}: [NameServer] 192.168.0.100

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-1085031214-796845957-725345543-2791\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
    HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
    SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
    SearchScopes: HKU\.DEFAULT -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
    SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {15261C5A-E2D7-42B4-AE84-D92AE430C800} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
    SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {15261C5A-E2D7-42B4-AE84-D92AE430C800} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
    SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {91607fa7-3c2f-4f90-93e3-d5337a6b0ac2} URL = Playbryte-fa-outbrowse/search/redirect/?type=default&user_id=f4948b29-18ba-4e54-80f2-876cde2854e2&query={searchTerms}
    SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
    SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2791 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
    SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
    BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-19] (Siber Systems Inc.)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> F:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle Corporation)
    BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-06-11] (LastPass)
    BHO: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll [2015-04-17] (MediaMall Technologies, Inc.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> F:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle Corporation)
    BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
    BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-06-19] (Siber Systems Inc.)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25] (Oracle Corporation)
    BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
    BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-06-11] (LastPass)
    BHO-x32: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho.dll [2015-04-17] (MediaMall Technologies, Inc.)
    BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
    BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
    Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-19] (Siber Systems Inc.)
    Toolbar: HKLM - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll [2015-04-17] (MediaMall Technologies, Inc.)
    Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-06-11] (LastPass)
    Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-06-19] (Siber Systems Inc.)
    Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} -  No File
    Toolbar: HKLM-x32 - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll [2015-04-17] (MediaMall Technologies, Inc.)
    Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-06-11] (LastPass)
    Toolbar: HKU\.DEFAULT -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
    Toolbar: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
    Toolbar: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-19] (Siber Systems Inc.)
    IE Session Restore: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> is enabled.
    IE Session Restore: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009 -> is enabled.
    IE Session Restore: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> is enabled.
    DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
    DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T28L10NSP12_CP1-16851/webex/ieatgpc1.cab
    DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)

    FireFox:
    ========
    FF ProfilePath: C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default
    FF DefaultSearchEngine.US: Google
    FF Session Restore: -> is enabled.
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
    FF Plugin: @java.com/DTPlugin,version=11.45.2 -> F:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-10] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> F:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle Corporation)
    FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-06-11] (LastPass)
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-25] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
    FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-06-11] (LastPass)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-10] (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2010-08-25] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2010-08-25] (NVIDIA Corporation)
    FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll [2015-08-13] (MediaMall Technologies, Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
    FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
    FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-30] (Wacom)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\grevolorio\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-08-11] (Citrix Online)
    FF Plugin HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: LWAPlugin15.8 -> C:\Users\grevolorio\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-09-18] (Microsoft Corporation)
    FF Plugin HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-30] (Wacom)
    FF user.js: detected! => C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\user.js [2015-06-16]
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll [2014-11-19] (Cisco WebEx LLC)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginAOC.dll [2016-03-14] ()
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-02-10] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
    FF Extension: Disconnect - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\2.0@disconnect.me.xpi [2015-06-16]
    FF Extension: Flashblock - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-05-06]
    FF Extension: Turn Off the Lights - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\stefanvandamme@stefanvd.net.xpi [2016-05-06]
    FF Extension: LastPass - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\support@lastpass.com [2016-05-06]
    FF Extension: Amazon Price Tracker - Keepa.com - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\amptra@keepa.com.xpi [2016-05-06]
    FF Extension: PriceZombie, Price Tracker & Price Comparison - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\jid1-a36dFT994VgKDA@jetpack.xpi [2015-10-08]
    FF Extension: PlayOn - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\playonplugin@playon.tv [2015-06-24] [not signed]
    FF Extension: Video DownloadHelper - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
    FF Extension: Adblock Plus - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-22]
    FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\extensions\afproxy@anchorfree.com [2015-09-23] [not signed]
    FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-09-23] [not signed]
    FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2015-09-23] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
    FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-12-06] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
    FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2015-06-19] [not signed]
    FF HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
    FF HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
    FF HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://www.google.com
    CHR DefaultSearchKeyword: Default -> lp
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-11]
    CHR Extension: (Entanglement Web App) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-06-11]
    CHR Extension: (SearchReportRecordResult Class) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-09-16] [UpdateUrl: hxxps://clients2.google/service/cnhpbmgmfaaapmaoibgdmapbjfofolig] <==== ATTENTION
    CHR Extension: (Google Docs) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-11]
    CHR Extension: (Send to OneNote) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aokbjibjnekbfdjilfpoknnokaffoinp [2015-07-01]
    CHR Extension: (Google Drive) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
    CHR Extension: (Turn Off the Lights) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-06-24]
    CHR Extension: (YouTube) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
    CHR Extension: (Honey) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-07-15]
    CHR Extension: (Adblock Plus) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-01]
    CHR Extension: (Incognito-Filter) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik [2015-06-11]
    CHR Extension: (Google Search) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
    CHR Extension: (Tampermonkey) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-07-16]
    CHR Extension: (Unlimited Hotspot Tethering) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\diddhabdhahhfajjfgepdlanilmdnogk [2015-06-24]
    CHR Extension: (Facebook Disconnect) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2015-06-11]
    CHR Extension: (Photo Zoom for Facebook) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2015-06-11]
    CHR Extension: (Google Sheets) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-11]
    CHR Extension: (Chrome Remote Desktop) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-13]
    CHR Extension: (Google Docs Offline) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-22]
    CHR Extension: (Close all Tabs) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghcmiphoepcihlmphakgmpapfpldlleg [2015-06-11]
    CHR Extension: (AdBlock) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-11]
    CHR Extension: (Pin It Button) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-09-26]
    CHR Extension: (TinEye Reverse Image Search) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2015-06-11]
    CHR Extension: (LastPass: Free Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-07-15]
    CHR Extension: (SuperSorter) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij [2015-06-11]
    CHR Extension: (Google Keep - notes and lists) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-07-13]
    CHR Extension: (Google Theme) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\imoaoigekmpoalkbfohhjgkcocjdapne [2015-06-11]
    CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-22]
    CHR Extension: (Cisco WebEx Extension) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-06-11]
    CHR Extension: (Speed Dial 2) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-06-01]
    CHR Extension: (Reddit Enhancement Suite) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-22]
    CHR Extension: (The Great Suspender) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-11-02]
    CHR Extension: (Roomy Bookmarks Toolbar) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmfbpoigddhdibjcilijiejaidggonfc [2015-08-28]
    CHR Extension: (Evernote Web) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-06-11]
    CHR Extension: (Instapaper) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh [2016-03-04]
    CHR Extension: (Facebook Ads Hider) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\leeebdddeggoocipdjiokmjcpidnmoah [2015-06-11]
    CHR Extension: (Unicorn Smasher) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmmeekapjbfjachdkgabdaoccfclpaa [2016-06-17]
    CHR Extension: (PlayOn) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2015-09-15]
    CHR Extension: (Poppit!) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-06-11]
    CHR Extension: (Ghostery) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-03-04]
    CHR Extension: (SharePoint Fix) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbkoobmboaainhbkbdojincpeoldlfc [2015-11-02]
    CHR Extension: (deviantART muro) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\namljbfbglehfnlonjmebceimaalofei [2015-06-11]
    CHR Extension: (Save to Pocket) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-07-13]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-28]
    CHR Extension: (Hover Zoom) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2016-06-01]
    CHR Extension: (Evernote Web Clipper) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2016-07-01]
    CHR Extension: (Gmail) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-11]
    CHR Extension: (Privacy Badger) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2016-06-01]
    CHR Extension: (RSS Feed Reader) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2016-07-11]
    CHR Extension: (RoboForm Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-03-22]
    CHR Profile: C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1
    CHR Extension: (Google Slides) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-01]
    CHR Extension: (Google Docs) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-01]
    CHR Extension: (Google Drive) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-01]
    CHR Extension: (YouTube) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-01]
    CHR Extension: (Google Sheets) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-01]
    CHR Extension: (Chrome Remote Desktop) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-06-01]
    CHR Extension: (20 Cubed) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\geghmabifcdlkmpnkapfefbbfaonhcef [2016-06-01]
    CHR Extension: (Google Docs Offline) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-01]
    CHR Extension: (AdBlock) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-10]
    CHR Extension: (Slinky Wood) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hcaidncenfklbfikefeppfgehcbmmecn [2016-06-01]
    CHR Extension: (LastPass: Free Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-06-24]
    CHR Extension: (Invite All Friends on Facebook) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2016-06-24]
    CHR Extension: (Speed Dial 2) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-06-01]
    CHR Extension: (The Great Suspender) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2016-06-01]
    CHR Extension: (PlayOn) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2016-06-01]
    CHR Extension: (Pocket) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-06-01]
    CHR Extension: (SharePoint Fix) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmbkoobmboaainhbkbdojincpeoldlfc [2016-06-01]
    CHR Extension: (Save to Pocket) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-06-17]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-01]
    CHR Extension: (Context Menu Search) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2016-06-01]
    CHR Extension: (Gmail) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-01]
    CHR Extension: (RSS Feed Reader) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2016-06-25]
    CHR Extension: (RoboForm Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-06-01]
    CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-10]
    CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2014-09-24]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-11-22]
    CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-10]
    StartMenuInternet: Google Chrome.HA3GT6LIC6CKERU66IYIZVETX4 - C:\Users\grevolorio\AppData\Local\Google\Chrome\Application\chrome.exe

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
    R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
    S4 CronService; C:\Prey\platform\windows\cronsvc.exe [19968 2011-02-15] (Fork Ltd.) [File not signed]
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
    R2 hMailServer; F:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [4512768 2015-07-09] (hMailServer) [File not signed]
    R2 KinoniSvc; f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [524800 2014-11-12] () [File not signed]
    R2 MBAMScheduler; f:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
    R2 MBAMService; f:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
    R2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5933872 2015-09-18] (MediaMall Technologies, Inc.)
    S4 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
    S4 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [17920 2011-09-19] (Microsoft) [File not signed]
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
    S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4476096 2005-09-23] (Microsoft Corporation)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
    S3 SandraAgentSrv; f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\RpcAgentSrv.exe [73200 2014-11-05] (SiSoftware) [File not signed]
    R2 SDScannerService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [997568 2014-06-29] (@ByELDI) [File not signed]
    R2 Synergy; C:\Program Files\Synergy\synergyd.exe [312488 2016-03-18] ()
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7184144 2016-07-06] (TeamViewer GmbH)
    R2 TuneUp.UtilitiesSvc; F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
    R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)
    R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
    R2 VMAuthdService; F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [File not signed]
    S2 VMwareHostd; F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-hostd.exe [15680000 2012-08-15] () [File not signed]
    S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    R2 WindowBlinds; C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe [89600 2013-05-16] (Stardock Corporation) [File not signed]
    R2 WindowFX; F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\WindowFXSRV.exe [181904 2012-03-08] (Stardock Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
    S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
    R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-16] (AnchorFree Inc.)
    R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel  Corporation)
    S3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2014-11-12] (Windows (R) Win 7 DDK provider)
    S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2014-11-12] (Windows (R) Win 7 DDK provider)
    S4 LMIRfsClientNP; no ImagePath
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-18] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
    R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)
    R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
    S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
    S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
    S3 SANDRA; f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
    R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
    R3 TuneUpUtilitiesDrv; F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
    R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
    U5 UnlockerDriver5; F:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
    R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
    R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
    R0 vsock; C:\Windows\System32\drivers\vsock.sys [70256 2012-07-06] (VMware, Inc.)
    R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-03-22] (WinISO.com)
    S1 bbstlqcp; \??\C:\Windows\system32\drivers\bbstlqcp.sys [X]
    S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
    S1 ekgpaanc; \??\C:\Windows\system32\drivers\ekgpaanc.sys [X]
    S1 emzyrjza; \??\C:\Windows\system32\drivers\emzyrjza.sys [X]
    S1 fzqrwich; \??\C:\Windows\system32\drivers\fzqrwich.sys [X]
    S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
    S1 mttwbomv; \??\C:\Windows\system32\drivers\mttwbomv.sys [X]
    S1 ouqyzldm; \??\C:\Windows\system32\drivers\ouqyzldm.sys [X]
    S1 sesugyny; \??\C:\Windows\system32\drivers\sesugyny.sys [X]
    S3 SliceDisk5; \??\C:\Users\grevolorio\AppData\Local\Temp\HBCD\PartitionFindAndMount\slicedisk-x64.sys [X]
    S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
    S1 vixxdple; \??\C:\Windows\system32\drivers\vixxdple.sys [X]
    S2 WGX; System32\Drivers\WGX64.SYS [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-07-18 11:05 - 2016-07-18 11:07 - 00067984 _____ C:\Users\grevolorio.trmdu2\Desktop\FRST.txt
    2016-07-18 11:03 - 2016-07-18 11:03 - 02391040 _____ (Farbar) C:\Users\grevolorio.trmdu2\Desktop\FRST64.exe
    2016-07-18 10:07 - 2016-07-18 10:07 - 00000000 ____D C:\Program Files\Common Files\AV
    2016-07-18 10:07 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
    2016-07-16 08:38 - 2016-05-09 16:48 - 00450051 _____ C:\Windows\system32\Drivers\etc\hosts.20160716-083854.backup
    2016-07-13 09:49 - 2016-07-13 09:50 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Roaming\vlc
    2016-07-13 09:22 - 2016-07-13 09:22 - 00000000 ____D C:\Users\grevolorio.trmdu2\Projects Series
    2016-07-13 09:22 - 2016-07-13 09:22 - 00000000 ____D C:\Users\grevolorio.trmdu2\HDR Projects 4 Pro
    2016-07-13 09:20 - 2016-07-13 09:20 - 00001162 _____ C:\Users\Public\Desktop\HDR projects 4 professional (64-Bit).lnk
    2016-07-13 09:20 - 2016-07-13 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
    2016-07-13 09:20 - 2016-07-13 09:20 - 00000000 ____D C:\Program Files\Franzis
    2016-07-11 14:07 - 2016-07-11 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2016-07-11 10:48 - 2016-07-11 10:48 - 00000957 _____ C:\Users\grevolorio.trmdu2\Desktop\BHODemon 2.0.lnk
    2016-07-11 10:48 - 2016-07-11 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BHODemon 2.0
    2016-07-11 10:48 - 2016-07-11 10:48 - 00000000 ____D C:\Program Files (x86)\BHODemon 2
    2016-07-09 08:49 - 2016-07-09 08:49 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
    2016-07-09 08:49 - 2016-07-09 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2016-07-09 08:49 - 2016-07-09 08:49 - 00000000 ____D C:\Program Files\iTunes
    2016-07-09 08:49 - 2016-07-09 08:49 - 00000000 ____D C:\Program Files\iPod
    2016-06-24 09:43 - 2016-07-08 21:18 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-07-18 11:05 - 2014-01-30 12:00 - 00000548 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1085031214-796845957-725345543-2108.job
    2016-07-18 11:05 - 2012-05-23 18:15 - 00000000 ____D C:\FRST
    2016-07-18 11:05 - 2011-08-04 09:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-07-18 11:01 - 2014-11-04 15:34 - 00000382 _____ C:\Windows\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job
    2016-07-18 10:55 - 2015-09-16 12:08 - 00192216 ____C (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2016-07-18 10:32 - 2015-07-02 10:19 - 00000644 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1085031214-796845957-725345543-2108.job
    2016-07-18 10:21 - 2012-07-27 08:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2016-07-18 10:08 - 2015-06-30 08:58 - 00000916 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
    2016-07-18 10:07 - 2014-08-20 09:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2016-07-18 06:15 - 2009-07-14 00:45 - 00033392 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2016-07-18 06:15 - 2009-07-14 00:45 - 00033392 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2016-07-18 02:07 - 2015-06-11 15:15 - 00000000 ____D C:\ProgramData\MediaMall
    2016-07-18 01:19 - 2015-06-30 08:58 - 00000912 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
    2016-07-17 22:59 - 2015-09-30 10:32 - 00000000 ____D C:\Program Files\KMSpico
    2016-07-17 20:05 - 2011-08-04 09:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-07-17 09:28 - 2009-07-14 01:13 - 00845984 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-07-17 09:28 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
    2016-07-14 20:21 - 2012-07-27 08:46 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2016-07-14 20:21 - 2012-04-13 10:28 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-07-14 20:21 - 2011-05-20 16:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-07-13 15:39 - 2015-06-11 20:52 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Local\CrashDumps
    2016-07-13 13:18 - 2011-01-21 14:14 - 00000000 ____D C:\Program Files (x86)\TeamViewer
    2016-07-13 12:43 - 2015-07-07 13:19 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent
    2016-07-13 09:22 - 2015-06-11 14:53 - 00000000 ____D C:\Users\grevolorio.trmdu2
    2016-07-12 16:21 - 2012-01-26 17:19 - 00000000 ____D C:\Windows\system32\Macromed
    2016-07-12 16:21 - 2011-01-21 11:27 - 00000000 ____D C:\Windows\SysWOW64\Macromed
    2016-07-11 14:08 - 2015-06-30 08:57 - 00000000 ____D C:\Program Files (x86)\Dropbox
    2016-07-11 10:59 - 2012-06-11 10:02 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-07-09 08:49 - 2015-07-07 11:43 - 00000000 ____D C:\Program Files\Common Files\Apple
    2016-07-09 08:49 - 2014-02-28 10:55 - 00000000 ____D C:\Program Files (x86)\iTunes
    2016-07-07 09:58 - 2015-06-17 13:26 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Local\calibre-cache
    2016-07-07 09:22 - 2015-06-17 13:25 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Roaming\calibre
    2016-07-01 13:31 - 2015-11-02 15:45 - 00000960 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
    2016-07-01 13:31 - 2011-06-09 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
    2016-07-01 13:31 - 2011-06-09 14:01 - 00000000 ____D C:\Program Files (x86)\Calibre2
    2016-06-27 11:21 - 2015-09-23 03:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2016-06-27 11:21 - 2012-10-10 13:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2016-06-27 10:24 - 2015-06-11 20:51 - 00000000 ____D C:\Users\grevolorio.trmdu2\.VirtualBox
    2016-06-24 17:46 - 2015-06-17 09:21 - 00143848 _____ C:\Users\grevolorio.trmdu2\AppData\Local\GDIPFONTCACHEV1.DAT
    2016-06-21 05:42 - 2013-11-12 12:46 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2016-06-21 05:41 - 2014-03-18 09:15 - 00000000 ____D C:\Program Files\Microsoft Office 15

    ==================== Files in the root of some directories =======

    2012-01-30 09:55 - 2015-06-11 15:56 - 16258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
    2015-06-12 19:46 - 2015-06-12 19:46 - 0000064 _____ () C:\Users\grevolorio.trmdu2\AppData\Roaming\Sandra.ldb
    2015-06-12 19:46 - 2015-06-12 21:14 - 14417920 _____ () C:\Users\grevolorio.trmdu2\AppData\Roaming\Sandra.mdb
    2015-08-28 17:23 - 2015-08-28 17:23 - 0000020 ___SH () C:\Users\grevolorio.trmdu2\AppData\Roaming\Sys11965 DataCollection.dat
    2015-08-28 17:23 - 2015-08-28 17:23 - 0000020 ___SH () C:\Users\grevolorio.trmdu2\AppData\Roaming\System413_DataDB.ind
    2015-07-04 08:40 - 2015-07-09 19:01 - 0000600 _____ () C:\Users\grevolorio.trmdu2\AppData\Roaming\winscp.rnd
    2015-09-28 09:21 - 2015-09-28 09:21 - 0000038 ___SH () C:\Users\grevolorio.trmdu2\AppData\Local\5678c43253f8bbb5ed82a9.59421958
    2015-07-04 08:47 - 2015-07-13 11:07 - 0000600 _____ () C:\Users\grevolorio.trmdu2\AppData\Local\PUTTY.RND
    2015-09-16 12:03 - 2015-09-16 12:03 - 0045957 _____ () C:\ProgramData\HELP_DECRYPT.PNG
    2015-09-16 12:03 - 2015-09-16 12:03 - 0000296 _____ () C:\ProgramData\HELP_DECRYPT.URL
    2012-08-20 10:22 - 2012-08-28 15:25 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
    2014-12-18 12:06 - 2014-12-18 12:06 - 0000202 _____ () C:\ProgramData\nbinst.ini
    2013-11-25 17:35 - 2013-11-25 17:35 - 0000018 _____ () C:\ProgramData\ruby-uuid

    Files to move or delete:
    ====================
    C:\Users\grevolorio\SyncToy_6f9d1157-50ab-4e8a-b246-c8013fe8d91a.dat
    C:\Users\grevolorio\SyncToy_eb83ad46-2f1d-44ad-8333-991854e5ef51.dat


    Some files in TEMP:
    ====================
    C:\Users\grevolorio\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_kz8ag.dll
    C:\Users\grevolorio\AppData\Local\Temp\RoboForm-Setup.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-07-07 10:41

    ==================== End of FRST.txt ============================

     

     

    And the Addition.txt is:

     

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2016 03
    Ran by grevolorio (2016-07-18 11:08:11)
    Running from C:\Users\grevolorio.trmdu2\Desktop
    Windows 7 Professional Service Pack 1 (X64) (2012-06-05 17:59:53)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3578782807-1016812498-1856270605-500 - Administrator - Disabled)
    grevolorio (S-1-5-21-3578782807-1016812498-1856270605-1009 - Administrator - Enabled) => C:\Users\grevolorio.trmdu2
    Guest (S-1-5-21-3578782807-1016812498-1856270605-501 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Out of date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
    AS: Microsoft Security Essentials (Enabled - Out of date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
    µTorrent (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\uTorrent) (Version: 3.4.3.40466 - BitTorrent Inc.)
    µTorrent (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.3.40466 - BitTorrent Inc.)
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.15 - STMicroelectronics)
    Acute Email IDs Production Engine (HKLM-x32\...\{CB72E17B-1BCA-441F-A8A0-64C6FDF09425}) (Version: 10.3.5 - SAGAWEBS.COM)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
    Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
    Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
    Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
    Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
    Adobe LiveCycle Designer 7.1 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\InstallShield_{B8420E42-9664-43AF-BD01-F7B12EBA92CF}) (Version: 7.1.0000 - Adobe)
    Adobe Media Player (HKLM-x32\...\com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.8 - Adobe Systems Incorporated)
    Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
    Adobe Reader 64-bit fixes (HKLM\...\{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1) (Version:  - Leo Davidson / Pretentious Name)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
    Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
    Allway Sync version 10.3.25 (HKLM\...\Allway Sync_is1) (Version:  - Botkind Inc)
    Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
    Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{6F085FCD-4B6A-4F63-AF23-B74629C40797}) (Version: 9.3.0.15 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
    AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
    AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies)
    AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
    AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
    Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-5 - Wacom Technology Corp.)
    Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.0 - Wacom Co., Ltd.)
    Bamboo Dock (x32 Version: 4.0.0 - Wacom Europe GmbH) Hidden
    Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    BHODemon 2.0.0.23 (HKLM-x32\...\BHODemon_is1) (Version:  - Definitive Solutions, Inc.)
    BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 2.0.128 - BitTorrent Inc.)
    Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Box Edit (HKLM-x32\...\{8887D190-E3EC-45D9-A62D-DF423B53CBEE}) (Version: 3.0.25.511 - Box)
    Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    calibre (HKLM-x32\...\{BA623AFD-BE42-4B5F-9B8E-01FAB9BB2B51}) (Version: 2.61.0 - Kovid Goyal)
    CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
    Chrome Remote Desktop Host (HKLM-x32\...\{95EB2FCC-AE0B-40E9-B804-347C6358923B}) (Version: 51.0.2704.7 - Google Inc.)
    Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
    Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
    Citrix Online Launcher (HKLM-x32\...\{AFB80939-4486-49D8-A04E-2B05C0F2DE39}) (Version: 1.0.252 - Citrix)
    ClipX (HKLM-x32\...\ClipX) (Version:  - )
    Color Cop 5.4.3 (HKLM-x32\...\Color Cop_is1) (Version:  - Jay Prall)
    Color Picker (HKLM-x32\...\ST6UNST #1) (Version:  - )
    Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
    Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
    Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
    CutePDF Professional 3.3 (HKLM-x32\...\{F10D1D8F-C20C-4F0D-B243-688C0C6873F6}) (Version: 3.30.1001 - Acro Software Inc.)
    CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
    Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
    Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
    eReader (HKLM-x32\...\{453C9E55-80DF-4BD2-9885-52A1FB0D9382}) (Version: 3.0.3 - Palm Digital Media)
    Evernote v. 5.2 (HKLM-x32\...\{090931D6-A2F4-11E3-AD9C-00163E98E7D0}) (Version: 5.2.0.2946 - Evernote Corp.)
    ExtraPutty 0.22 (HKLM-x32\...\{14C76057-E495-47E1-BDF0-1A1CC1752ADF}) (Version: 0.22 - )
    Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
    Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.5.6 - Telerik)
    FileMenu Tools (HKLM\...\FileMenu Tools_is1) (Version:  - LopeSoft - Rubén López Hernández)
    FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
    Fine Woodworking Archive (HKLM-x32\...\{84D74E02-0F71-4107-B92F-48848C06ABB0}) (Version: 2.0.1 - Taunton)
    Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
    Git version 1.7.6-preview20110708 (HKLM-x32\...\Git_is1) (Version: 1.7.6-preview20110708 - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
    GoToMeeting 7.2.0.2759 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.2.0.2759 - CitrixOnline)
    Gtk# for .Net 2.12.25 (HKLM-x32\...\{889E7D77-2A98-4020-83B1-0296FA1BDE8A}) (Version: 2.12.25 - Xamarin, Inc.)
    HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
    HDR projects 4 professional (64-Bit) (HKLM\...\HDR_PROJECTS_4_3_3BF7CE82_is1) (Version: 4.41 - Franzis Verlag GmbH)
    hMailServer 5.6.4-B2283 (HKLM-x32\...\hMailServer_is1) (Version:  - )
    huey 1.0.5 (HKLM-x32\...\huey_is1) (Version:  - Pantone & GretagMacbeth)
    IdeaRoom (HKLM-x32\...\{9D3E0103-F902-4368-8CAE-21EE46F2DE9E}) (Version: 1.36.0070 - Sawtooth Ideas)
    IETester v0.4.10 (remove only) (HKLM-x32\...\IETester) (Version: 0.4.10 - Core Services)
    iExplorer 3.2.2.6 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
    IMG to ISO (HKLM-x32\...\{F10528D1-6478-4F67-A393-CCAC1DB958C1}_is1) (Version:  - imgtoiso.com)
    Inkscape 0.48.1  (HKLM-x32\...\Inkscape) (Version: 0.48.1 - )
    Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
    Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
    iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
    IsoBuster 3.4 (HKLM-x32\...\IsoBuster_is1) (Version: 3.4 - Smart Projects)
    iTunes (HKLM\...\{709990D1-03DA-4302-B364-E4D9F17E2198}) (Version: 12.4.1.6 - Apple Inc.)
    Java 2 Runtime Environment, SE v1.4.1 (HKLM-x32\...\{CD0159C9-17FB-11D6-A76A-00B0D079AF64}) (Version:  - )
    Java 2 Runtime Environment, SE v1.4.1_07 (HKLM-x32\...\{CA532E73-1BB7-11D8-9D6A-00010240CE95}) (Version:  - )
    Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
    Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
    Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
    Java Web Start (HKLM-x32\...\Java Web Start) (Version:  - )
    Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
    Java(TM) 6 Update 29 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416029FF}) (Version: 6.0.290 - Oracle)
    Java(TM) 6 Update 39 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216039FF}) (Version: 6.0.390 - Oracle)
    Java(TM) SE Development Kit 6 Update 39 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160390}) (Version: 1.6.0.390 - Oracle)
    Java(TM) SE Development Kit 7 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
    JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
    JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
    JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
    join.me (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\JoinMe) (Version: 1.17.0.156 - LogMeIn, Inc.)
    Keywords Studio Pro (HKLM-x32\...\Keywords Studio Pro 1.0.0) (Version: 1.0.0 - intraSEO)
    Keywords Studio Pro (x32 Version: 1.0.0 - intraSEO) Hidden
    KinoniDrivers 2.8.1 (HKLM-x32\...\KinoniDrivers) (Version: 2.8.1 - Kinoni)
    K-Lite Codec Pack 8.6.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.6.0 - )
    KMSpico v9.3.1 (HKLM\...\KMSpico_is1) (Version: 9.3.1 - )
    kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    LAN-Fax Utilities (HKLM\...\LAN-Fax Utilities) (Version:  - )
    LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
    Launchy 2.5 (HKLM-x32\...\Launchy_21344213_is1) (Version:  - Code Jelly)
    LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
    LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.71 - Alliance Software Pty Ltd)
    Market Samurai (x32 Version: 0.93.71 - Alliance Software Pty Ltd) Hidden
    Maxwell for SketchUp 2014 (HKLM-x32\...\{E3FA7086-A065-4FAF-B819-400927194F80}) (Version: 3.0.11 - Next Limit Technologies)
    MDF to ISO version 1.0 (HKLM-x32\...\{79DDA36F-B19E-4293-A4F2-FA3EC1C06E6E}_is1) (Version: 1.0 - mdftoiso.com)
    MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
    Metalogix Content Matrix Console - File Share Edition (HKLM-x32\...\{99641A98-EE9B-4521-916C-DF09AC9DD4A3}) (Version: 6.2.0302 - Metalogix Software Corp.)
    Metalogix Content Matrix Console - Public Folder Edition (HKLM-x32\...\{E18CB092-505F-4FE1-B4C7-C53DBBBBA938}) (Version: 6.2.0302 - Metalogix Software Corp.)
    Metalogix Content Matrix Console - SharePoint Edition (HKLM-x32\...\{A4E8B4B5-C6D6-414B-A513-EDDB70F58959}) (Version: 6.2.0302 - Metalogix Software Corp.)
    Micro-Measure (HKLM-x32\...\{75E1D518-6772-4073-A71C-354B71181391}) (Version: 1.0.0 - Brightwell)
    Microsoft .NET Compact Framework 1.0 SP3 Developer (HKLM-x32\...\{6C531060-84FB-4F96-8F33-29DF020632EB}) (Version: 1.0.4292 - Microsoft Corporation)
    Microsoft .NET Compact Framework 2.0 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5238 - Microsoft Corporation)
    Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft Device Emulator version 1.0 - ENU (HKLM-x32\...\{78B75C6D-E53C-424C-BF83-4B63BD4A6682}) (Version: 1.0.50727.42 - Microsoft Corporation)
    Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version:  - Microsoft Corporation)
    Microsoft Exchange Web Services Managed API 2.1 (HKLM-x32\...\{24CA683D-8174-4EBF-AD4D-3F2DD7814716}) (Version: 15.0.847.30 - Microsoft Corporation)
    Microsoft Expression Blend 3 SDK (HKLM-x32\...\{256E7DAC-9BE8-494E-8DE7-7857BF96B774}) (Version: 1.0.1343.0 - Microsoft Corporation)
    Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.20525.0) (Version: 4.0.20525.0 - Microsoft Corporation)
    Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{9B3A1C97-A361-463E-8817-444F9F88CDFE}) (Version: 2.0.20525.0 - Microsoft Corporation)
    Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}) (Version: 2.0.20525.0 - Microsoft Corporation)
    Microsoft Expression Design 4 (HKLM-x32\...\Design_7.0.20516.0) (Version: 7.0.20516.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1639.0) (Version: 4.0.1639.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{BF127B80-CFD5-4379-9752-E8AF1A5D0141}) (Version: 4.0.1639.0 - Microsoft Corporation)
    Microsoft Expression Studio 4 (HKLM-x32\...\ExpressionStudio_4.0.20525.0) (Version: 4.0.20525.0 - Microsoft Corporation)
    Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1303.0) (Version: 4.0.1303.0 - Microsoft Corporation)
    Microsoft Expression Web 4 Service Pack 2 (HKLM-x32\...\{F5993FCC-DF5D-4879-B70D-AA1F379C5C6B}) (Version:  - Microsoft Corporation)
    Microsoft Filter Pack 1.0 (HKLM\...\{95120000-2000-0409-1000-0000000FF1CE}) (Version: 12.0.4518.1104 - Microsoft Corporation)
    Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
    Microsoft Lync 2010 Attendee (HKLM-x32\...\{09335E49-1C8F-4973-9929-941BE9C6EF33}) (Version: 4.0.7577.4498 - Microsoft Corporation)
    Microsoft Lync Web App Plug-in (HKLM\...\{52CAD0B7-8759-4CE5-94D7-8825BBFD7445}) (Version: 15.8.8653.0 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
    Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4833.1001 - Microsoft Corporation)
    Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Developer Tools for Visual Studio 2013 - November 2014 Update (HKLM-x32\...\{ac415136-ae46-4301-b23e-6559062bfa7b}) (Version: 12.0.31105.0 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version:  - Microsoft)
    Microsoft Office Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesignerR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version:  - Microsoft)
    Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version:  - Microsoft)
    Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
    Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
    Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft Robocopy GUI (HKLM-x32\...\{107C666F-63C5-4263-8D40-8B9CFB5FED08}) (Version: 1.0.0 - Microsoft)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
    Microsoft SharePoint Designer 2010 (HKLM-x32\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
    Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
    Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{62D2F823-0EAA-496D-B0F9-A869BFC51550}) (Version: 8.05.2312 - Microsoft Corporation)
    Microsoft SQL Server 2005 Books Online (English) (September 2007) (HKLM-x32\...\{6FDD4688-E063-401D-B6BE-7234E20B9173}) (Version: 9.00.3104 - Microsoft Corporation)
    Microsoft SQL Server 2005 Mobile [ENU] Developer Tools (HKLM-x32\...\{1389C6A4-4965-4AEC-9175-08B54A10FA48}) (Version: 3.0.0.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Policies  (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{88CB5DFD-6CE1-486F-998C-9FC090FCE5E2}) (Version: 11.1.3128.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
    Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
    Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
    Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
    Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
    Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
    Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
    Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
    Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
    Microsoft Visual Studio 2005 64bit Prerequisites (x64) - ENU (HKLM\...\{75F299F3-8234-47CD-BB40-2994C1B1105E}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual Studio 2005 Premier Partner Edition - ENU (HKLM-x32\...\{C25EF637-BE7A-4761-9B45-9069989C319F}) (Version: 8.0.50728 - Microsoft Corporation)
    Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601) (HKLM-x32\...\KB926601.T2_29ToU260_29) (Version: 1 - Microsoft Corporation)
    Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU) (Version:  - Microsoft Corporation)
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 SharePoint Power Tools (HKLM-x32\...\{FD84580C-12DC-3BA4-ABE8-1E337F776F1D}) (Version: 10.0.30604 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
    Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
    MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
    MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
    MoSync (HKLM-x32\...\MoSync) (Version:  - Mobile Sorcery)
    MotoHelper 2.1.32 Driver 5.2.0 (HKLM-x32\...\MotoHelper) (Version: 2.1.32 - Motorola)
    MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
    Motorola Mobile Drivers Installation 5.2.0 (Version: 5.2.0 - Motorola Inc.) Hidden
    Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
    MSDN Library for Visual Studio 2005 (HKLM-x32\...\MSDN Library for Visual Studio 2005) (Version: 8.0.50727.42 - Microsoft)
    MSDN Library for Visual Studio 2005 (x32 Version: 8.0.50727.42 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MyLifeOrganized v. 4.3.1 (HKLM-x32\...\MyLife Organized) (Version: 4.3.1 - MyLifeOrganized.net)
    MySQL Connector/ODBC 5.3 (HKLM\...\{43E572BC-B21F-4BEC-94CA-2D4AA6F53246}) (Version: 5.3.2 - Oracle Corporation)
    MySQL Tools for 5.0 (HKLM-x32\...\{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}) (Version: 5.0.17 - MySQL AB, Sun Microsystems, Inc.)
    Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
    Node.js (HKLM\...\{FC4E166C-598C-48CC-BFAC-A709121D3B2C}) (Version: 0.10.22 - Joyent, Inc. and other Node contributors)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.6.2 - )
    NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5951 - NVIDIA Corporation)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
    NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.5951 - NVIDIA Corporation)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
    Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
    Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    OutlookTools 2 (HKLM-x32\...\{E69BB189-4B20-46AE-93CF-59099F05FC3F}) (Version: 2.3.0 - HowTo-Outlook)
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 Design-Time - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
    paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
    Pandora (HKLM-x32\...\com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1) (Version: 2.0.5 - Pandora Media, Inc.)
    Pandora (x32 Version: 2.0.5 - Pandora Media, Inc.) Hidden
    Paprika Recipe Manager (HKLM-x32\...\{E9AC2A1E-F693-43D0-BBF4-C57A4D9BDFCF}) (Version: 1.0.4 - Hindsight Labs LLC)
    ParetoLogic Data Recovery (HKLM-x32\...\{B1C2398C-6FAB-46D1-806C-5942F0829994}) (Version: 1.1.0 - ParetoLogic)
    PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
    PDFill PDF Editor with FREE PDF Writer and Tools (HKLM-x32\...\{D12EBB4E-CF21-496D-979F-89D9DE58C5B8}) (Version: 5.0 - PlotSoft LLC)
    PDFill PDF Writer (HKLM-x32\...\PDFill PDF Writer) (Version:  - )
    Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
    Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
    PlayLater (HKLM-x32\...\{B9050F2D-0F98-4530-A494-FCA63931FBE5}) (Version: 1.6.42 - MediaMall Technologies, Inc.)
    PlayOn (HKLM-x32\...\{8D437274-5816-474B-B57C-C28D62433F8F}) (Version: 3.10.42 - MediaMall Technologies, Inc.)
    Plex (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Plex) (Version: 0.9.502 - Plex, Inc)
    Polipo 1.0.4.1 (HKLM-x32\...\Polipo) (Version:  - )
    PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Python 2.6 pycrypto-2.3 (HKLM-x32\...\{D6242566-9EF5-426E-8F75-F4FBCC010186}) (Version: 2.3.0 - Dwayne C. Litzenberger)
    Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
    Qdabra Rules Library (HKLM\...\{50F764E1-0DB5-4252-8AE9-780BB3A3B16C}) (Version: 2.3.0005 - Qdabra Software)
    Qdabra Rules Library (HKLM-x32\...\{0643AB4D-8502-47FF-AB27-FCF3649CC3C3}) (Version: 6.1.0001 - Qdabra Software)
    Qdabra Rules Library (HKLM-x32\...\{2CEB2CBB-6939-48B7-989A-AB01FBB6B14E}) (Version: 5.1.0000 - Qdabra Software)
    QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
    RAMDisk (HKLM-x32\...\{01D5FF1F-BB19-4387-8EF1-C6319037EC12}) (Version: 3.5.130 - Dataram, Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
    Recover My Files (HKLM-x32\...\Recover My Files_is1) (Version: 4.9.2.1240 - GetData Pty Ltd)
    Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
    Reflector (HKLM\...\{77342B24-A2A9-4420-8C9C-C109EE201CBC}) (Version: 1.3.3.1 - Squirrels)
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
    Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
    Revo Uninstaller 1.92 (HKLM-x32\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
    Revo Uninstaller Pro 2.4.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.4.3 - VS Revo Group, Ltd.)
    Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
    RoboForm 7-9-14-4 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-14-4 - Siber Systems)
    Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.66.00(10/30/2014) - Samsung Electronics Co., Ltd.)
    Samsung M2020 Series (HKLM-x32\...\Samsung M2020 Series) (Version: 1.23 (12/24/2014) - Samsung Electronics Co., Ltd.)
    Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
    Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
    Saver2 (HKLM-x32\...\Saver2) (Version: 1.3.2 - ZZJ)
    ScanSoft PDF Create! 4 (HKLM\...\{33307810-2945-4F3F-8FEA-0BF522AEFCA7}) (Version: 4.01.0069 - Nuance Communications, Inc.)
    Scrum Solution Starter for Microsoft Project 2010 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CC7790844E65D3F0F0686CF43FEDFB17AA666F95) (Version: 1.0.0.71 - Microsoft)
    SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
    SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
    Send to OneNote 2007 (HKLM-x32\...\{D0180909-85ED-4F97-B12C-C9E3129F78DC}) (Version: 1.0.0 - Microsoft Office OneNote 2007 PowerToys)
    SendToOneNote for Chrome (HKLM-x32\...\{62A77CC8-B17A-49C0-9BE6-E77216E86BD3}) (Version: 1.2.0 - Aspark Software)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0017-0000-0000-0000000FF1CE}_Office14.SharePointDesigner_{8B883A57-E4BC-4745-8E6C-68168850F9DD}) (Version:  - Microsoft)
    SharePoint Client Components (HKLM\...\{95150003-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4641.1002 - Microsoft Corporation)
    SharePoint Client Components (HKLM\...\{95160002-1163-0409-1000-0000000FF1CE}) (Version: 16.0.3104.1200 - Microsoft Corporation)
    Sharpener Pro 3.0 (HKLM-x32\...\Sharpener Pro 3.0 Stand-Alone) (Version: 3.0.0.5 - Nik Software, Inc.)
    Sigil 0.4.2 (HKLM\...\Sigil_is1) (Version:  - John Schember)
    SiSoftware Sandra Business 2015 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.10.2015.1 - SiSoftware)
    SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
    SketchUp 2015 (HKLM\...\{90A6F70E-96AD-4054-AB8F-42BCFA75F8EC}) (Version: 15.0.9350 - Trimble Navigation Limited)
    Skype Toolbars (HKLM-x32\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4137 - Skype Technologies S.A.)
    Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    Sparkol VideoScribe (HKLM-x32\...\Sparkol VideoScribe 2.0) (Version: 2.0 - Sparkol)
    Sparkol VideoScribe (x32 Version: 2.0 - Sparkol) Hidden
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    SQL Server 2012 Client Tools (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Common Files (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQL Server 2012 Management Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
    SQLXML4 (HKLM\...\{DEA9F247-F832-4E36-90BF-D8EDA206521A}) (Version: 9.00.5000.00 - Microsoft Corporation)
    Stardock WindowBlinds (HKLM-x32\...\Stardock WindowBlinds) (Version: 8.12 - Stardock Software, Inc.)
    Stickies 7.1e (HKLM-x32\...\ZhornStickies) (Version:  - Zhorn Software)
    Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
    SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
    Synergy (64-bit) (HKLM\...\{77865914-4067-41D2-8DE0-ACFA9C83351D}) (Version: 1.7.6 - The Synergy Project)
    Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.62308 - TeamViewer)
    TeraCopy 2.12 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector Inc.)
    TopStyle (Version 3) (HKLM-x32\...\TopStyle (Version 3)) (Version: 3.1.0 - Bradbury Software, LLC)
    Tor 0.2.1.30 (HKLM-x32\...\Tor) (Version:  - )
    Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84.4 - Transmission)
    TreeSize Free V2.6 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.6 - JAM Software)
    TreeSize Professional 5.3.4 (HKLM-x32\...\TreeSize Professional_is1) (Version: 5.3.4 - JAM Software)
    TuneUp 2.5.0.0 (HKLM-x32\...\TuneUpMedia) (Version: 2.5.0.0 - TuneUp Media, Inc.)
    TuneWiki (HKLM-x32\...\TuneWiki) (Version: 1.0.165.0 - TuneWiki)
    U2 PCAM (HKLM-x32\...\{F89DC420-FF15-485D-8254-67A27ED1313B}) (Version: 1.2.3.4 - Genesys Logic)
    Unlocker 1.9.1 (HKLM-x32\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version:  - Microsoft)
    Update or Uninstall SENukeX (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\2ce4fd5e017fe1d3) (Version: 3.0.0.56 - SENukeX)
    Update or Uninstall SENukeX (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\2ce4fd5e017fe1d3) (Version: 3.0.0.56 - SENukeX)
    Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
    Velvia Vision (HKLM-x32\...\{F02DBC56-E5AB-4F74-B995-4586F91D4BDC}) (Version: 1.0 - Fred Miranda)
    Vertus Fluid Mask 3 2.100.2-RC2 (HKLM-x32\...\VertusFluidMask3) (Version: 2.100.2-RC2 - )
    Vidalia 0.2.12 (HKLM-x32\...\Vidalia) (Version:  - )
    Video Enhancer 1.9.6 (HKLM-x32\...\Video Enhancer_is1) (Version:  - Infognition Co. Ltd.)
    VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
    Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
    VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
    VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 9.0.0 - VMware, Inc)
    VMware Workstation (Version: 9.0.0 - VMware, Inc.) Hidden
    WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
    Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
    WebTablet FB Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.1 - Wacom Technology Corp.)
    WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
    WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
    WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
    Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
    WinDirStat 1.1.2 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WinDirStat) (Version:  - )
    WinDjView 2.0.2 (HKLM\...\WinDjView) (Version: 2.0.2 - Andrew Zhezherun)
    WindowFX (x32 Version: 5.01 - Stardock Corporation) Hidden
    Windows Driver Package - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
    Windows Driver Package - Apple Inc. Apple Wireless Mouse (09/17/2009 3.0.0.5) (HKLM\...\929413420CDE2F0C2C08C06E73FF16D9CB6C9807) (Version: 09/17/2009 3.0.0.5 - Apple Inc.)
    Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
    Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    Windows Resource Kit Tools (HKLM-x32\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation)
    WinISO (HKLM-x32\...\WinISO) (Version: 6.3.0.4829 - WinISO Computing Inc.)
    WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
    WinSCP 4.3.5 (HKLM-x32\...\winscp3_is1) (Version: 4.3.5 - Martin Prikryl)
    WinSnap (HKLM-x32\...\WinSnap) (Version: 4.0.8 - NTWind Software)
    WinX DVD Author 5.8 (HKLM-x32\...\WinX DVD Author_is1) (Version:  - FreetimeSoft, Inc.)
    Workflow Manager Client 1.0 (HKLM\...\{A5ABAF5F-B5B6-44B3-B69F-2E13DC60FC9F}) (Version: 2.0.40131.0 - Microsoft Corporation)
    Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{A79F6653-6AF1-4AF2-BC15-F5D6C05E1E6A}) (Version: 2.0.40326.0 - Microsoft Corporation)
    Workrave 1.10 (HKLM-x32\...\Workrave_is1) (Version:  - Rob Caelers & Raymond Penners)
    WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)
    xplorer² professional 64 bit (HKLM\...\xplorer2p64) (Version: 2.5.0.2 - Zabkat)
    yEd Graph Editor 3.9.2 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.9.2 - yWorks GmbH)
    Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
    Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
    Языковой пакет для среды разработки набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\grevolorio\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\2185\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\grevolorio\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {01948B03-BD45-4976-8D31-7855925672EC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => F:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {05C8BCBA-5173-4FD5-AB52-1671D7DC2D35} - System32\Tasks\{6D5E1E37-7B03-499C-9F90-D7F8A3F44FD4} => pcalua.exe -a "F:\Adobe CS4\Master Collection\Adobe CS4\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files (x86)\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02" -c -silent
    Task: {0DA826DA-C315-408E-A81B-346FA731E686} - System32\Tasks\{4BD142E9-8A9E-4CF1-8E08-D7B5ABC463F4} => pcalua.exe -a "F:\kodiRelated\FTV v0.52\FTV\Amazon FireTV Utility App.exe"
    Task: {13009AEA-3E20-4C03-98ED-1DDAA2CBE59A} - System32\Tasks\{1E1D40DD-B7F0-437F-919E-7299C2A201C8} => pcalua.exe -a C:\Users\grevolorio\Desktop\vpnclient-win-msi-5.0.01.0600-k9.exe -d C:\Users\grevolorio\Desktop
    Task: {1CA54BD7-F8FE-43D7-A568-902BD730F451} - System32\Tasks\{C9D0DEFF-43BC-4715-854F-00A22264221D} => pcalua.exe -a F:\Downloads\Drawing\Pencil-Portrait-Tutorial--How-Beginners-Learn-To-Draw-Pencil-Portraits-Quickly-And-Easily.exe -d F:\Downloads\Drawing
    Task: {1D334B1E-CF07-488F-9133-6C6018482BF0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {220D5B9C-CC4B-43A8-BE1B-5AA45467AF92} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {2541E100-9850-45B0-8A0C-D00427497A49} - System32\Tasks\{2662DE15-9BFB-4C94-ABE1-B60C1CDBE28D} => pcalua.exe -a "C:\Users\grevolorio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H3XG5VDK\lastpass_x64[1].exe" -d C:\Users\grevolorio\Desktop
    Task: {2A46E8FA-0109-4EB2-8581-D8E1CC3F8D47} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
    Task: {2AC1D17C-EA09-4710-85F9-66D640AA0BF3} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {2C2A0C7C-A15F-473C-9A03-A80299CEEC13} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation)
    Task: {3100B96D-BB14-4990-BD3D-54ABC9D6445D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
    Task: {327B3BA7-B8A2-4705-A7D4-9A7536F0D564} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
    Task: {379F9252-C770-44AA-AF2C-037D7FDACF84} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-06-19] (Siber Systems)
    Task: {384B22B0-4F48-47CA-A1B8-7D998C13032C} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {4D0D22B8-4C7A-44F5-B04F-96AB41E171EF} - System32\Tasks\ParetoLogic Update Version2 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2008-02-22] ()
    Task: {58289E57-EE9B-437E-9BF3-CCB6ABF1E425} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {59479587-6ECE-4E1C-9E21-55309D69125C} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJMKMGMNJLJIMKJJJCNOMMJOJKMCNLMJMIMJMCNGMLJIMPMCNLMJMPMMMMJKMLMOJKJKJPMIMJNJICMIMCNGMCNOMLMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMEKMICNJJCKFMLMLMPMJNHICMEKMICNJJCKJNBJCMJNKJCMJNNICMJNDJCMKJBJJNMJCMOMFMKMKMFMPMJN (the data entry has 33 more characters).
    Task: {5B725530-FFAB-4A23-8563-A928DF68D79B} - System32\Tasks\G2MUpdateTask-S-1-5-21-1085031214-796845957-725345543-2108 => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupdate.exe [2015-07-02] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {5D3FF025-C318-46AB-A7A4-5A8F209A70F7} - \SidebarExecute -> No File <==== ATTENTION
    Task: {6184FBBE-4AA1-42ED-A3A1-E6838CA95637} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {65EDF042-6E5E-4A9C-BCE8-01793ED9162F} - System32\Tasks\{DEDC4BB3-71C0-40D4-9A13-E7BEA775B519} => pcalua.exe -a F:\Downloads\AppleWirelessMouse64.exe
    Task: {6E0AF919-E2BB-4343-80BD-9DB7B1320AC0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
    Task: {729AE2CB-D745-4FDE-AD60-D0A8A4636D78} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => F:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-08-04] (AVG Technologies)
    Task: {7CFEC956-1854-4D03-AC69-5FCACF3ED978} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
    Task: {83A73D3C-C015-43F6-ABAB-27E7FC5C6590} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns
    Task: {88FD29A9-84EF-4B5D-B6F4-945733D892B5} - System32\Tasks\{A2F28A60-837B-4A08-93CF-C81107A19128} => pcalua.exe -a "F:\Downloads\Stardock Object Desktop Suite\Stardock Object Desktop Suite\WindowBlinds 5 [Enhanced] - With Crack\WindowBlinds 5 [Enhanced].exe" -d "F:\Downloads\Stardock Object Desktop Suite\Stardock Object Desktop Suite\WindowBlinds 5 [Enhanced] - With Crack"
    Task: {8B9FD64D-EE19-4346-AB88-F4084AA5EF60} - System32\Tasks\{E725F200-DE8A-4285-85FF-D7DA2DFE1545} => pcalua.exe -a F:\Downloads\solutoinstaller.exe
    Task: {90FFDBF2-C8F2-4A2B-99C2-BD4B2BA8849B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
    Task: {92FC9152-3CF6-4DC4-A1FF-8B31A85EC68D} - System32\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB} => F:\Program Files\Allway Sync\Bin\syncappw.exe [2010-05-31] ()
    Task: {93F228DA-AB4B-4BD9-B6D4-456EB46BA16D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
    Task: {97F9187F-9225-4089-8965-5A446FE551E5} - System32\Tasks\{6C938882-44FC-4762-8288-22AC4957F8AB} => pcalua.exe -a "C:\Users\grevolorio\Desktop\MsiZap (1).exe" -d C:\Users\grevolorio\Desktop
    Task: {9D8F7C35-05F3-4098-A58A-CFDCE2571B56} - System32\Tasks\{A90FC29D-33BB-491B-AED4-86D69213CF61} => pcalua.exe -a "F:\Downloads\Microsoft Office 2010 Professional (No Key Required)\setup.exe" -d "F:\Downloads\Microsoft Office 2010 Professional (No Key Required)"
    Task: {A10AE438-01D3-48A2-B1F9-9CFCF67E0B22} - System32\Tasks\{E00AD51B-21C4-4D8F-A4AB-7CC5931C85E2} => pcalua.exe -a "C:\FTV\Amazon FireTV Utility App.exe"
    Task: {A2C753BE-80E2-4C1E-A35B-C6B17C5DE41F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
    Task: {AD4D132B-F589-4AB7-9AC7-8E881E3CA6BA} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
    Task: {AD684464-6AA5-4425-9D51-8804B6F5C03B} - System32\Tasks\{B40ADBCF-29B3-4A89-B5F3-2C6807F2DECB} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall INFOPATHR /dll OSETUP.DLL
    Task: {AD9C8945-6414-46A1-B1CB-9348EE400E4F} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2013-03-21] ()
    Task: {AFDFFF62-8D44-4454-8431-F540107AFF83} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJMGMJJLJJMMMLJNJCNMMPMPMHMCNLMGMKMOJCNHMMMNJHMCNNMKJKJOMLMLMKMKJOMPMMJJJJNJICMIMCNOMCNPMFMHMCNPMCNIMJMPMPMFMJMCNOMCNIMJMPMPMCNNMJNPICMLMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMIJNIKJJIAJDJAJNIGJAJJNKJCMJNNICMJNDJCMKJBJ"
    Task: {B421371D-E6A0-44B4-B84E-BEB704B7D919} - System32\Tasks\{DBF89E59-98BD-464C-821B-C714ACBF7D00} => pcalua.exe -a "C:\Users\grevolorio\AppData\Local\Temp\Temp1_Drivers for apple majic mouse.zip\Drivers for apple majic mouse\64bit driver.exe"
    Task: {B42859F1-52BE-4C0B-87A0-089A8A9525FE} - System32\Tasks\{A86051CA-CB2D-4CFC-AA2E-F97F003E332E} => pcalua.exe -a C:\Users\grevolorio.trmdu2\Downloads\VirtualBox-5.0.4-102546-Win.exe
    Task: {B6124405-83CA-4BD7-9DFD-1176D9CFEA66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
    Task: {B7D682DD-52E1-43BE-BBF8-FDC6840A7669} - System32\Tasks\{AEC957EE-1707-435F-9324-C5329BCEB8F2} => pcalua.exe -a F:\Downloads\AppleWirelessMouse64UNEASY.exe
    Task: {BA7A7309-376A-49C5-8980-876C5ACE8DDE} - System32\Tasks\DocumentsBackupToNetworkDrive => C:\Program Files\SyncToy 2.1\SyncToyCmd.exe [2009-10-19] (Microsoft Corporation)
    Task: {BFAECEBD-7839-4DE8-825D-A11D11B4ABE5} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-06-29] (@ByELDI)
    Task: {C3513C86-0619-4FBC-B521-2594460A8AB7} - System32\Tasks\{5EF141E4-698E-4751-AFC4-21FB5FB4CCC4} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
    Task: {C7E44BE0-CBC9-4833-85C7-DCDE3709A73A} - System32\Tasks\{3EE8355E-6EFE-4231-BA1C-0027510C8764} => pcalua.exe -a F:\Downloads\OfficeExcel2003XMLToolsAddin.exe -d F:\Downloads
    Task: {D6847D8E-3585-4794-AD85-56EB9F05F9FA} - System32\Tasks\G2MUploadTask-S-1-5-21-1085031214-796845957-725345543-2108 => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupload.exe [2015-07-02] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {DDBE4BC3-4239-45EA-85A5-E4557D3F2AD6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {DE2F2154-92E1-40E2-8EB6-A80435CCCFB7} - System32\Tasks\{9AA97C05-331D-48E7-B2B6-393DA5DB59E3} => pcalua.exe -a F:\Downloads\Vertus_Fluid_Mask_3.2.1_MegaRapidshare.com\fluid_mask_3_setup_2.100.2-RC2.exe
    Task: {E121D49B-E0A6-45BA-9FBA-E6A579E8DCAE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
    Task: {E62AE87E-4B4E-4A62-A2A5-C62E351425B8} - System32\Tasks\{FB5637CE-774D-41E9-8A18-A66C6F08DE12} => pcalua.exe -a "F:\Downloads\windirstat1_1_2_setup (1).exe" -d F:\Downloads
    Task: {E86215D1-331F-46EA-B5D2-DD63481E1867} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
    Task: {E8FC4795-B64E-463C-96A9-BE0B8DBF960D} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {E96AA20C-5A24-4099-8877-9D626337E24D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {F0F929D8-853A-41D7-BF97-78FBA3A7E8E9} - System32\Tasks\{5F894392-522C-4E66-80C8-E72C3D3AD54E} => pcalua.exe -a F:\Downloads\applewirelessmouse.exe
    Task: {F379DF3B-1EC4-4330-84B3-57537B17F6CE} - System32\Tasks\CopyMyDocsToU_Drive => 
    Task: {F787EACE-34DC-43A0-9DA4-440D0A487857} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {FC31E385-F59B-4071-A73F-53FC0F691907} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => F:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {FCAEA3E8-B27E-4792-96C7-DE1B513D73A6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
    Task: {FE0A6D57-BA94-4854-A4CF-ED585B3BB4B5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job => F:\Program Files\Allway Sync\Bin\syncappw.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1085031214-796845957-725345543-2108.job => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupdate.exe
    Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1085031214-796845957-725345543-2108.job => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupload.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\ParetoLogic Registration.job => rundll32.exe  C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll
    Task: C:\Windows\Tasks\ParetoLogic Update Version2.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ShortcutWithArgument: C:\Users\grevolorio.trmdu2\Desktop\Gus - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
    ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
    ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
    ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
    ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk
    ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9cc420c2be074d9\Identity API Scope Approval UI.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ahjaciijnoiaklcomgnblndopackapon

    ==================== Loaded Modules (Whitelisted) ==============

    2012-05-15 13:12 - 2012-05-15 13:12 - 00385680 _____ () F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\WFX32.exe
    2011-01-11 10:52 - 2009-11-05 08:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
    2015-08-28 15:35 - 2014-10-30 08:18 - 00029184 ____C () C:\Windows\System32\ssj2mlm.dll
    2014-11-12 05:20 - 2014-11-12 05:20 - 00524800 _____ () f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
    2015-08-04 08:26 - 2015-08-04 08:26 - 00718040 _____ () F:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
    2016-03-18 14:52 - 2016-03-18 14:52 - 00018600 _____ () C:\Program Files\Synergy\synwinhk.DLL
    2016-03-16 06:17 - 2016-03-16 06:17 - 00052912 _____ () F:\Program Files\FileZilla FTP Client\fzshellext_64.dll
    2010-07-15 00:44 - 2010-07-15 00:44 - 00020032 _____ () F:\Program Files (x86)\Unlocker\UnlockerCOM.dll
    2011-02-14 17:55 - 2009-06-21 08:52 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
    2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2015-08-04 08:26 - 2015-08-04 08:26 - 00861912 _____ () F:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
    2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    2014-09-08 13:38 - 2014-09-08 13:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
    2016-03-18 14:52 - 2016-03-18 14:52 - 00312488 _____ () C:\Program Files\Synergy\synergyd.exe
    2015-07-08 16:59 - 2016-04-19 19:26 - 00114888 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2010-11-08 11:15 - 2010-11-08 11:15 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
    2015-06-30 08:24 - 2015-06-30 08:24 - 00408576 _____ () F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll
    2014-05-01 10:13 - 2014-05-01 10:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
    2016-07-01 08:50 - 2016-07-01 08:50 - 00171520 ____R () C:\Program Files (x86)\Calibre2\calibre.exe
    2016-07-01 08:50 - 2016-07-01 08:50 - 00024576 ____R () C:\Program Files (x86)\Calibre2\calibre-parallel.exe
    2016-06-17 17:07 - 2016-06-15 04:26 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
    2016-06-17 17:07 - 2016-06-15 04:26 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
    2016-03-18 14:52 - 2016-03-18 14:52 - 01881256 _____ () C:\Program Files\Synergy\synergy.exe
    2016-03-18 14:52 - 2016-03-18 14:52 - 00979112 _____ () C:\Program Files\Synergy\synergys.exe
    2014-08-20 09:47 - 2014-05-13 12:04 - 00109400 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2014-08-20 09:47 - 2014-05-13 12:04 - 00416600 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2014-08-20 09:47 - 2014-05-13 12:04 - 00167768 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2014-08-20 09:47 - 2012-08-23 10:38 - 00574840 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2014-08-20 09:47 - 2012-04-03 17:06 - 00565640 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2012-08-15 14:11 - 2012-08-15 14:11 - 01222656 _____ () F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\libxml2.dll
    2016-07-01 08:47 - 2016-07-01 08:47 - 00037376 ____R () C:\Program Files (x86)\Calibre2\calibre-launcher.dll
    2014-05-03 23:25 - 2014-05-03 23:25 - 00110080 ____R () C:\Program Files (x86)\Calibre2\DLLs\pywintypes27.dll
    2016-07-01 08:47 - 2016-07-01 08:47 - 00057344 ____R () C:\Program Files (x86)\Calibre2\plugins2\progress_indicator.pyd
    2016-07-01 08:47 - 2016-07-01 08:47 - 00069632 ____R () C:\Program Files (x86)\Calibre2\plugins2\imageops.pyd
    2016-07-01 08:50 - 2016-07-01 08:50 - 00176128 ____R () C:\Program Files (x86)\Calibre2\DLLs\libxslt.dll
    2016-07-01 08:50 - 2016-07-01 08:50 - 01069568 ____R () C:\Program Files (x86)\Calibre2\DLLs\libxml2.dll
    2016-07-01 08:50 - 2016-07-01 08:50 - 00064000 ____R () C:\Program Files (x86)\Calibre2\DLLs\libexslt.dll
    2014-12-10 12:23 - 2014-12-10 12:23 - 00426496 ____R () C:\Program Files (x86)\Calibre2\DLLs\sqlite3.dll
    2016-07-01 08:47 - 2016-07-01 08:47 - 00035840 ____R () C:\Program Files (x86)\Calibre2\plugins2\wpd.pyd
    2014-05-03 23:29 - 2014-05-03 23:29 - 00396800 ____R () C:\Program Files (x86)\Calibre2\DLLs\pythoncom27.dll
    2016-07-01 08:46 - 2016-07-01 08:46 - 00262144 ____R () C:\Program Files (x86)\Calibre2\plugins2\hunspell.pyd
    2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2015-10-30 05:53 - 2015-09-01 08:25 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
    2016-05-12 19:57 - 2016-06-06 21:58 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
    2016-07-11 14:07 - 2016-06-06 21:58 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
    2016-07-11 14:07 - 2016-06-06 21:59 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
    2016-07-11 14:07 - 2016-06-06 21:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
    2016-05-12 19:57 - 2016-06-06 21:58 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
    2016-05-12 19:57 - 2016-06-06 21:58 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
    2016-07-11 14:07 - 2016-06-06 21:58 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
    2016-05-12 19:57 - 2016-07-05 14:00 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
    2016-05-12 19:57 - 2016-06-06 21:58 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
    2016-07-11 14:07 - 2016-07-05 13:59 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
    2016-05-12 19:57 - 2016-06-06 21:59 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
    2016-07-11 14:07 - 2016-07-05 13:59 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
    2016-07-11 14:07 - 2016-07-05 13:59 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
    2016-07-11 14:07 - 2016-06-06 22:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
    2016-07-11 14:07 - 2016-07-05 13:59 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
    2016-05-12 19:57 - 2016-06-06 21:58 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
    2016-07-11 14:07 - 2016-06-06 21:59 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
    2016-07-11 14:07 - 2016-07-05 13:59 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
    2016-07-11 14:07 - 2016-06-06 22:01 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
    2016-07-11 14:07 - 2016-07-05 14:00 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
    2016-07-11 14:07 - 2016-07-05 14:00 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
    2016-05-12 19:57 - 2016-06-06 21:59 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
    2016-05-12 19:57 - 2016-06-06 22:00 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
    2016-05-12 19:57 - 2016-07-05 14:00 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
    2016-07-11 14:07 - 2016-07-05 14:00 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
    2014-08-20 09:47 - 2014-04-25 14:11 - 02972112 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\NotificationSpreader.dll
    2016-03-08 09:04 - 2016-03-08 09:04 - 02415104 _____ () C:\Program Files\Synergy\QtCore4.dll
    2009-01-10 10:32 - 2009-01-10 10:32 - 00011362 _____ () C:\Program Files\Synergy\mingwm10.dll
    2009-06-22 18:42 - 2009-06-22 18:42 - 00043008 _____ () C:\Program Files\Synergy\libgcc_s_dw2-1.dll
    2010-02-10 14:43 - 2010-02-10 14:43 - 09515520 _____ () C:\Program Files\Synergy\QtGui4.dll
    2010-02-10 14:10 - 2010-02-10 14:10 - 01148416 _____ () C:\Program Files\Synergy\QtNetwork4.dll
    2013-12-17 04:42 - 2013-12-17 04:42 - 00335872 _____ () C:\Program Files (x86)\MediaMall\lua51a.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Windows: [108]
    AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [125]
    AlternateDataStreams: C:\Users\grevolorio.trmdu2\.DS_Store:AFP_AfpInfo [122]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

    There are 7867 more sites.

    IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\bunker -> hxxps://bunker
    IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\calshr01 -> hxxp://calshr01
    IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\calshr02 -> hxxp://calshr02
    IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\emmarx.com -> hxxp://reports.emmarx.com
    IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\inrangesystems.com -> hxxp://intranet.inrangesystems.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-se.com -> 1-se.com

    There are 11773 more sites.

    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

    There are 7867 more sites.

    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123simsen.com -> www.123simsen.com

    There are 7867 more sites.

    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

    There are 7867 more sites.

    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

    There are 7866 more sites.

    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

    There are 7866 more sites.

    IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\dell.com -> dell.com
    IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\greenskybrands.com -> hxxp://intranet.greenskybrands.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123simsen.com -> www.123simsen.com

    There are 7866 more sites.

    IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\dell.com -> dell.com
    IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\greenskybrands.com -> hxxp://intranet.greenskybrands.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

    There are 7866 more sites.

    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

    There are 7867 more sites.


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2011-10-28 15:03 - 2016-07-16 08:38 - 00450173 ____R C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1    localhost127.0.0.1    www.007guard.com
    127.0.0.1    007guard.com
    127.0.0.1    008i.com
    127.0.0.1    www.008k.com
    127.0.0.1    008k.com
    127.0.0.1    www.00hq.com
    127.0.0.1    00hq.com
    127.0.0.1    010402.com
    127.0.0.1    www.032439.com
    127.0.0.1    032439.com
    127.0.0.1    www.0scan.com
    127.0.0.1    0scan.com
    127.0.0.1    www.1000gratisproben.com
    127.0.0.1    1000gratisproben.com
    127.0.0.1    1001namen.com
    127.0.0.1    www.1001namen.com
    127.0.0.1    100888290cs.com
    127.0.0.1    www.100888290cs.com
    127.0.0.1    www.100sexlinks.com
    127.0.0.1    100sexlinks.com
    127.0.0.1    www.10sek.com
    127.0.0.1    10sek.com
    127.0.0.1    www.1-2005-search.com
    127.0.0.1    1-2005-search.com
    127.0.0.1    www.123fporn.info
    127.0.0.1    123fporn.info
    127.0.0.1    123haustiereundmehr.com
    127.0.0.1    www.123haustiereundmehr.com
    127.0.0.1    123moviedownload.com
    127.0.0.1    www.123moviedownload.com

    There are 15466 more lines.


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\grevolorio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\sharepointadmin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\Control Panel\Desktop\\Wallpaper -> 
    HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
    DNS Servers: 75.75.75.75 - 192.168.0.100
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    mpsdrv => Firewall Service is not running.
    MpsSvc => Firewall Service is not running.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: !SASCORE => 2
    MSCONFIG\Services: AERTFilters => 2
    MSCONFIG\Services: CronService => 2
    MSCONFIG\Services: FLEXnet Licensing Service => 3
    MSCONFIG\Services: nvsvc => 2
    MSCONFIG\Services: sdAuxService => 3
    MSCONFIG\Services: sdCoreService => 3
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^monitorpad.lnk => C:\Windows\pss\monitorpad.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Tor.lnk => C:\Windows\pss\Tor.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^grevolorio.trmdu2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^grevolorio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MLO.lnk => C:\Windows\pss\MLO.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^grevolorio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyLife Organized.lnk => C:\Windows\pss\MyLife Organized.lnk.Startup
    MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
    MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files (x86)\Common Files\Acronis\Timounter\TimounterMonitor.exe
    MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: ApplePhotoStreams => 
    MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    MSCONFIG\startupreg: AttendeeCommunicator => "C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe" /fromrunkey
    MSCONFIG\startupreg: BackupAndRecoveryMonitor.exe => C:\Program Files (x86)\Acronis\BackupAndRecovery\BackupAndRecoveryMonitor.exe
    MSCONFIG\startupreg: Box Edit => C:\Users\grevolorio.trmdu2\AppData\Local\Box\Box Edit\Box Edit.exe
    MSCONFIG\startupreg: Box Local Com Server => C:\ProgramData\Box\ComServer\Box Local Com Service.exe
    MSCONFIG\startupreg: ccApp => "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
    MSCONFIG\startupreg: ClipToOneNote => 
    MSCONFIG\startupreg: EEDSpeedLauncher => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
    MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
    MSCONFIG\startupreg: Google Desktop Search => 
    MSCONFIG\startupreg: iCloudServices => 
    MSCONFIG\startupreg: itype => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    MSCONFIG\startupreg: MobileDocuments => 
    MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
    MSCONFIG\startupreg: PlayOn => C:\Program Files (x86)\MediaMall\PlayOn.exe
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 
    MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
    MSCONFIG\startupreg: SDTray => "F:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    MSCONFIG\startupreg: Spybot-S&D Cleaning => "F:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MSCONFIG\startupreg: uTorrent => "C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
    MSCONFIG\startupreg: Vidalia => "C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe"
    MSCONFIG\startupreg: vmware-tray => 
    MSCONFIG\startupreg: vmware-tray.exe => "F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-tray.exe"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [TCP Query User{2C84D7A8-185F-48F0-997F-3A814FEB1212}C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe] => (Allow) C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe
    FirewallRules: [UDP Query User{76BCF8C2-EC1E-47FD-A852-CE49592796D5}C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe] => (Allow) C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe
    FirewallRules: [{E4DAC48E-0F06-4425-87B9-7BD5994267BF}] => (Allow) F:\Downloads\solutoinstaller-Lc51Pys8GM.exe
    FirewallRules: [{DE5F8045-275F-4630-8682-8236CFC1A9FA}] => (Allow) F:\Downloads\solutoinstaller-Lc51Pys8GM.exe
    FirewallRules: [{3CAF5393-735B-4381-9C98-BE52D398D458}] => (Allow) C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe
    FirewallRules: [{D093949F-C20C-4810-B36E-6B28E571CC81}] => (Allow) C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe
    FirewallRules: [{C6F07D1B-04C4-4F10-BDA4-374E78C5EF19}] => (Allow) C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe
    FirewallRules: [{24C77659-9DEF-4ABA-B4B9-64F8BC15A943}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{B5BA6578-03EA-4F19-B6A2-C924C6C8E14F}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe
    FirewallRules: [{758E4422-978B-47A4-86E4-B8F589FB2F26}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe
    FirewallRules: [{051D6AFF-140B-4251-A785-C60079EDB7FD}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-hostd.exe
    FirewallRules: [{7AC51C86-1E31-4E96-A1FF-7A9E9D7CE9C1}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-hostd.exe
    FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    FirewallRules: [{E82D2D2F-BFBD-41F4-A369-818C95FE2B09}] => (Allow) C:\Users\grevolorio\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{B9EB0C5C-06D4-405B-BFEF-E1240AFC3A92}] => (Allow) C:\Users\grevolorio\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{4FE7CDC6-7A33-4C99-ABED-B4C4EA2F2743}] => (Allow) C:\Program Files (x86)\Fiddler2\Fiddler.exe
    FirewallRules: [{46A01AAE-281A-4A88-9B9E-D5E9DD8EF2B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{AA765390-3C76-4719-96A5-CFF7997FFC8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{51707004-99BF-4B82-866C-6DBD656522DB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{6EE70C80-E842-4BB8-8FB2-4183E0A2B6CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{B261E1BA-7CCA-4BDA-A864-90AD5F09B541}] => (Allow) C:\Users\grevolorio\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{B05ABD30-952F-4977-88FB-0BF6B0D8486C}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
    FirewallRules: [{0E804373-A724-4174-95E8-11BF1A486C38}] => (Allow) F:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
    FirewallRules: [{482C2904-B9EB-460A-B24A-CDE0111F39B6}] => (Allow) F:\Program Files (x86)\BitTorrent Sync\BTSync.exe
    FirewallRules: [{30113CC9-EA36-40C1-ACE3-9C07A0D32065}] => (Allow) F:\Program Files (x86)\BitTorrent Sync\BTSync.exe
    FirewallRules: [{455BC505-116E-4778-9C47-D0039C5ABD3F}] => (Allow) LPort=12292
    FirewallRules: [{48E75E71-2CBD-4890-8FDF-D76036F2069D}] => (Allow) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
    FirewallRules: [{B80C427A-4A78-4C8F-8C5A-F9137515E7DA}] => (Allow) C:\Program Files (x86)\MediaMall\SettingsManager.exe
    FirewallRules: [{97D36CA4-D871-4663-BF1F-D7D27925F9D4}] => (Allow) C:\Program Files (x86)\MediaMall\PlayMark.exe
    FirewallRules: [{53162F45-0E3E-441F-AD2A-795DD8EBAB2D}] => (Allow) C:\Program Files (x86)\MediaMall\Surfer.exe
    FirewallRules: [{CB2F542C-B0A8-44DC-87F1-457206EFAC68}] => (Allow) C:\Program Files (x86)\MediaMall\PlayLater.exe
    FirewallRules: [{69B9AE74-7660-4131-A026-481F146680CA}] => (Allow) f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\RpcAgentSrv.exe
    FirewallRules: [{8A1F8345-6A95-49F8-A078-63007A1228A3}] => (Allow) f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\WNt600x64\RpcSandraSrv.exe
    FirewallRules: [{C974CD50-7415-43E1-9081-9640AB51C81D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{CE7E25B2-F63F-4E9B-8373-0A23074C71B1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{EBC71303-5F45-4EDC-8E05-A3C6405AF3E8}C:\program files (x86)\calibre2\calibre.exe] => (Allow) C:\program files (x86)\calibre2\calibre.exe
    FirewallRules: [UDP Query User{49A87548-8B14-4D3A-BA89-3E30CBD64639}C:\program files (x86)\calibre2\calibre.exe] => (Allow) C:\program files (x86)\calibre2\calibre.exe
    FirewallRules: [{8A45DF66-77B3-47F5-9E5B-6E67E8CD3672}] => (Block) C:\program files (x86)\calibre2\calibre.exe
    FirewallRules: [{2358E7EC-EE95-49BE-8DE1-26AF8F97ADAD}] => (Block) C:\program files (x86)\calibre2\calibre.exe
    FirewallRules: [TCP Query User{011516DF-6F3F-479A-8621-1D0D84A0991F}F:\program files\transmission\transmission-qt.exe] => (Allow) F:\program files\transmission\transmission-qt.exe
    FirewallRules: [UDP Query User{ABA9851F-F69F-4C9D-A24E-A115D08E0AB4}F:\program files\transmission\transmission-qt.exe] => (Allow) F:\program files\transmission\transmission-qt.exe
    FirewallRules: [{4095281A-CA21-41D6-BA24-5FE980C904D0}] => (Block) F:\program files\transmission\transmission-qt.exe
    FirewallRules: [{24B34338-DD29-4CA9-AD70-42F3924DD47F}] => (Block) F:\program files\transmission\transmission-qt.exe
    FirewallRules: [{AED27814-FFA9-4899-B195-BE194AA6F13A}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    FirewallRules: [{A0DE4516-2BD6-4D21-AE2B-124A3B182B0C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{E0D62CAE-785A-402E-A297-8B4033C9B7A7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [{932729FC-8CEF-4D87-B35B-8778A82696D8}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{1706A022-0050-4667-91AA-26B728B5ADD8}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{1EBA2EAC-E1BE-48CE-A61E-C0BEF9EC4047}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{583FE798-093F-4AFC-87FB-6E46B63294A7}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{EA173698-EF6B-4459-A147-42C9EDA2520C}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{F3E80BF7-DA3F-42AB-84EB-C25F52B2AF47}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{71CA5F73-AFD7-40C6-BDAF-10CC1A9579E5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
    FirewallRules: [{4D1F3054-3DA7-46C6-BF81-7F064302A7E6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
    FirewallRules: [{29A5A62E-BA87-4660-B3AA-624A5051E5F2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
    FirewallRules: [{6369152E-C858-4EDF-BB52-6895496F3D74}] => (Allow) f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
    FirewallRules: [{E78D9C97-08D7-434F-8123-13261C4D9C6A}] => (Allow) f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
    FirewallRules: [{3792C9C6-450E-426B-986C-5824239E896A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{F3E4F551-C952-46A2-9CD8-2A5715867AC2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{02F4B432-CBA2-4E39-B3FF-F55F89EC7B68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{8A0142B3-4C3B-4255-ABA5-96A1B1BD07D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{F598C328-3FB4-42B6-899B-A8D1E5B2EC43}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    FirewallRules: [{7F10E473-1BCA-4539-B818-F0EF53397B0F}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
    FirewallRules: [{CBD9A108-FE5D-4C30-A810-642437C8E1F8}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    FirewallRules: [{6DD6D3DB-85B6-4E8A-B606-85CA460F802A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    FirewallRules: [{20FAFEED-FBD1-44C6-8EFB-994DC36F082C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
    FirewallRules: [{EB4B33CD-E952-4BFC-B5DE-B6D3A09356AF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
    FirewallRules: [{EC02FE5E-F982-4195-96AA-CE84BEECCF6A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
    FirewallRules: [{21DD25A7-A8D1-4916-A603-11C1BC9AD862}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
    FirewallRules: [{14B43CDE-088B-4241-AE08-1E53015DBD6D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
    FirewallRules: [{1FBAD7D8-6F46-41E4-961C-0EAB6CA8B4BE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
    FirewallRules: [{B7D324F3-4B17-46E4-9913-152127D321A5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
    FirewallRules: [{422A2506-3182-4452-B20C-5EC8186315FD}] => (Allow) C:\Program Files\Synergy\synergys.exe
    FirewallRules: [{C86D90D8-8EFA-49AF-93C1-3293B433ED7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{6E079AAB-5654-4264-8491-85AF7E253C08}] => (Allow) C:\Windows\explorer.exe
    FirewallRules: [{98CBFD6B-3FB9-488B-A3C8-3C054460A2B1}] => (Allow) C:\Windows\system32\rundll32.exe
    StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Restore Points =========================

    ATTENTION: System Restore is disabled
    Check "winmgmt" service or repair WMI.


    ==================== Faulty Device Manager Devices =============

    Name: Intel(R) Centrino(R) Advanced-N 6200 AGN
    Description: Intel(R) Centrino(R) Advanced-N 6200 AGN
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel Corporation
    Service: NETw5s64
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Microsoft Loopback Adapter
    Description: Microsoft Loopback Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: msloop
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/18/2016 09:05:53 AM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
    Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

    Error: (07/18/2016 04:05:57 AM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
    Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

    Error: (07/17/2016 11:05:25 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
    Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

    Error: (07/17/2016 10:59:21 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: AutoPico.exe, version: 12.3.0.0, time stamp: 0x53b06ef5
    Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
    Exception code: 0xe0434352
    Fault offset: 0x000000000001a06d
    Faulting process id: 0x18438
    Faulting application start time: 0xAutoPico.exe0
    Faulting application path: AutoPico.exe1
    Faulting module path: AutoPico.exe2
    Report Id: AutoPico.exe3

    Error: (07/17/2016 10:59:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: AutoPico.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.IO.IOException
    Stack:
       at System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
       at AutoPico.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
       at System.Net.LazyAsyncResult.Complete(IntPtr)
       at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
       at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
       at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
       at System.Net.ContextAwareResult.Complete(IntPtr)
       at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
       at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

    Error: (07/17/2016 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
    Description: The backup did not complete because of an error writing to the backup location I:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

    Error: (07/17/2016 06:05:33 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
    Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

    Error: (07/17/2016 05:29:17 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: AutoPico.exe, version: 12.3.0.0, time stamp: 0x53b06ef5
    Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
    Exception code: 0xe0434352
    Fault offset: 0x000000000001a06d
    Faulting process id: 0x184bc
    Faulting application start time: 0xAutoPico.exe0
    Faulting application path: AutoPico.exe1
    Faulting module path: AutoPico.exe2
    Report Id: AutoPico.exe3

    Error: (07/17/2016 05:29:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: AutoPico.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.IO.IOException
    Stack:
       at System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
       at AutoPico.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
       at System.Net.LazyAsyncResult.Complete(IntPtr)
       at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
       at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
       at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
       at System.Net.ContextAwareResult.Complete(IntPtr)
       at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
       at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

    Error: (07/17/2016 01:05:09 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
    Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.


    System errors:
    =============
    Error: (07/09/2016 08:46:16 AM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk3\DR3.

    Error: (06/17/2016 03:52:14 PM) (Source: VDS Dynamic Provider) (EventID: 40) (User: )
    Description: The remove plex operation failed to complete. status=C038003B

    Error: (06/17/2016 03:48:38 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
    Description: Unexpected failure. Error code: 490@01010004

    Error: (06/17/2016 03:40:15 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
    Description: Unexpected failure. Error code: 490@01010004

    Error: (06/13/2016 06:09:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

        New Signature Version: 

        Previous Signature Version: 1.223.1357.0

        Update Source: %NT AUTHORITY51

        Update Stage: 4.9.0218.00

        Source Path: 4.9.0218.01

        Signature Type: %NT AUTHORITY602

        Update Type: %NT AUTHORITY604

        User: NT AUTHORITY\NETWORK SERVICE

        Current Engine Version: %NT AUTHORITY605

        Previous Engine Version: %NT AUTHORITY606

        Error code: %NT AUTHORITY607

        Error description: %NT AUTHORITY608

    Error: (06/13/2016 06:09:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

        New Signature Version: 

        Previous Signature Version: 1.223.1357.0

        Update Source: %NT AUTHORITY51

        Update Stage: 4.9.0218.00

        Source Path: 4.9.0218.01

        Signature Type: %NT AUTHORITY602

        Update Type: %NT AUTHORITY604

        User: NT AUTHORITY\NETWORK SERVICE

        Current Engine Version: %NT AUTHORITY605

        Previous Engine Version: %NT AUTHORITY606

        Error code: %NT AUTHORITY607

        Error description: %NT AUTHORITY608

    Error: (06/13/2016 06:09:09 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

        New Signature Version: 

        Previous Signature Version: 1.223.1357.0

        Update Source: %NT AUTHORITY59

        Update Stage: 4.9.0218.00

        Source Path: 4.9.0218.01

        Signature Type: %NT AUTHORITY602

        Update Type: %NT AUTHORITY604

        User: NT AUTHORITY\SYSTEM

        Current Engine Version: %NT AUTHORITY605

        Previous Engine Version: %NT AUTHORITY606

        Error code: %NT AUTHORITY607

        Error description: %NT AUTHORITY608

    Error: (06/13/2016 05:47:28 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: The Service Control Manager tried to take a corrective action (Run the configured recovery program) after the unexpected termination of the VMware Workstation Server service, but this action failed with the following error: 
    %%193

    Error: (06/13/2016 05:46:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The VMware Workstation Server service terminated unexpectedly.  It has done this 3 time(s).  The following corrective action will be taken in 60000 milliseconds: Run the configured recovery program.

    Error: (06/13/2016 05:45:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


    CodeIntegrity:
    ===================================
      Date: 2016-07-17 04:56:59.348
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-17 04:56:59.258
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-17 04:56:59.099
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-16 03:52:04.984
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-16 03:52:04.894
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-16 03:52:04.509
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-15 04:55:34.023
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-15 04:55:33.925
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-15 04:55:33.538
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

      Date: 2016-07-14 03:10:30.776
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


    ==================== Memory info =========================== 

    Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
    Percentage of memory in use: 93%
    Total physical RAM: 16316.38 MB
    Available physical RAM: 1045.3 MB
    Total Virtual: 16826.56 MB
    Available Virtual: 528.85 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:100 GB) (Free:22.36 GB) NTFS
    Drive d: (WD SmartWare) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF
    Drive f: (SoftRaid) (Fixed) (Total:731.32 GB) (Free:32.08 GB) NTFS
    Drive g: (Virtual) (Fixed) (Total:465.76 GB) (Free:412.86 GB) NTFS
    Drive i: (My Passport) (Fixed) (Total:930.86 GB) (Free:710.41 GB) NTFS
    Drive m: () (Fixed) (Total:465.75 GB) (Free:268.39 GB) NTFS
    Drive n: () (Fixed) (Total:465.75 GB) (Free:432.04 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D040DF6)
    Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
    Partition 2: (Active) - (Size=100 MB) - (Type=42)
    Partition 3: (Not Active) - (Size=100 GB) - (Type=42)
    Partition 4: (Not Active) - (Size=831.4 GB) - (Type=42)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 08C4D7E9)
    Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
    Partition 2: (Active) - (Size=100 MB) - (Type=42)
    Partition 3: (Not Active) - (Size=100 GB) - (Type=42)
    Partition 4: (Not Active) - (Size=831.4 GB) - (Type=42)

    ========================================================
    Disk: 2 (Size: 465.8 GB) (Disk ID: 00000000)

    Partition: GPT.

    ========================================================
    Disk: 3 (MBR Code: Windows XP) (Size: 930.9 GB) (Disk ID: 00052F35)
    Partition 1: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

  3. Done. This is the log:

    2012-05-31 16:57:00: ****************************************************

    2012-05-31 16:57:00: Starting UP ... v 0.0.0.220

    2012-05-31 16:57:00: ****************************************************

    2012-05-31 16:57:00: Stop TPSRV returns: 2

    2012-05-31 16:57:15: Listing processes...

    2012-05-31 16:57:15: :[system Process]:0

    2012-05-31 16:57:15: :System:4

    2012-05-31 16:57:15: :smss.exe:356

    2012-05-31 16:57:15: :csrss.exe:632

    2012-05-31 16:57:15: :wininit.exe:732

    2012-05-31 16:57:15: :services.exe:788

    2012-05-31 16:57:15: :lsass.exe:796

    2012-05-31 16:57:15: :lsm.exe:804

    2012-05-31 16:57:15: :svchost.exe:1000

    2012-05-31 16:57:15: :svchost.exe:628

    2012-05-31 16:57:15: :svchost.exe:720

    2012-05-31 16:57:15: :svchost.exe:1048

    2012-05-31 16:57:15: :svchost.exe:1216

    2012-05-31 16:57:15: :Pen_TouchService.exe:1400

    2012-05-31 16:57:15: :Smc.exe:1532

    2012-05-31 16:57:15: :svchost.exe:1588

    2012-05-31 16:57:15: :ccSvcHst.exe:1840

    2012-05-31 16:57:15: :spoolsv.exe:1764

    2012-05-31 16:57:15: :SASCore64.exe:2660

    2012-05-31 16:57:15: :armsvc.exe:2716

    2012-05-31 16:57:15: :mDNSResponder.exe:2964

    2012-05-31 16:57:15: :btwdins.exe:1896

    2012-05-31 16:57:15: :svchost.exe:2796

    2012-05-31 16:57:15: :LMIGuardianSvc.exe:2616

    2012-05-31 16:57:15: :ramaint.exe:3116

    2012-05-31 16:57:15: :LogMeIn.exe:3152

    2012-05-31 16:57:15: :nlssrv32.exe:3328

    2012-05-31 16:57:15: :PsiService_2.exe:3388

    2012-05-31 16:57:15: :cscript.exe:3400

    2012-05-31 16:57:15: :SeagateDashboardService.exe:3764

    2012-05-31 16:57:15: :nvSCPAPISvr.exe:3868

    2012-05-31 16:57:15: :Rtvscan.exe:3936

    2012-05-31 16:57:15: :Pen_Tablet.exe:3980

    2012-05-31 16:57:15: :TeamViewer_Service.exe:4024

    2012-05-31 16:57:15: :vmware-usbarbitrator.exe:4048

    2012-05-31 16:57:15: :vmnat.exe:4072

    2012-05-31 16:57:15: :WLIDSVC.EXE:3708

    2012-05-31 16:57:15: :WLIDSVCM.EXE:3568

    2012-05-31 16:57:15: :vmware-authd.exe:2452

    2012-05-31 16:57:15: :vmnetdhcp.exe:4260

    2012-05-31 16:57:15: :SearchIndexer.exe:4588

    2012-05-31 16:57:15: :iPodService.exe:4492

    2012-05-31 16:57:15: :svchost.exe:5640

    2012-05-31 16:57:15: :NASvc.exe:2848

    2012-05-31 16:57:15: :svchost.exe:5428

    2012-05-31 16:57:15: :svchost.exe:5140

    2012-05-31 16:57:15: :GoogleEarth-Win-Plugin-6.2.2.6613.exe:2712

    2012-05-31 16:57:15: :GoogleEarth-Win-Bundle-6.2.2.6613.exe:5748

    2012-05-31 16:57:15: :audiodg.exe:5156

    2012-05-31 16:57:15: :csrss.exe:2104

    2012-05-31 16:57:15: :winlogon.exe:6504

    2012-05-31 16:57:15: :wisptis.exe:4108

    2012-05-31 16:57:15: :MouseWithoutBorders.exe:3092

    2012-05-31 16:57:15: :MouseWithoutBorders.exe:5160

    2012-05-31 16:57:15: :taskhost.exe:2156

    2012-05-31 16:57:15: :wisptis.exe:2120

    2012-05-31 16:57:15: :TabTip.exe:4224

    2012-05-31 16:57:15: :TeamViewer.exe:5728

    2012-05-31 16:57:15: :TabTip32.exe:6620

    2012-05-31 16:57:15: :Pen_TouchUser.exe:1072

    2012-05-31 16:57:15: :tv_w32.exe:6512

    2012-05-31 16:57:15: :tv_x64.exe:6460

    2012-05-31 16:57:15: :Pen_TabletUser.exe:1128

    2012-05-31 16:57:15: :Pen_Tablet.exe:6364

    2012-05-31 16:57:15: :dwm.exe:2272

    2012-05-31 16:57:15: :explorer.exe:6532

    2012-05-31 16:57:15: :SmcGui.exe:7128

    2012-05-31 16:57:15: :ProtectionUtilSurrogate.exe:3012

    2012-05-31 16:57:15: :wuauclt.exe:4452

    2012-05-31 16:57:15: :LogMeInSystray.exe:2772

    2012-05-31 16:57:15: :ipoint.exe:3432

    2012-05-31 16:57:15: :robotaskbaricon.exe:3428

    2012-05-31 16:57:15: :Dropbox.exe:2268

    2012-05-31 16:57:15: :EvernoteClipper.exe:1484

    2012-05-31 16:57:15: :Launchy.exe:6660

    2012-05-31 16:57:15: :mlo.exe:4244

    2012-05-31 16:57:15: :ONENOTEM.EXE:2424

    2012-05-31 16:57:15: :acrotray.exe:2396

    2012-05-31 16:57:15: :UnlockerAssistant.exe:2392

    2012-05-31 16:57:15: :iTunesHelper.exe:6960

    2012-05-31 16:57:15: :DDHelper.exe:2304

    2012-05-31 16:57:15: :wmpnetwk.exe:2988

    2012-05-31 16:57:15: :SProxy.exe:6976

    2012-05-31 16:57:15: :mstsc.exe:5820

    2012-05-31 16:57:15: :unsecapp.exe:2852

    2012-05-31 16:57:15: :OUTLOOK.EXE:6764

    2012-05-31 16:57:15: :notepad++.exe:6208

    2012-05-31 16:57:15: :BrowzarSilver2000.exe:5520

    2012-05-31 16:57:15: :chrome.exe:5376

    2012-05-31 16:57:15: :chrome.exe:5936

    2012-05-31 16:57:15: :chrome.exe:4688

    2012-05-31 16:57:15: :chrome.exe:6424

    2012-05-31 16:57:15: :chrome.exe:3668

    2012-05-31 16:57:15: :chrome.exe:4036

    2012-05-31 16:57:15: :chrome.exe:6640

    2012-05-31 16:57:15: :chrome.exe:2820

    2012-05-31 16:57:15: :chrome.exe:4632

    2012-05-31 16:57:15: :chrome.exe:4948

    2012-05-31 16:57:15: :chrome.exe:1196

    2012-05-31 16:57:15: :GoogleEarth-Win-Plugin-6.2.2.6613.exe:4552

    2012-05-31 16:57:15: :xplorer2_64.exe:2312

    2012-05-31 16:57:15: :SearchProtocolHost.exe:4484

    2012-05-31 16:57:15: :SearchFilterHost.exe:3800

    2012-05-31 16:57:15: :yorkyt.exe:2784

    2012-05-31 16:57:15: :WmiPrvSE.exe:5040

    2012-05-31 16:57:15:

    2012-05-31 16:57:15: Setting restore point

    2012-05-31 16:57:34: RUN mode

    2012-05-31 16:57:34: Determining autonomous or dropped mode...

    2012-05-31 16:57:34: Autonomus mode

    2012-05-31 16:57:34: ---------------------------------------------------------------------

    2012-05-31 16:57:34: Found Service: AeLookupSvc

    2012-05-31 16:57:34: Real Path: C:\Windows\System32\aelupsvc.dll

    2012-05-31 16:57:34: Display Name: @%SystemRoot%\system32\aelupsvc.dll,-1

    2012-05-31 16:57:34: Description: @%SystemRoot%\system32\aelupsvc.dll,-2

    2012-05-31 16:57:34: ServiceDLL: System32\aelupsvc.dll

    2012-05-31 16:57:34: File size: 0

    2012-05-31 16:57:34: DLL File name: aelupsvc.dll

    2012-05-31 16:57:34: Original File Name: aelupsvc.dll.mui

    2012-05-31 16:57:34: Company:

    2012-05-31 16:57:34: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: AppIDSvc

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\appidsvc.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\appidsvc.dll,-100

    2012-05-31 16:57:35: Description: @%systemroot%\system32\appidsvc.dll,-101

    2012-05-31 16:57:35: ServiceDLL: System32\appidsvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: appidsvc.dll

    2012-05-31 16:57:35: Original File Name: appidsvc.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: Appinfo

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\appinfo.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\appinfo.dll,-100

    2012-05-31 16:57:35: Description: @%systemroot%\system32\appinfo.dll,-101

    2012-05-31 16:57:35: ServiceDLL: System32\appinfo.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: appinfo.dll

    2012-05-31 16:57:35: Original File Name: appinfo.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: AppMgmt

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\appmgmts.dll

    2012-05-31 16:57:35: Display Name: @appmgmts.dll,-3250

    2012-05-31 16:57:35: Description: @appmgmts.dll,-3251

    2012-05-31 16:57:35: ServiceDLL: System32\appmgmts.dll

    2012-05-31 16:57:35: File size: 149504

    2012-05-31 16:57:35: DLL File name: appmgmts.dll

    2012-05-31 16:57:35: Original File Name: appmgmts.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time: 20090713211453 20090713193834 20090713193834

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: AudioEndpointBuilder

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\Audiosrv.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\audiosrv.dll,-204

    2012-05-31 16:57:35: Description: @%SystemRoot%\System32\audiosrv.dll,-205

    2012-05-31 16:57:35: ServiceDLL: System32\Audiosrv.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: Audiosrv.dll

    2012-05-31 16:57:35: Original File Name: audiosrv.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: AudioSrv

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\Audiosrv.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\audiosrv.dll,-200

    2012-05-31 16:57:35: Description: @%SystemRoot%\System32\audiosrv.dll,-201

    2012-05-31 16:57:35: ServiceDLL: System32\Audiosrv.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: Audiosrv.dll

    2012-05-31 16:57:35: Original File Name: audiosrv.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: AxInstSV

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\AxInstSV.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\AxInstSV.dll,-103

    2012-05-31 16:57:35: Description: @%SystemRoot%\system32\AxInstSV.dll,-104

    2012-05-31 16:57:35: ServiceDLL: System32\AxInstSV.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: AxInstSV.dll

    2012-05-31 16:57:35: Original File Name: AxInstSv.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: BDESVC

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\bdesvc.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\bdesvc.dll,-100

    2012-05-31 16:57:35: Description: @%SystemRoot%\system32\bdesvc.dll,-101

    2012-05-31 16:57:35: ServiceDLL: System32\bdesvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: bdesvc.dll

    2012-05-31 16:57:35: Original File Name: BDESVC.DLL.MUI

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: BITS

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\qmgr.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\qmgr.dll,-1000

    2012-05-31 16:57:35: Description: @%SystemRoot%\system32\qmgr.dll,-1001

    2012-05-31 16:57:35: ServiceDLL: system32\qmgr.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: qmgr.dll

    2012-05-31 16:57:35: Original File Name: qmgr.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: Browser

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\browser.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\browser.dll,-100

    2012-05-31 16:57:35: Description: @%systemroot%\system32\browser.dll,-101

    2012-05-31 16:57:35: ServiceDLL: System32\browser.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: browser.dll

    2012-05-31 16:57:35: Original File Name: browser.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: bthserv

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\bthserv.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\System32\bthserv.dll,-101

    2012-05-31 16:57:35: Description: @%SystemRoot%\System32\bthserv.dll,-102

    2012-05-31 16:57:35: ServiceDLL: system32\bthserv.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: bthserv.dll

    2012-05-31 16:57:35: Original File Name: BTHSERV.DLL.MUI

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: CertPropSvc

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\certprop.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\System32\certprop.dll,-11

    2012-05-31 16:57:35: Description: @%SystemRoot%\System32\certprop.dll,-12

    2012-05-31 16:57:35: ServiceDLL: System32\certprop.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: certprop.dll

    2012-05-31 16:57:35: Original File Name: certprop.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: CryptSvc

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\cryptsvc.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\cryptsvc.dll,-1001

    2012-05-31 16:57:35: Description: @%SystemRoot%\system32\cryptsvc.dll,-1002

    2012-05-31 16:57:35: ServiceDLL: system32\cryptsvc.dll

    2012-05-31 16:57:35: File size: 135680

    2012-05-31 16:57:35: DLL File name: cryptsvc.dll

    2012-05-31 16:57:35: Original File Name: cryptsvc.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time: 20090713211507 20090713193303 20090713193303

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: CscService

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\cscsvc.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\cscsvc.dll,-200

    2012-05-31 16:57:35: Description: @%systemroot%\system32\cscsvc.dll,-201

    2012-05-31 16:57:35: ServiceDLL: System32\cscsvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: cscsvc.dll

    2012-05-31 16:57:35: Original File Name: cscsvc.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: DcomLaunch

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\rpcss.dll

    2012-05-31 16:57:35: Display Name: @oleres.dll,-5012

    2012-05-31 16:57:35: Description: @oleres.dll,-5013

    2012-05-31 16:57:35: ServiceDLL: system32\rpcss.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: rpcss.dll

    2012-05-31 16:57:35: Original File Name: rpcss.dll

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: defragsvc

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\defragsvc.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\defragsvc.dll,-101

    2012-05-31 16:57:35: Description: @%SystemRoot%\system32\defragsvc.dll,-102

    2012-05-31 16:57:35: ServiceDLL: System32\defragsvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: defragsvc.dll

    2012-05-31 16:57:35: Original File Name: defragsvc.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: Dhcp

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\dhcpcore.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\dhcpcore.dll,-100

    2012-05-31 16:57:35: Description: @%SystemRoot%\system32\dhcpcore.dll,-101

    2012-05-31 16:57:35: ServiceDLL: system32\dhcpcore.dll

    2012-05-31 16:57:35: File size: 253440

    2012-05-31 16:57:35: DLL File name: dhcpcore.dll

    2012-05-31 16:57:35: Original File Name: dhcpcore.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time: 20090713211511 20090713191216 20090713191216

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: Dnscache

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\dnsrslvr.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\System32\dnsapi.dll,-101

    2012-05-31 16:57:35: Description: @%SystemRoot%\System32\dnsapi.dll,-102

    2012-05-31 16:57:35: ServiceDLL: System32\dnsrslvr.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: dnsrslvr.dll

    2012-05-31 16:57:35: Original File Name: dnsrslvr.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: dot3svc

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\dot3svc.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\dot3svc.dll,-1102

    2012-05-31 16:57:35: Description: @%systemroot%\system32\dot3svc.dll,-1103

    2012-05-31 16:57:35: ServiceDLL: System32\dot3svc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: dot3svc.dll

    2012-05-31 16:57:35: Original File Name: dot3svc.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: DPS

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\dps.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\dps.dll,-500

    2012-05-31 16:57:35: Description: @%systemroot%\system32\dps.dll,-501

    2012-05-31 16:57:35: ServiceDLL: system32\dps.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: dps.dll

    2012-05-31 16:57:35: Original File Name: dps.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: EapHost

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\eapsvc.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\eapsvc.dll,-1

    2012-05-31 16:57:35: Description: @%systemroot%\system32\eapsvc.dll,-2

    2012-05-31 16:57:35: ServiceDLL: System32\eapsvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: eapsvc.dll

    2012-05-31 16:57:35: Original File Name: eapsvc.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: EventSystem

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\es.dll

    2012-05-31 16:57:35: Display Name: @comres.dll,-2450

    2012-05-31 16:57:35: Description: @comres.dll,-2451

    2012-05-31 16:57:35: ServiceDLL: system32\es.dll

    2012-05-31 16:57:35: File size: 271360

    2012-05-31 16:57:35: DLL File name: es.dll

    2012-05-31 16:57:35: Original File Name: ES.DLL

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time: 20090713211519 20090713194438 20090713194438

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: fdPHost

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\fdPHost.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\fdPHost.dll,-100

    2012-05-31 16:57:35: Description: @%systemroot%\system32\fdPHost.dll,-101

    2012-05-31 16:57:35: ServiceDLL: system32\fdPHost.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: fdPHost.dll

    2012-05-31 16:57:35: Original File Name: fdPHost.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: FDResPub

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\fdrespub.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\fdrespub.dll,-100

    2012-05-31 16:57:35: Description: @%systemroot%\system32\fdrespub.dll,-101

    2012-05-31 16:57:35: ServiceDLL: system32\fdrespub.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: fdrespub.dll

    2012-05-31 16:57:35: Original File Name: FDResPub.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: !!!!!!!

    2012-05-31 16:57:35: Found Service: FontCache

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\FntCache.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\FntCache.dll,-100

    2012-05-31 16:57:35: Description: @%systemroot%\system32\FntCache.dll,-101

    2012-05-31 16:57:35: ServiceDLL: system32\FntCache.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: FntCache.dll

    2012-05-31 16:57:35: Original File Name: FontCacheService

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: !!!!!!!!!

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: gpsvc

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\gpsvc.dll

    2012-05-31 16:57:35: Display Name: @gpapi.dll,-112

    2012-05-31 16:57:35: Description: @gpapi.dll,-113

    2012-05-31 16:57:35: ServiceDLL: System32\gpsvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: gpsvc.dll

    2012-05-31 16:57:35: Original File Name: gpsvc.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: hidserv

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\hidserv.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\System32\hidserv.dll,-101

    2012-05-31 16:57:35: Description: @%SystemRoot%\System32\hidserv.dll,-102

    2012-05-31 16:57:35: ServiceDLL: System32\hidserv.dll

    2012-05-31 16:57:35: File size: 49152

    2012-05-31 16:57:35: DLL File name: hidserv.dll

    2012-05-31 16:57:35: Original File Name: HIDSERV.DLL.MUI

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time: 20090713211524 20090713195109 20090713195109

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: hkmsvc

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\kmsvc.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\kmsvc.dll,-6

    2012-05-31 16:57:35: Description: @%SystemRoot%\system32\kmsvc.dll,-7

    2012-05-31 16:57:35: ServiceDLL: system32\kmsvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: kmsvc.dll

    2012-05-31 16:57:35: Original File Name: KmSvc.DLL.MUI

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: HomeGroupListener

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\ListSvc.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\System32\ListSvc.dll,-100

    2012-05-31 16:57:35: Description: @%SystemRoot%\System32\ListSvc.dll,-101

    2012-05-31 16:57:35: ServiceDLL: system32\ListSvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: ListSvc.dll

    2012-05-31 16:57:35: Original File Name: ListSvc.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: HomeGroupProvider

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\provsvc.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\System32\provsvc.dll,-100

    2012-05-31 16:57:35: Description: @%SystemRoot%\System32\provsvc.dll,-101

    2012-05-31 16:57:35: ServiceDLL: system32\provsvc.dll

    2012-05-31 16:57:35: File size: 165376

    2012-05-31 16:57:35: DLL File name: provsvc.dll

    2012-05-31 16:57:35: Original File Name: provsvc.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time: 20090713211612 20090713193941 20090713193941

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: IKEEXT

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\ikeext.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\ikeext.dll,-501

    2012-05-31 16:57:35: Description: @%SystemRoot%\system32\ikeext.dll,-502

    2012-05-31 16:57:35: ServiceDLL: System32\ikeext.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: ikeext.dll

    2012-05-31 16:57:35: Original File Name: IKEEXT.DLL.MUI

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: IPBusEnum

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\ipbusenum.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\IPBusEnum.dll,-102

    2012-05-31 16:57:35: Description: @%systemroot%\system32\IPBusEnum.dll,-103

    2012-05-31 16:57:35: ServiceDLL: system32\ipbusenum.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: ipbusenum.dll

    2012-05-31 16:57:35: Original File Name: IPBusEnum.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: iphlpsvc

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\iphlpsvc.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\iphlpsvc.dll,-500

    2012-05-31 16:57:35: Description: @%SystemRoot%\system32\iphlpsvc.dll,-501

    2012-05-31 16:57:35: ServiceDLL: System32\iphlpsvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: iphlpsvc.dll

    2012-05-31 16:57:35: Original File Name: iphlpsvc.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: KtmRm

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\msdtckrm.dll

    2012-05-31 16:57:35: Display Name: @comres.dll,-2946

    2012-05-31 16:57:35: Description: @comres.dll,-2947

    2012-05-31 16:57:35: ServiceDLL: system32\msdtckrm.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: msdtckrm.dll

    2012-05-31 16:57:35: Original File Name: MSDTCKRM.DLL

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: LanmanServer

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\srvsvc.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\srvsvc.dll,-100

    2012-05-31 16:57:35: Description: @%systemroot%\system32\srvsvc.dll,-101

    2012-05-31 16:57:35: ServiceDLL: System32\srvsvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: srvsvc.dll

    2012-05-31 16:57:35: Original File Name: SRVSVC.DLL.MUI

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: LanmanWorkstation

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\wkssvc.dll

    2012-05-31 16:57:35: Display Name: @%systemroot%\system32\wkssvc.dll,-100

    2012-05-31 16:57:35: Description: @%systemroot%\system32\wkssvc.dll,-101

    2012-05-31 16:57:35: ServiceDLL: System32\wkssvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: wkssvc.dll

    2012-05-31 16:57:35: Original File Name: WKSSVC.DLL.MUI

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: lltdsvc

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\lltdsvc.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\lltdres.dll,-1

    2012-05-31 16:57:35: Description: @%SystemRoot%\system32\lltdres.dll,-2

    2012-05-31 16:57:35: ServiceDLL: System32\lltdsvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: lltdsvc.dll

    2012-05-31 16:57:35: Original File Name: LLTDSVC.DLL

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: lmhosts

    2012-05-31 16:57:35: Real Path: C:\Windows\System32\lmhsvc.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\system32\lmhsvc.dll,-101

    2012-05-31 16:57:35: Description: @%SystemRoot%\system32\lmhsvc.dll,-102

    2012-05-31 16:57:35: ServiceDLL: System32\lmhsvc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: lmhsvc.dll

    2012-05-31 16:57:35: Original File Name: lmhsvc.dll.mui

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:35: ---------------------------------------------------------------------

    2012-05-31 16:57:35: Found Service: Mcx2Svc

    2012-05-31 16:57:35: Real Path: C:\Windows\system32\Mcx2Svc.dll

    2012-05-31 16:57:35: Display Name: @%SystemRoot%\ehome\ehres.dll,-15501

    2012-05-31 16:57:35: Description: @%SystemRoot%\ehome\ehres.dll,-15502

    2012-05-31 16:57:35: ServiceDLL: system32\Mcx2Svc.dll

    2012-05-31 16:57:35: File size: 0

    2012-05-31 16:57:35: DLL File name: Mcx2Svc.dll

    2012-05-31 16:57:35: Original File Name: Mcx2Svc.dll

    2012-05-31 16:57:35: Company:

    2012-05-31 16:57:35: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: MMCSS

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\mmcss.dll

    2012-05-31 16:57:36: Display Name: @%systemroot%\system32\mmcss.dll,-100

    2012-05-31 16:57:36: Description: @%systemroot%\system32\mmcss.dll,-101

    2012-05-31 16:57:36: ServiceDLL: system32\mmcss.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: mmcss.dll

    2012-05-31 16:57:36: Original File Name: mmcss.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: MSiSCSI

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\iscsiexe.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\iscsidsc.dll,-5000

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\iscsidsc.dll,-5001

    2012-05-31 16:57:36: ServiceDLL: system32\iscsiexe.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: iscsiexe.dll

    2012-05-31 16:57:36: Original File Name: iscsiexe.exe.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: napagent

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\qagentRT.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\qagentrt.dll,-6

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\qagentrt.dll,-7

    2012-05-31 16:57:36: ServiceDLL: system32\qagentRT.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: qagentRT.dll

    2012-05-31 16:57:36: Original File Name: QAgentRT.DLL.MUI

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: Netman

    2012-05-31 16:57:36: Real Path: C:\Windows\System32\netman.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\netman.dll,-109

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\netman.dll,-110

    2012-05-31 16:57:36: ServiceDLL: System32\netman.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: netman.dll

    2012-05-31 16:57:36: Original File Name: netman.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: netprofm

    2012-05-31 16:57:36: Real Path: C:\Windows\System32\netprofm.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\netprofm.dll,-202

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\netprofm.dll,-203

    2012-05-31 16:57:36: ServiceDLL: System32\netprofm.dll

    2012-05-31 16:57:36: File size: 360448

    2012-05-31 16:57:36: DLL File name: netprofm.dll

    2012-05-31 16:57:36: Original File Name: netprofm.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time: 20090713211603 20090713195658 20090713195658

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: NlaSvc

    2012-05-31 16:57:36: Real Path: C:\Windows\System32\nlasvc.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\System32\nlasvc.dll,-1

    2012-05-31 16:57:36: Description: @%SystemRoot%\System32\nlasvc.dll,-2

    2012-05-31 16:57:36: ServiceDLL: System32\nlasvc.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: nlasvc.dll

    2012-05-31 16:57:36: Original File Name: nlasvc.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: nsi

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\nsisvc.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\nsisvc.dll,-200

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\nsisvc.dll,-201

    2012-05-31 16:57:36: ServiceDLL: system32\nsisvc.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: nsisvc.dll

    2012-05-31 16:57:36: Original File Name: nsisvc.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: p2pimsvc

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\pnrpsvc.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\pnrpsvc.dll,-8004

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\pnrpsvc.dll,-8005

    2012-05-31 16:57:36: ServiceDLL: system32\pnrpsvc.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: pnrpsvc.dll

    2012-05-31 16:57:36: Original File Name: pnrpsvc.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: p2psvc

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\p2psvc.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\p2psvc.dll,-8006

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\p2psvc.dll,-8007

    2012-05-31 16:57:36: ServiceDLL: system32\p2psvc.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: p2psvc.dll

    2012-05-31 16:57:36: Original File Name: p2psvc.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: !!!!!!!

    2012-05-31 16:57:36: Found Service: PcaSvc

    2012-05-31 16:57:36: Real Path: C:\Windows\System32\pcasvc.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\pcasvc.dll,-1

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\pcasvc.dll,-2

    2012-05-31 16:57:36: ServiceDLL: System32\pcasvc.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: pcasvc.dll

    2012-05-31 16:57:36: Original File Name:

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: !!!!!!!!!

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: PeerDistSvc

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\peerdistsvc.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\peerdistsvc.dll,-9000

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\peerdistsvc.dll,-9001

    2012-05-31 16:57:36: ServiceDLL: system32\peerdistsvc.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: peerdistsvc.dll

    2012-05-31 16:57:36: Original File Name: PeerDistSvc.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: pla

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\pla.dll

    2012-05-31 16:57:36: Display Name: @%systemroot%\system32\pla.dll,-500

    2012-05-31 16:57:36: Description: @%systemroot%\system32\pla.dll,-501

    2012-05-31 16:57:36: ServiceDLL: system32\pla.dll

    2012-05-31 16:57:36: File size: 1508864

    2012-05-31 16:57:36: DLL File name: pla.dll

    2012-05-31 16:57:36: Original File Name: PLA.DLL.MUI

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time: 20090713211612 20090713192013 20090713192013

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: PlugPlay

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\umpnpmgr.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\umpnpmgr.dll,-100

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\umpnpmgr.dll,-101

    2012-05-31 16:57:36: ServiceDLL: system32\umpnpmgr.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: umpnpmgr.dll

    2012-05-31 16:57:36: Original File Name: Umpnpmgr.DLL.MUI

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: PNRPAutoReg

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\pnrpauto.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\pnrpauto.dll,-8002

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\pnrpauto.dll,-8003

    2012-05-31 16:57:36: ServiceDLL: system32\pnrpauto.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: pnrpauto.dll

    2012-05-31 16:57:36: Original File Name: pnrpauto.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: PNRPsvc

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\pnrpsvc.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\pnrpsvc.dll,-8000

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\pnrpsvc.dll,-8001

    2012-05-31 16:57:36: ServiceDLL: system32\pnrpsvc.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: pnrpsvc.dll

    2012-05-31 16:57:36: Original File Name: pnrpsvc.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: PolicyAgent

    2012-05-31 16:57:36: Real Path: C:\Windows\System32\ipsecsvc.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\System32\polstore.dll,-5010

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\polstore.dll,-5011

    2012-05-31 16:57:36: ServiceDLL: System32\ipsecsvc.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: ipsecsvc.dll

    2012-05-31 16:57:36: Original File Name: ipsecsvc.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: Power

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\umpo.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\umpo.dll,-100

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\umpo.dll,-101

    2012-05-31 16:57:36: ServiceDLL: system32\umpo.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: umpo.dll

    2012-05-31 16:57:36: Original File Name: Umpo.DLL.MUI

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: ProfSvc

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\profsvc.dll

    2012-05-31 16:57:36: Display Name: @%systemroot%\system32\profsvc.dll,-300

    2012-05-31 16:57:36: Description: @%systemroot%\system32\profsvc.dll,-301

    2012-05-31 16:57:36: ServiceDLL: system32\profsvc.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: profsvc.dll

    2012-05-31 16:57:36: Original File Name: ProfSvc.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: QWAVE

    2012-05-31 16:57:36: Real Path: C:\Windows\system32\qwave.dll

    2012-05-31 16:57:36: Display Name: @%SystemRoot%\system32\qwave.dll,-1

    2012-05-31 16:57:36: Description: @%SystemRoot%\system32\qwave.dll,-2

    2012-05-31 16:57:36: ServiceDLL: system32\qwave.dll

    2012-05-31 16:57:36: File size: 210944

    2012-05-31 16:57:36: DLL File name: qwave.dll

    2012-05-31 16:57:36: Original File Name: qwave.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time: 20090713211612 20090713195415 20090713195415

    2012-05-31 16:57:36: ---------------------------------------------------------------------

    2012-05-31 16:57:36: Found Service: RasAuto

    2012-05-31 16:57:36: Real Path: C:\Windows\System32\rasauto.dll

    2012-05-31 16:57:36: Display Name: @%Systemroot%\system32\rasauto.dll,-200

    2012-05-31 16:57:36: Description: @%Systemroot%\system32\rasauto.dll,-201

    2012-05-31 16:57:36: ServiceDLL: System32\rasauto.dll

    2012-05-31 16:57:36: File size: 0

    2012-05-31 16:57:36: DLL File name: rasauto.dll

    2012-05-31 16:57:36: Original File Name: rasauto.dll.mui

    2012-05-31 16:57:36: Company:

    2012-05-31 16:57:36: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: RasMan

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\rasmans.dll

    2012-05-31 16:57:37: Display Name: @%Systemroot%\system32\rasmans.dll,-200

    2012-05-31 16:57:37: Description: @%Systemroot%\system32\rasmans.dll,-201

    2012-05-31 16:57:37: ServiceDLL: System32\rasmans.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: rasmans.dll

    2012-05-31 16:57:37: Original File Name: Rasmans.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: RemoteAccess

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\mprdim.dll

    2012-05-31 16:57:37: Display Name: @%Systemroot%\system32\mprdim.dll,-200

    2012-05-31 16:57:37: Description: @%Systemroot%\system32\mprdim.dll,-201

    2012-05-31 16:57:37: ServiceDLL: System32\mprdim.dll

    2012-05-31 16:57:37: File size: 75264

    2012-05-31 16:57:37: DLL File name: mprdim.dll

    2012-05-31 16:57:37: Original File Name: MPRDIM.DLL.MUI

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time: 20090713211541 20090713195426 20090713195426

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: RemoteRegistry

    2012-05-31 16:57:37: Real Path: C:\Windows\system32\regsvc.dll

    2012-05-31 16:57:37: Display Name: @regsvc.dll,-1

    2012-05-31 16:57:37: Description: @regsvc.dll,-2

    2012-05-31 16:57:37: ServiceDLL: system32\regsvc.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: regsvc.dll

    2012-05-31 16:57:37: Original File Name: REGSVC.DLL.MUI

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: RpcEptMapper

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\RpcEpMap.dll

    2012-05-31 16:57:37: Display Name: @%windir%\system32\RpcEpMap.dll,-1001

    2012-05-31 16:57:37: Description: @%windir%\system32\RpcEpMap.dll,-1002

    2012-05-31 16:57:37: ServiceDLL: System32\RpcEpMap.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: RpcEpMap.dll

    2012-05-31 16:57:37: Original File Name: RpcEpMap.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: RpcSs

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\rpcss.dll

    2012-05-31 16:57:37: Display Name: @oleres.dll,-5010

    2012-05-31 16:57:37: Description: @oleres.dll,-5011

    2012-05-31 16:57:37: ServiceDLL: System32\rpcss.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: rpcss.dll

    2012-05-31 16:57:37: Original File Name: rpcss.dll

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: SCardSvr

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\SCardSvr.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\System32\SCardSvr.dll,-1

    2012-05-31 16:57:37: Description: @%SystemRoot%\System32\SCardSvr.dll,-5

    2012-05-31 16:57:37: ServiceDLL: System32\SCardSvr.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: SCardSvr.dll

    2012-05-31 16:57:37: Original File Name: SCardSvr.exe.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: Schedule

    2012-05-31 16:57:37: Real Path: C:\Windows\system32\schedsvc.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\system32\schedsvc.dll,-100

    2012-05-31 16:57:37: Description: @%SystemRoot%\system32\schedsvc.dll,-101

    2012-05-31 16:57:37: ServiceDLL: system32\schedsvc.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: schedsvc.dll

    2012-05-31 16:57:37: Original File Name: schedsvc.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: SCPolicySvc

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\certprop.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\System32\certprop.dll,-13

    2012-05-31 16:57:37: Description: @%SystemRoot%\System32\certprop.dll,-14

    2012-05-31 16:57:37: ServiceDLL: System32\certprop.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: certprop.dll

    2012-05-31 16:57:37: Original File Name: certprop.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: SDRSVC

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\SDRSVC.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\system32\sdrsvc.dll,-107

    2012-05-31 16:57:37: Description: @%SystemRoot%\system32\sdrsvc.dll,-102

    2012-05-31 16:57:37: ServiceDLL: System32\SDRSVC.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: SDRSVC.dll

    2012-05-31 16:57:37: Original File Name: SDRSVC.DLL.MUI

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: seclogon

    2012-05-31 16:57:37: Real Path: C:\Windows\system32\seclogon.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\system32\seclogon.dll,-7001

    2012-05-31 16:57:37: Description: @%SystemRoot%\system32\seclogon.dll,-7000

    2012-05-31 16:57:37: ServiceDLL: system32\seclogon.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: seclogon.dll

    2012-05-31 16:57:37: Original File Name: SECLOGON.EXE.MUI

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: SENS

    2012-05-31 16:57:37: Real Path: C:\Windows\system32\sens.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\system32\Sens.dll,-200

    2012-05-31 16:57:37: Description: @%SystemRoot%\system32\Sens.dll,-201

    2012-05-31 16:57:37: ServiceDLL: system32\sens.dll

    2012-05-31 16:57:37: File size: 49664

    2012-05-31 16:57:37: DLL File name: sens.dll

    2012-05-31 16:57:37: Original File Name: sens.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time: 20090713211613 20090713192158 20090713192158

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: SensrSvc

    2012-05-31 16:57:37: Real Path: C:\Windows\system32\sensrsvc.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\System32\sensrsvc.dll,-1000

    2012-05-31 16:57:37: Description: @%SystemRoot%\System32\sensrsvc.dll,-1001

    2012-05-31 16:57:37: ServiceDLL: system32\sensrsvc.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: sensrsvc.dll

    2012-05-31 16:57:37: Original File Name: sensrsvc.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: SessionEnv

    2012-05-31 16:57:37: Real Path: C:\Windows\system32\sessenv.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\System32\SessEnv.dll,-1026

    2012-05-31 16:57:37: Description: @%SystemRoot%\System32\SessEnv.dll,-1027

    2012-05-31 16:57:37: ServiceDLL: system32\sessenv.dll

    2012-05-31 16:57:37: File size: 99328

    2012-05-31 16:57:37: DLL File name: sessenv.dll

    2012-05-31 16:57:37: Original File Name: SessEnv.DLL.MUI

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time: 20090713211613 20090713200228 20090713200228

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: ShellHWDetection

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\shsvcs.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\System32\shsvcs.dll,-12288

    2012-05-31 16:57:37: Description: @%SystemRoot%\System32\shsvcs.dll,-12289

    2012-05-31 16:57:37: ServiceDLL: System32\shsvcs.dll

    2012-05-31 16:57:37: File size: 328192

    2012-05-31 16:57:37: DLL File name: shsvcs.dll

    2012-05-31 16:57:37: Original File Name: SHSVCS.DLL.MUI

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time: 20090713211614 20090713193928 20090713193928

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: sppuinotify

    2012-05-31 16:57:37: Real Path: C:\Windows\system32\sppuinotify.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\system32\sppuinotify.dll,-103

    2012-05-31 16:57:37: Description: @%SystemRoot%\system32\sppuinotify.dll,-102

    2012-05-31 16:57:37: ServiceDLL: system32\sppuinotify.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: sppuinotify.dll

    2012-05-31 16:57:37: Original File Name: sppuinotify.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: SSDPSRV

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\ssdpsrv.dll

    2012-05-31 16:57:37: Display Name: @%systemroot%\system32\ssdpsrv.dll,-100

    2012-05-31 16:57:37: Description: @%systemroot%\system32\ssdpsrv.dll,-101

    2012-05-31 16:57:37: ServiceDLL: System32\ssdpsrv.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: ssdpsrv.dll

    2012-05-31 16:57:37: Original File Name: ssdpsrv.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: SstpSvc

    2012-05-31 16:57:37: Real Path: C:\Windows\system32\sstpsvc.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\system32\sstpsvc.dll,-200

    2012-05-31 16:57:37: Description: @%SystemRoot%\system32\sstpsvc.dll,-201

    2012-05-31 16:57:37: ServiceDLL: system32\sstpsvc.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: sstpsvc.dll

    2012-05-31 16:57:37: Original File Name: sstpsvc.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: stisvc

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\wiaservc.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\system32\wiaservc.dll,-9

    2012-05-31 16:57:37: Description: @%SystemRoot%\system32\wiaservc.dll,-10

    2012-05-31 16:57:37: ServiceDLL: System32\wiaservc.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: wiaservc.dll

    2012-05-31 16:57:37: Original File Name: WIASERVC.DLL.MUI

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: StorSvc

    2012-05-31 16:57:37: Real Path: C:\Windows\system32\storsvc.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\System32\StorSvc.dll,-100

    2012-05-31 16:57:37: Description: @%SystemRoot%\System32\StorSvc.dll,-101

    2012-05-31 16:57:37: ServiceDLL: system32\storsvc.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: storsvc.dll

    2012-05-31 16:57:37: Original File Name: StorSvc.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: swprv

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\swprv.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\System32\swprv.dll,-103

    2012-05-31 16:57:37: Description: @%SystemRoot%\System32\swprv.dll,-102

    2012-05-31 16:57:37: ServiceDLL: System32\swprv.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: swprv.dll

    2012-05-31 16:57:37: Original File Name: SWPRV.DLL.MUI

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: SysMain

    2012-05-31 16:57:37: Real Path: C:\Windows\system32\sysmain.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\system32\sysmain.dll,-1000

    2012-05-31 16:57:37: Description: @%SystemRoot%\system32\sysmain.dll,-1001

    2012-05-31 16:57:37: ServiceDLL: system32\sysmain.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: sysmain.dll

    2012-05-31 16:57:37: Original File Name: sysmain.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: TabletInputService

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\TabSvc.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\system32\TabSvc.dll,-100

    2012-05-31 16:57:37: Description: @%SystemRoot%\system32\TabSvc.dll,-101

    2012-05-31 16:57:37: ServiceDLL: System32\TabSvc.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: TabSvc.dll

    2012-05-31 16:57:37: Original File Name: TabSvc.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: TapiSrv

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\tapisrv.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\system32\tapisrv.dll,-10100

    2012-05-31 16:57:37: Description: @%SystemRoot%\system32\tapisrv.dll,-10101

    2012-05-31 16:57:37: ServiceDLL: System32\tapisrv.dll

    2012-05-31 16:57:37: File size: 241664

    2012-05-31 16:57:37: DLL File name: tapisrv.dll

    2012-05-31 16:57:37: Original File Name: TAPISRV.EXE.MUI

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time: 20090713211615 20090713201955 20090713201955

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: TBS

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\tbssvc.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\system32\tbssvc.dll,-100

    2012-05-31 16:57:37: Description: @%SystemRoot%\system32\tbssvc.dll,-101

    2012-05-31 16:57:37: ServiceDLL: System32\tbssvc.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: tbssvc.dll

    2012-05-31 16:57:37: Original File Name: TBSSVC.DLL.MUI

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:37: ---------------------------------------------------------------------

    2012-05-31 16:57:37: Found Service: TermService

    2012-05-31 16:57:37: Real Path: C:\Windows\System32\termsrv.dll

    2012-05-31 16:57:37: Display Name: @%SystemRoot%\System32\termsrv.dll,-268

    2012-05-31 16:57:37: Description: @%SystemRoot%\System32\termsrv.dll,-267

    2012-05-31 16:57:37: ServiceDLL: System32\termsrv.dll

    2012-05-31 16:57:37: File size: 0

    2012-05-31 16:57:37: DLL File name: termsrv.dll

    2012-05-31 16:57:37: Original File Name: termsrv.dll.mui

    2012-05-31 16:57:37: Company:

    2012-05-31 16:57:37: Mod/Cre/Acc time:

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: Themes

    2012-05-31 16:57:38: Real Path: C:\Windows\system32\themeservice.dll

    2012-05-31 16:57:38: Display Name: @%SystemRoot%\System32\themeservice.dll,-8192

    2012-05-31 16:57:38: Description: @%SystemRoot%\System32\themeservice.dll,-8193

    2012-05-31 16:57:38: ServiceDLL: system32\themeservice.dll

    2012-05-31 16:57:38: File size: 0

    2012-05-31 16:57:38: DLL File name: themeservice.dll

    2012-05-31 16:57:38: Original File Name: THEMESERVICE.DLL.MUI

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time:

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: THREADORDER

    2012-05-31 16:57:38: Real Path: C:\Windows\system32\mmcss.dll

    2012-05-31 16:57:38: Display Name: @%systemroot%\system32\mmcss.dll,-102

    2012-05-31 16:57:38: Description: @%systemroot%\system32\mmcss.dll,-103

    2012-05-31 16:57:38: ServiceDLL: system32\mmcss.dll

    2012-05-31 16:57:38: File size: 0

    2012-05-31 16:57:38: DLL File name: mmcss.dll

    2012-05-31 16:57:38: Original File Name: mmcss.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time:

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: TrkWks

    2012-05-31 16:57:38: Real Path: C:\Windows\System32\trkwks.dll

    2012-05-31 16:57:38: Display Name: @%SystemRoot%\system32\trkwks.dll,-1

    2012-05-31 16:57:38: Description: @%SystemRoot%\system32\trkwks.dll,-2

    2012-05-31 16:57:38: ServiceDLL: System32\trkwks.dll

    2012-05-31 16:57:38: File size: 0

    2012-05-31 16:57:38: DLL File name: trkwks.dll

    2012-05-31 16:57:38: Original File Name: trkwks.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time:

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: UmRdpService

    2012-05-31 16:57:38: Real Path: C:\Windows\System32\umrdp.dll

    2012-05-31 16:57:38: Display Name: @%SystemRoot%\system32\umrdp.dll,-1000

    2012-05-31 16:57:38: Description: @%SystemRoot%\system32\umrdp.dll,-1001

    2012-05-31 16:57:38: ServiceDLL: System32\umrdp.dll

    2012-05-31 16:57:38: File size: 0

    2012-05-31 16:57:38: DLL File name: umrdp.dll

    2012-05-31 16:57:38: Original File Name: umrdp.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time:

    2012-05-31 16:57:38: !!!!!!!

    2012-05-31 16:57:38: Found Service: upnphost

    2012-05-31 16:57:38: Real Path: C:\Windows\System32\upnphost.dll

    2012-05-31 16:57:38: Display Name: @%systemroot%\system32\upnphost.dll,-213

    2012-05-31 16:57:38: Description: @%systemroot%\system32\upnphost.dll,-214

    2012-05-31 16:57:38: ServiceDLL: System32\upnphost.dll

    2012-05-31 16:57:38: File size: 266752

    2012-05-31 16:57:38: DLL File name: upnphost.dll

    2012-05-31 16:57:38: Original File Name: unpnhost.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time: 20090713211617 20090713195541 20090713195541

    2012-05-31 16:57:38: !!!!!!!!!

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: UxSms

    2012-05-31 16:57:38: Real Path: C:\Windows\System32\uxsms.dll

    2012-05-31 16:57:38: Display Name: @%SystemRoot%\system32\dwm.exe,-2000

    2012-05-31 16:57:38: Description: @%SystemRoot%\system32\dwm.exe,-2001

    2012-05-31 16:57:38: ServiceDLL: System32\uxsms.dll

    2012-05-31 16:57:38: File size: 0

    2012-05-31 16:57:38: DLL File name: uxsms.dll

    2012-05-31 16:57:38: Original File Name: UxSms.dll

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time:

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: W32Time

    2012-05-31 16:57:38: Real Path: C:\Windows\system32\w32time.dll

    2012-05-31 16:57:38: Display Name: @%SystemRoot%\system32\w32time.dll,-200

    2012-05-31 16:57:38: Description: @%SystemRoot%\system32\w32time.dll,-201

    2012-05-31 16:57:38: ServiceDLL: system32\w32time.dll

    2012-05-31 16:57:38: File size: 0

    2012-05-31 16:57:38: DLL File name: w32time.dll

    2012-05-31 16:57:38: Original File Name: w32time.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time:

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: WbioSrvc

    2012-05-31 16:57:38: Real Path: C:\Windows\System32\wbiosrvc.dll

    2012-05-31 16:57:38: Display Name: @%systemroot%\system32\wbiosrvc.dll,-100

    2012-05-31 16:57:38: Description: @%systemroot%\system32\wbiosrvc.dll,-101

    2012-05-31 16:57:38: ServiceDLL: System32\wbiosrvc.dll

    2012-05-31 16:57:38: File size: 0

    2012-05-31 16:57:38: DLL File name: wbiosrvc.dll

    2012-05-31 16:57:38: Original File Name: wbiosrvc.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time:

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: wcncsvc

    2012-05-31 16:57:38: Real Path: C:\Windows\System32\wcncsvc.dll

    2012-05-31 16:57:38: Display Name: @%SystemRoot%\system32\wcncsvc.dll,-3

    2012-05-31 16:57:38: Description: @%SystemRoot%\system32\wcncsvc.dll,-4

    2012-05-31 16:57:38: ServiceDLL: System32\wcncsvc.dll

    2012-05-31 16:57:38: File size: 276992

    2012-05-31 16:57:38: DLL File name: wcncsvc.dll

    2012-05-31 16:57:38: Original File Name: WCNCSVC.DLL.MUI

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time: 20100914020714 20110224040037 20110224040037

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: WcsPlugInService

    2012-05-31 16:57:38: Real Path: C:\Windows\System32\WcsPlugInService.dll

    2012-05-31 16:57:38: Display Name: @%SystemRoot%\system32\WcsPlugInService.dll,-200

    2012-05-31 16:57:38: Description: @%SystemRoot%\system32\WcsPlugInService.dll,-201

    2012-05-31 16:57:38: ServiceDLL: System32\WcsPlugInService.dll

    2012-05-31 16:57:38: File size: 32768

    2012-05-31 16:57:38: DLL File name: WcsPlugInService.dll

    2012-05-31 16:57:38: Original File Name: WcsPlugInService.DLL.MUI

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time: 20090713211618 20090713192513 20090713192513

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: WdiServiceHost

    2012-05-31 16:57:38: Real Path: C:\Windows\system32\wdi.dll

    2012-05-31 16:57:38: Display Name: @%systemroot%\system32\wdi.dll,-502

    2012-05-31 16:57:38: Description: @%systemroot%\system32\wdi.dll,-503

    2012-05-31 16:57:38: ServiceDLL: system32\wdi.dll

    2012-05-31 16:57:38: File size: 76288

    2012-05-31 16:57:38: DLL File name: wdi.dll

    2012-05-31 16:57:38: Original File Name: wdi.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time: 20090713211618 20090713191947 20090713191947

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: WdiSystemHost

    2012-05-31 16:57:38: Real Path: C:\Windows\system32\wdi.dll

    2012-05-31 16:57:38: Display Name: @%systemroot%\system32\wdi.dll,-500

    2012-05-31 16:57:38: Description: @%systemroot%\system32\wdi.dll,-501

    2012-05-31 16:57:38: ServiceDLL: system32\wdi.dll

    2012-05-31 16:57:38: File size: 76288

    2012-05-31 16:57:38: DLL File name: wdi.dll

    2012-05-31 16:57:38: Original File Name: wdi.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time: 20090713211618 20090713191947 20090713191947

    2012-05-31 16:57:38: !!!!!!!

    2012-05-31 16:57:38: Found Service: WebClient

    2012-05-31 16:57:38: Real Path: C:\Windows\System32\webclnt.dll

    2012-05-31 16:57:38: Display Name: @%systemroot%\system32\webclnt.dll,-100

    2012-05-31 16:57:38: Description: @%systemroot%\system32\webclnt.dll,-101

    2012-05-31 16:57:38: ServiceDLL: System32\webclnt.dll

    2012-05-31 16:57:38: File size: 204800

    2012-05-31 16:57:38: DLL File name: webclnt.dll

    2012-05-31 16:57:38: Original File Name: davsvc.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time: 20101221013821 20110209165848 20110209165848

    2012-05-31 16:57:38: !!!!!!!!!

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: Wecsvc

    2012-05-31 16:57:38: Real Path: C:\Windows\system32\wecsvc.dll

    2012-05-31 16:57:38: Display Name: @%SystemRoot%\system32\wecsvc.dll,-200

    2012-05-31 16:57:38: Description: @%SystemRoot%\system32\wecsvc.dll,-201

    2012-05-31 16:57:38: ServiceDLL: system32\wecsvc.dll

    2012-05-31 16:57:38: File size: 0

    2012-05-31 16:57:38: DLL File name: wecsvc.dll

    2012-05-31 16:57:38: Original File Name: wecsvc.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time:

    2012-05-31 16:57:38: !!!!!!!

    2012-05-31 16:57:38: Found Service: wercplsupport

    2012-05-31 16:57:38: Real Path: C:\Windows\System32\wercplsupport.dll

    2012-05-31 16:57:38: Display Name: @%SystemRoot%\System32\wercplsupport.dll,-101

    2012-05-31 16:57:38: Description: @%SystemRoot%\System32\wercplsupport.dll,-100

    2012-05-31 16:57:38: ServiceDLL: System32\wercplsupport.dll

    2012-05-31 16:57:38: File size: 0

    2012-05-31 16:57:38: DLL File name: wercplsupport.dll

    2012-05-31 16:57:38: Original File Name: ERC

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time:

    2012-05-31 16:57:38: !!!!!!!!!

    2012-05-31 16:57:38: !!!!!!!

    2012-05-31 16:57:38: Found Service: WerSvc

    2012-05-31 16:57:38: Real Path: C:\Windows\System32\WerSvc.dll

    2012-05-31 16:57:38: Display Name: @%SystemRoot%\System32\wersvc.dll,-100

    2012-05-31 16:57:38: Description: @%SystemRoot%\System32\wersvc.dll,-101

    2012-05-31 16:57:38: ServiceDLL: System32\WerSvc.dll

    2012-05-31 16:57:38: File size: 0

    2012-05-31 16:57:38: DLL File name: WerSvc.dll

    2012-05-31 16:57:38: Original File Name: wersvc

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time:

    2012-05-31 16:57:38: !!!!!!!!!

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: Winmgmt

    2012-05-31 16:57:38: Real Path: C:\Windows\system32\wbem\WMIsvc.dll

    2012-05-31 16:57:38: Display Name: @%Systemroot%\system32\wbem\wmisvc.dll,-205

    2012-05-31 16:57:38: Description: @%Systemroot%\system32\wbem\wmisvc.dll,-204

    2012-05-31 16:57:38: ServiceDLL: system32\wbem\WMIsvc.dll

    2012-05-31 16:57:38: File size: 0

    2012-05-31 16:57:38: DLL File name: WMIsvc.dll

    2012-05-31 16:57:38: Original File Name: wmisvc.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time:

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: WinRM

    2012-05-31 16:57:38: Real Path: C:\Windows\system32\WsmSvc.dll

    2012-05-31 16:57:38: Display Name: @%Systemroot%\system32\wsmsvc.dll,-101

    2012-05-31 16:57:38: Description: @%Systemroot%\system32\wsmsvc.dll,-102

    2012-05-31 16:57:38: ServiceDLL: system32\WsmSvc.dll

    2012-05-31 16:57:38: File size: 1175040

    2012-05-31 16:57:38: DLL File name: WsmSvc.dll

    2012-05-31 16:57:38: Original File Name: WsmSvc.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time: 20090713211620 20090713193143 20090713193143

    2012-05-31 16:57:38: ---------------------------------------------------------------------

    2012-05-31 16:57:38: Found Service: Wlansvc

    2012-05-31 16:57:38: Real Path: C:\Windows\System32\wlansvc.dll

    2012-05-31 16:57:38: Display Name: @%SystemRoot%\System32\wlansvc.dll,-257

    2012-05-31 16:57:38: Description: @%SystemRoot%\System32\wlansvc.dll,-258

    2012-05-31 16:57:38: ServiceDLL: System32\wlansvc.dll

    2012-05-31 16:57:38: File size: 0

    2012-05-31 16:57:38: DLL File name: wlansvc.dll

    2012-05-31 16:57:38: Original File Name: wlansvc.dll.mui

    2012-05-31 16:57:38: Company:

    2012-05-31 16:57:38: Mod/Cre/Acc time:

    2012-05-31 16:57:39: ---------------------------------------------------------------------

    2012-05-31 16:57:39: Found Service: WPCSvc

    2012-05-31 16:57:39: Real Path: C:\Windows\System32\wpcsvc.dll

    2012-05-31 16:57:39: Display Name: @%SystemRoot%\system32\wpcsvc.dll,-100

    2012-05-31 16:57:39: Description: @%SystemRoot%\system32\wpcsvc.dll,-101

    2012-05-31 16:57:39: ServiceDLL: System32\wpcsvc.dll

    2012-05-31 16:57:39: File size: 10752

    2012-05-31 16:57:39: DLL File name: wpcsvc.dll

    2012-05-31 16:57:39: Original File Name: wpcsvc.exe.mui

    2012-05-31 16:57:39: Company:

    2012-05-31 16:57:39: Mod/Cre/Acc time: 20090713211620 20090713194010 20090713194010

    2012-05-31 16:57:39: ---------------------------------------------------------------------

    2012-05-31 16:57:39: Found Service: WPDBusEnum

    2012-05-31 16:57:39: Real Path: C:\Windows\system32\wpdbusenum.dll

    2012-05-31 16:57:39: Display Name: @%SystemRoot%\system32\wpdbusenum.dll,-100

    2012-05-31 16:57:39: Description: @%SystemRoot%\system32\wpdbusenum.dll,-101

    2012-05-31 16:57:39: ServiceDLL: system32\wpdbusenum.dll

    2012-05-31 16:57:39: File size: 0

    2012-05-31 16:57:39: DLL File name: wpdbusenum.dll

    2012-05-31 16:57:39: Original File Name: WpdBusEnum.DLL.MUI

    2012-05-31 16:57:39: Company:

    2012-05-31 16:57:39: Mod/Cre/Acc time:

    2012-05-31 16:57:39: ---------------------------------------------------------------------

    2012-05-31 16:57:39: Found Service: wscsvc

    2012-05-31 16:57:39: Real Path: C:\Windows\system32\wscsvc.dll

    2012-05-31 16:57:39: Display Name: @%SystemRoot%\System32\wscsvc.dll,-200

    2012-05-31 16:57:39: Description: @%SystemRoot%\System32\wscsvc.dll,-201

    2012-05-31 16:57:39: ServiceDLL: system32\wscsvc.dll

    2012-05-31 16:57:39: File size: 0

    2012-05-31 16:57:39: DLL File name: wscsvc.dll

    2012-05-31 16:57:39: Original File Name: wscsvc.dll.mui

    2012-05-31 16:57:39: Company:

    2012-05-31 16:57:39: Mod/Cre/Acc time:

    2012-05-31 16:57:39: ---------------------------------------------------------------------

    2012-05-31 16:57:39: Found Service: wuauserv

    2012-05-31 16:57:39: Real Path: C:\Windows\system32\wuaueng.dll

    2012-05-31 16:57:39: Display Name: @%systemroot%\system32\wuaueng.dll,-105

    2012-05-31 16:57:39: Description: @%systemroot%\system32\wuaueng.dll,-106

    2012-05-31 16:57:39: ServiceDLL: system32\wuaueng.dll

    2012-05-31 16:57:39: File size: 0

    2012-05-31 16:57:39: DLL File name: wuaueng.dll

    2012-05-31 16:57:39: Original File Name: wuaueng.dll.mui

    2012-05-31 16:57:39: Company:

    2012-05-31 16:57:39: Mod/Cre/Acc time:

    2012-05-31 16:57:39: ---------------------------------------------------------------------

    2012-05-31 16:57:39: Found Service: wudfsvc

    2012-05-31 16:57:39: Real Path: C:\Windows\System32\WUDFSvc.dll

    2012-05-31 16:57:39: Display Name: @%SystemRoot%\system32\wudfsvc.dll,-1000

    2012-05-31 16:57:39: Description: @%SystemRoot%\system32\wudfsvc.dll,-1001

    2012-05-31 16:57:39: ServiceDLL: System32\WUDFSvc.dll

    2012-05-31 16:57:39: File size: 0

    2012-05-31 16:57:39: DLL File name: WUDFSvc.dll

    2012-05-31 16:57:39: Original File Name: WUDFSvc.dll.mui

    2012-05-31 16:57:39: Company:

    2012-05-31 16:57:39: Mod/Cre/Acc time:

    2012-05-31 16:57:39: ---------------------------------------------------------------------

    2012-05-31 16:57:39: Found Service: WwanSvc

    2012-05-31 16:57:39: Real Path: C:\Windows\System32\wwansvc.dll

    2012-05-31 16:57:39: Display Name: @%SystemRoot%\System32\wwansvc.dll,-257

    2012-05-31 16:57:39: Description: @%SystemRoot%\System32\wwansvc.dll,-258

    2012-05-31 16:57:39: ServiceDLL: System32\wwansvc.dll

    2012-05-31 16:57:39: File size: 0

    2012-05-31 16:57:39: DLL File name: wwansvc.dll

    2012-05-31 16:57:39: Original File Name: WwanSvc.dll.mui

    2012-05-31 16:57:39: Company:

    2012-05-31 16:57:39: Mod/Cre/Acc time:

    2012-05-31 16:57:39:

    2012-05-31 16:57:39: Looking for SHELL key

    2012-05-31 16:57:39: Now looking for bad DLL files in system32

    2012-05-31 16:58:15: Folder: GAC

    2012-05-31 16:58:15: Folder: GAC_32

    2012-05-31 16:58:15: ... Fixing permissions on C:\Windows\assembly\GAC_32\desktop.ini

    2012-05-31 16:58:15: Folder: GAC_64

    2012-05-31 16:58:15: ... Fixing permissions on C:\Windows\assembly\GAC_64\desktop.ini

    2012-05-31 16:58:15: Folder: GAC_MSIL

    2012-05-31 16:58:15: Folder: NativeImages_v2.0.50727_32

    2012-05-31 16:58:15: Folder: NativeImages_v2.0.50727_64

    2012-05-31 16:58:15: Folder: NativeImages_v4.0.30319_32

    2012-05-31 16:58:15: Folder: NativeImages_v4.0.30319_64

    2012-05-31 16:58:15: Folder: temp

    2012-05-31 16:58:15: Folder: tmp

    2012-05-31 16:58:16: Checking for bad folder

    2012-05-31 16:58:16: Found 1 folders.

    2012-05-31 16:58:16: Checking C:\Windows\assembly\tmp

    2012-05-31 16:58:16: ... Folder test returns: 1

    2012-05-31 16:58:16: Done with folder list in C:\Windows\assembly\ tmp

    2012-05-31 16:58:16: Requesting bad file: C:\Windows\assembly\GAC_32\desktop.ini

    2012-05-31 16:58:16: Requesting bad file: C:\Windows\assembly\GAC_64\desktop.ini

    2012-05-31 16:58:16: Running Extractor

    2012-05-31 16:58:17: Uploading file

    2012-05-31 16:58:18: Error: The download of the specified resource has failed.

    2012-05-31 16:58:18: Error:

    2012-05-31 16:58:18: Locking file: C:\Windows\assembly\GAC_32\desktop.ini

    2012-05-31 16:58:18: Locking file: C:\Windows\assembly\GAC_64\desktop.ini

    2012-05-31 16:58:18: Autonomous mode, clearing out yt folder

    2012-05-31 16:58:18: cmd.exe /c start "C:\Users\grevolorio\Desktop\yorkyt.exe"

    2012-05-31 16:58:30: Restarting...

    2012-05-31 17:04:13: ****************************************************

    2012-05-31 17:04:14: Starting UP ... v 0.0.0.220

    2012-05-31 17:04:14: ****************************************************

    2012-05-31 17:04:19: Stop TPSRV returns: 2

    2012-05-31 17:04:34: Listing processes...

    2012-05-31 17:04:34: :[system Process]:0

    2012-05-31 17:04:34: :System:4

    2012-05-31 17:04:34: :smss.exe:352

    2012-05-31 17:04:34: :csrss.exe:628

    2012-05-31 17:04:34: :csrss.exe:724

    2012-05-31 17:04:34: :wininit.exe:732

    2012-05-31 17:04:34: :services.exe:784

    2012-05-31 17:04:34: :winlogon.exe:816

    2012-05-31 17:04:34: :lsass.exe:844

    2012-05-31 17:04:34: :lsm.exe:856

    2012-05-31 17:04:34: :svchost.exe:988

    2012-05-31 17:04:34: :svchost.exe:392

    2012-05-31 17:04:34: :svchost.exe:964

    2012-05-31 17:04:34: :svchost.exe:1036

    2012-05-31 17:04:34: :svchost.exe:1064

    2012-05-31 17:04:34: :audiodg.exe:1152

    2012-05-31 17:04:34: :svchost.exe:1204

    2012-05-31 17:04:34: :Pen_TouchService.exe:1280

    2012-05-31 17:04:34: :Smc.exe:1408

    2012-05-31 17:04:34: :wisptis.exe:1516

    2012-05-31 17:04:34: :svchost.exe:1680

    2012-05-31 17:04:34: :ccSvcHst.exe:1832

    2012-05-31 17:04:34: :wisptis.exe:1964

    2012-05-31 17:04:34: :Pen_TouchUser.exe:1972

    2012-05-31 17:04:34: :TabTip.exe:2000

    2012-05-31 17:04:34: :TabTip32.exe:1304

    2012-05-31 17:04:34: :spoolsv.exe:2076

    2012-05-31 17:04:34: :taskhost.exe:2104

    2012-05-31 17:04:34: :SASCore64.exe:2396

    2012-05-31 17:04:34: :armsvc.exe:2436

    2012-05-31 17:04:34: :AppleMobileDeviceService.exe:2488

    2012-05-31 17:04:34: :taskeng.exe:2496

    2012-05-31 17:04:34: :GoogleUpdate.exe:2536

    2012-05-31 17:04:34: :dwm.exe:2632

    2012-05-31 17:04:34: :explorer.exe:2668

    2012-05-31 17:04:34: :mDNSResponder.exe:2680

    2012-05-31 17:04:34: :btwdins.exe:2732

    2012-05-31 17:04:34: :cvpnd.exe:2852

    2012-05-31 17:04:34: :svchost.exe:2924

    2012-05-31 17:04:34: :LMIGuardianSvc.exe:2956

    2012-05-31 17:04:34: :ramaint.exe:3044

    2012-05-31 17:04:34: :LogMeIn.exe:1100

    2012-05-31 17:04:34: :SmcGui.exe:2380

    2012-05-31 17:04:34: :nlssrv32.exe:1524

    2012-05-31 17:04:34: :MouseWithoutBorders.exe:1356

    2012-05-31 17:04:34: :PsiService_2.exe:384

    2012-05-31 17:04:34: :MouseWithoutBorders.exe:3040

    2012-05-31 17:04:34: :SeagateDashboardService.exe:2608

    2012-05-31 17:04:34: :LogMeInSystray.exe:3228

    2012-05-31 17:04:34: :DDHelper.exe:3320

    2012-05-31 17:04:34: :nvSCPAPISvr.exe:3528

    2012-05-31 17:04:34: :svchost.exe:3556

    2012-05-31 17:04:34: :Rtvscan.exe:3576

    2012-05-31 17:04:34: :Pen_Tablet.exe:3660

    2012-05-31 17:04:34: :Pen_TabletUser.exe:3744

    2012-05-31 17:04:34: :TeamViewer_Service.exe:3784

    2012-05-31 17:04:34: :ProtectionUtilSurrogate.exe:3796

    2012-05-31 17:04:34: :Pen_Tablet.exe:3804

    2012-05-31 17:04:34: :vmware-usbarbitrator.exe:3956

    2012-05-31 17:04:34: :vmnat.exe:4008

    2012-05-31 17:04:34: :WLIDSVC.EXE:2576

    2012-05-31 17:04:34: :vmware-authd.exe:3312

    2012-05-31 17:04:34: :WLIDSVCM.EXE:3380

    2012-05-31 17:04:34: :TeamViewer.exe:3676

    2012-05-31 17:04:34: :WmiPrvSE.exe:3996

    2012-05-31 17:04:34: :vmnetdhcp.exe:4160

    2012-05-31 17:04:34: :WmiPrvSE.exe:4360

    2012-05-31 17:04:34: :TrustedInstaller.exe:4908

    2012-05-31 17:04:34: :yorkyt.exe:5044

    2012-05-31 17:04:34: :ipoint.exe:4296

    2012-05-31 17:04:34: :robotaskbaricon.exe:4336

    2012-05-31 17:04:34: :tv_w32.exe:4760

    2012-05-31 17:04:34: :tv_x64.exe:2688

    2012-05-31 17:04:34: :SUPERAntiSpyware.exe:4872

    2012-05-31 17:04:34: :SearchIndexer.exe:2044

    2012-05-31 17:04:34: :dllhost.exe:4900

    2012-05-31 17:04:34: :acrotray.exe:4932

    2012-05-31 17:04:34: :UnlockerAssistant.exe:2676

    2012-05-31 17:04:34: :APSDaemon.exe:1856

    2012-05-31 17:04:34: :vpngui.exe:5020

    2012-05-31 17:04:34: :iTunesHelper.exe:4716

    2012-05-31 17:04:34: :acrodist.exe:5100

    2012-05-31 17:04:34: :wuauclt.exe:2408

    2012-05-31 17:04:34: :Dropbox.exe:828

    2012-05-31 17:04:34: :EvernoteClipper.exe:2904

    2012-05-31 17:04:34:

    2012-05-31 17:04:34: Starting cleanup mode...

    2012-05-31 17:06:51: ... Done with files, now folders

    2012-05-31 17:25:05: All DONE

  4. Overall slugishness. When I search the web, I get the results page but when I click on any link it takes me to an advertising page. Yesterday I followed a link on chrome and it open hundreds of tabs. Right now I'm using Browzar. I've been using another computer to communicate with you but I'm afraid to compromise it. I promise you once we remove this malware I will volunteer time to your cause, I hope you have a learning program so I can help.

  5. I follow the instruction at the link and try to run ComboFix from the Chameleon folder without luck, it expanded but just hung there, I waited for about 30 min but nothing happened.

    I looked for the file in the Installer folder and I found it. I renamed it and tried again. Now I get errors when is expanding, when I hit "ignore" it finishes but gives me the "Incompatible OS" message:

    post-110225-0-31004000-1338383279.png

  6. Sorry MrC,

    I had a few days of holiday. I really apologize. This is the FSS log:

    Farbar Service Scanner Version: 27-05-2012

    Ran by GRevolorio (administrator) on 29-05-2012 at 08:42:25

    Running from "C:\Users\grevolorio\Desktop"

    Microsoft Windows 7 Professional (X64)

    Boot Mode: Normal

    ****************************************************************

    Internet Services:

    ============

    Connection Status:

    ==============

    Localhost is accessible.

    LAN connected.

    Google IP is accessible.

    Yahoo IP is accessible.

    Windows Firewall:

    =============

    mpsdrv Service is not running. Checking service configuration:

    The start type of mpsdrv service is OK.

    The ImagePath of mpsdrv service is OK.

    MpsSvc Service is not running. Checking service configuration:

    Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

    Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

    Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

    bfe Service is not running. Checking service configuration:

    Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.

    Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.

    Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.

    Firewall Disabled Policy:

    ==================

    System Restore:

    ============

    System Restore Disabled Policy:

    ========================

    Action Center:

    ============

    Windows Update:

    ============

    Windows Autoupdate Disabled Policy:

    ============================

    File Check:

    ========

    C:\Windows\System32\nsisvc.dll => MD5 is legit

    C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

    C:\Windows\System32\dhcpcore.dll => MD5 is legit

    C:\Windows\System32\drivers\afd.sys

    [2012-02-16 17:04] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

    C:\Windows\System32\drivers\tdx.sys => MD5 is legit

    C:\Windows\System32\Drivers\tcpip.sys

    [2012-05-10 14:32] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

    C:\Windows\System32\dnsrslvr.dll => MD5 is legit

    C:\Windows\System32\mpssvc.dll

    [2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

    C:\Windows\System32\bfe.dll => MD5 is legit

    C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

    C:\Windows\System32\SDRSVC.dll

    [2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

    C:\Windows\System32\vssvc.exe => MD5 is legit

    C:\Windows\System32\wscsvc.dll => MD5 is legit

    C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

    C:\Windows\System32\wuaueng.dll

    [2009-07-13 20:36] - [2009-07-13 21:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

    C:\Windows\System32\qmgr.dll => MD5 is legit

    C:\Windows\System32\es.dll => MD5 is legit

    C:\Windows\System32\cryptsvc.dll => MD5 is legit

    C:\Windows\System32\svchost.exe => MD5 is legit

    C:\Windows\System32\rpcss.dll => MD5 is legit

    **** End of log ****

  7. Done. This is the log:

    Scan result of Farbar Recovery Scan Tool Version: 23-05-2012

    Ran by SYSTEM at 23-05-2012 14:15:55

    Running from H:\

    Windows 7 Professional (X64) OS Language: English(US)

    The current controlset is ControlSet004

    ========================== Registry (Whitelisted) =============

    HKLM\...\Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" [57928 2010-09-17] (LogMeIn, Inc.)

    HKLM\...\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)

    HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [815512 2012-01-03] (Adobe Systems Inc.)

    HKLM-x32\...\Run: [unlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" [17408 2010-07-04] ()

    HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)

    HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)

    HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)

    HKU\administrator\...\Run: [Google Update] "C:\Users\grevolorio\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-01-17] (Google Inc.)

    HKU\administrator\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [15028104 2011-01-03] (Skype Technologies S.A.)

    HKU\administrator\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [4786048 2012-05-21] (SUPERAntiSpyware.com)

    HKU\administrator\...\Run: [Vidalia] "C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe" [5735369 2011-04-11] ()

    HKU\administrator\...\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [16184 2011-01-17] (Siber Systems)

    HKU\administrator\...\Run: [F.lux] "C:\Users\grevolorio\Local Settings\Apps\F.lux\flux.exe" /noshow [x]

    HKU\administrator\...\Run: [OpAgent] "C:\Program Files (x86)\ScanSoft\OmniPage15\OpAgent.exe" /agent [x]

    HKU\administrator\...\Policies\system: [HideLegacyLogonScripts] 1

    HKU\administrator\...\Policies\system: [HideLogonScripts] 1

    HKU\administrator\...\Policies\system: [HideLogoffScripts] 1

    HKU\delete\...\Run: [Google Update] "C:\Users\grevolorio\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-01-17] (Google Inc.)

    HKU\delete\...\Policies\system: [HideLegacyLogonScripts] 1

    HKU\delete\...\Policies\system: [HideLogonScripts] 1

    HKU\delete\...\Policies\system: [HideLogoffScripts] 1

    HKU\grevolorio\...\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [16184 2011-01-17] (Siber Systems)

    HKU\grevolorio\...\Run: [WinSnap] "C:\Program Files\WinSnap\WinSnap.exe" /startup [665608 2011-03-01] (NTWind Software)

    HKU\grevolorio\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [4786048 2012-05-21] (SUPERAntiSpyware.com)

    HKU\grevolorio\...\Policies\system: [HideLogonScripts] 1

    HKU\sharepointadmin\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)

    Tcpip\Parameters: [DhcpNameServer] 10.1.2.20 10.1.2.19

    AppInit_DLLs:

    Tcpip\..\Interfaces\{1CC5E133-5EFA-45B6-95E6-3BEBD35BCB03}: [NameServer]208.67.222.222,208.67.220.220

    ==================== Services (Whitelisted) ======

    2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2011-08-11] (SUPERAntiSpyware.com)

    3 Adobe Version Cue CS4; "C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" -win32service [284016 2008-08-15] (Adobe Systems Incorporated)

    2 ccEvtMgr; "C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [108392 2009-04-01] (Symantec Corporation)

    2 ccSetMgr; "C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [108392 2009-04-01] (Symantec Corporation)

    4 CronService; "C:\Prey\platform\windows\cronsvc.exe" [19968 2011-02-15] (Fork Ltd.)

    2 CVPND; "C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe" [1528616 2010-03-23] (Cisco Systems, Inc.)

    3 FLEXnet Licensing Service 64; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe" [1038088 2011-08-17] (Acresso Software Inc.)

    3 GoogleDesktopManager-051210-111108; "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [30192 2011-08-23] (Google)

    2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [107848 2012-05-22] (SurfRight B.V.)

    3 LiveUpdate; "C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE" [3093880 2008-12-10] (Symantec Corporation)

    2 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe" [375176 2012-05-22] (LogMeIn, Inc.)

    2 LMIMaint; "C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe" [147336 2012-05-22] (LogMeIn, Inc.)

    2 LogMeIn; "C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe" [407424 2010-11-08] (LogMeIn, Inc.)

    4 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()

    2 MouseWithoutBordersSvc; "C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe" [17920 2011-09-19] (Microsoft)

    2 nlsX86cc; C:\Windows\SysWow64\nlssrv32.exe [64512 2011-01-21] (Nalpeiron Ltd.)

    4 sdAuxService; C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [366840 2010-03-15] (PC Tools)

    4 sdCoreService; C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [1150936 2010-11-19] (PC Tools)

    2 SmcService; "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe" [3092296 2009-04-01] (Symantec Corporation)

    3 SNAC; "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE" [387400 2009-04-01] (Symantec Corporation)

    2 Symantec AntiVirus; "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe" [2440120 2009-04-01] (Symantec Corporation)

    2 TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [6583160 2011-09-08] (Wacom Technology, Corp.)

    2 TeamViewer7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2666880 2012-03-19] (TeamViewer GmbH)

    2 TouchServicePen; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [528760 2011-09-08] (Wacom Technology, Corp.)

    2 PEVSystemStart; "C:\32788R22FWJFW\pev.3XE" EXEC /i CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:15 C:\32788R22FWJFW\KNetSvcs.vbs [x]

    2 PSI_SVC_2; "c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" [x]

    3 ufad-ws60; "C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files (x86)\VMware\VMware Workstation\\" -s ufad-p2v.xml [x]

    2 WinDefend; C:\Program Files (x86)\Windows Defender\mpsvc.dll [x]

    ========================== Drivers (Whitelisted) =============

    2 adfs; C:\Windows\SysWow64\Drivers\adfs.sys [74720 2008-08-14] (Adobe Systems, Inc.)

    3 applebmt; C:\Windows\System32\Drivers\applebmt.sys [51712 2009-10-15] (Apple Inc.)

    3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA64.sys [14992 2010-02-08] (Cisco Systems, Inc.)

    3 CVPNDRVA; C:\Windows\System32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()

    3 DNE; C:\Windows\System32\DRIVERS\dne64x.sys [157968 2008-11-16] (Deterministic Networks, Inc.)

    1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [475696 2010-12-17] (Symantec Corporation)

    3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [132656 2010-12-17] (Symantec Corporation)

    3 glavcam; C:\Windows\System32\Drivers\glavcam.sys [80000 2010-09-23] (Windows ® Codename Longhorn DDK provider)

    3 glavcam; C:\Windows\SysWow64\Drivers\glavcam.sys [80000 2010-09-24] (Windows ® Codename Longhorn DDK provider)

    2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2010-09-17] (LogMeIn, Inc.)

    3 lmimirr; C:\Windows\System32\Drivers\lmimirr.sys [11552 2010-09-17] (LogMeIn, Inc.)

    2 LMIRfsDriver; C:\Windows\System32\Drivers\LMIRfsDriver.sys [72216 2010-09-17] (LogMeIn, Inc.)

    3 motandroidusb; C:\Windows\System32\Drivers\motoandroid.sys [31744 2009-07-10] (Motorola)

    3 NAVENG; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20110125.040\ENG64.SYS [117880 2010-12-17] (Symantec Corporation)

    3 NAVEX15; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20110125.040\EX64.SYS [1791096 2010-12-17] (Symantec Corporation)

    0 NBVol; C:\Windows\System32\Drivers\NBVol.sys [72240 2011-12-01] (Nero AG)

    0 NBVolUp; C:\Windows\System32\Drivers\NBVolUp.sys [15920 2011-12-01] (Nero AG)

    0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [257232 2010-11-25] (PC Tools)

    0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [452872 2010-06-29] (PC Tools)

    0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [816016 2010-07-16] (PC Tools)

    3 Point64; C:\Windows\System32\Drivers\Point64.sys [45416 2011-08-01] (Microsoft Corporation)

    3 qicflt; C:\Windows\System32\Drivers\qicflt.sys [29288 2010-07-01] (Quanta Computer)

    3 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [63696 2010-11-21] ()

    3 Revoflt; C:\Windows\System32\Drivers\Revoflt.sys [31800 2009-12-30] (VS Revo Group)

    1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

    1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

    0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()

    1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [441904 2009-04-01] (Symantec Corporation)

    3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [480304 2009-04-01] (Symantec Corporation)

    1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2009-04-01] (Symantec Corporation)

    3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172080 2011-01-11] (Symantec Corporation)

    2 TurboB; C:\Windows\System32\Drivers\TurboB.sys [13784 2009-11-02] ()

    3 VPCNetS2; C:\Windows\System32\DRIVERS\VMNetSrv.sys [79760 2007-01-29] (Microsoft Corporation)

    2 vstor2-ws60; \??\C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [32816 2010-08-19] (VMware, Inc.)

    3 wacmoumonitor; C:\Windows\System32\Drivers\wacmoumonitor.sys [13312 2011-09-08] (Wacom Technology)

    3 wacommousefilter; C:\Windows\System32\Drivers\wacommousefilter.sys [12848 2007-02-16] (Wacom Technology)

    3 wacomvhid; C:\Windows\System32\Drivers\wacomvhid.sys [16168 2011-09-08] (Wacom Technology)

    2 WGX; C:\Windows\System32\Drivers\WGX64.SYS [53968 2009-04-01] (Symantec Corporation)

    4 LMIRfsClientNP; [x]

    ========================== NetSvcs (Whitelisted) ===========

    ============ One Month Created Files and Folders ==============

    2012-05-23 07:00 - 2012-05-23 07:00 - 0000162 ___AH C:\Users\grevolorio\Documents\~$S Template.dotx

    2012-05-23 06:13 - 2012-05-23 06:14 - 0000000 ____D C:\Program Files (x86)\SpywareBlaster

    2012-05-23 06:13 - 2012-05-23 06:13 - 0001079 ____A C:\Users\grevolorio\Desktop\SpywareBlaster.lnk

    2012-05-23 06:11 - 2012-05-23 06:12 - 0000000 ____D C:\Users\grevolorio\Desktop\Download

    2012-05-23 06:11 - 2012-05-23 06:11 - 0001181 ____A C:\Users\Public\Desktop\Anti-Malware Toolkit.lnk

    2012-05-23 06:11 - 2012-05-23 06:11 - 0000000 ____D C:\Users\grevolorio\AppData\Local\Lunarsoft

    2012-05-23 06:11 - 2012-05-23 06:11 - 0000000 ____D C:\Program Files (x86)\Lunarsoft

    2012-05-23 05:53 - 2012-05-23 05:53 - 0000000 ____D C:\Users\grevolorio\Desktop\backups

    2012-05-23 05:44 - 2012-05-23 05:44 - 0388608 ____A (Trend Micro Inc.) C:\Users\grevolorio\Desktop\HijackThis.exe

    2012-05-22 12:18 - 2012-05-22 12:18 - 0030281 ____A C:\Users\grevolorio\Desktop\logs.zip

    2012-05-22 12:16 - 2012-05-22 12:16 - 0607260 ____R (Swearware) C:\Users\grevolorio\Desktop\dds.com

    2012-05-22 11:06 - 2012-05-22 11:06 - 0000579 ____A C:\rkill.log

    2012-05-22 10:51 - 2012-05-22 10:51 - 0138120 ____A (ESET) C:\Users\grevolorio\Desktop\ESETSirefefRemover.exe

    2012-05-22 10:42 - 2012-05-23 05:10 - 0000000 ____D C:\sh4ldr

    2012-05-22 10:42 - 2012-05-22 10:42 - 0000000 ____D C:\Program Files\Enigma Software Group

    2012-05-22 10:41 - 2012-05-23 05:10 - 0000000 ____D C:\Windows\82478B3DFD8E450182AC6C864BD60483.TMP

    2012-05-22 09:29 - 2012-05-22 09:28 - 0725408 ____A (Enigma Software Group USA, LLC.) C:\Users\grevolorio\Desktop\SpyHunter-Installer.exe

    2012-05-22 07:50 - 2012-05-22 07:50 - 0000000 ____D C:\Users\All Users\RegRun

    2012-05-22 06:23 - 2012-05-22 06:24 - 0043394 ____A C:\TDSSKiller.2.7.36.0_22.05.2012_10.23.51_log.txt

    2012-05-22 06:23 - 2012-05-22 06:23 - 0000348 ____A C:\TDSSKiller.2.7.35.0_22.05.2012_10.23.05_log.txt

    2012-05-22 06:03 - 2012-05-22 12:48 - 0000000 ____D C:\Program Files\HitmanPro

    2012-05-22 06:03 - 2012-05-22 06:04 - 0000000 ____D C:\Users\All Users\HitmanPro

    2012-05-22 06:02 - 2012-05-22 06:02 - 8298672 ____A (SurfRight B.V.) C:\Users\grevolorio\Desktop\HitmanPro36_x64.exe

    2012-05-22 05:55 - 2012-05-22 05:58 - 0000263 ____A C:\Users\grevolorio\Desktop\AntiZeroAccess_Log.txt

    2012-05-22 05:52 - 2012-05-22 05:52 - 0187464 ____A (Webroot) C:\Users\grevolorio\Desktop\antizeroaccess.exe

    2012-05-22 04:52 - 2012-05-22 04:52 - 0302592 ____A C:\Users\grevolorio\Desktop\odupruxo.exe

    2012-05-21 12:40 - 2012-05-22 06:23 - 2127960 ____A (Kaspersky Lab ZAO) C:\Users\grevolorio\Desktop\TDSSKiller.exe

    2012-05-21 06:12 - 2012-05-21 06:12 - 0446464 ____A (OldTimer Tools) C:\Users\grevolorio\Desktop\TFC.exe

    2012-05-18 07:21 - 2012-05-18 07:21 - 0000512 ____A C:\Users\grevolorio\Desktop\MBR.dat

    2012-05-18 07:17 - 2012-05-18 07:17 - 4731392 ____A (AVAST Software) C:\Users\grevolorio\Desktop\aswMBR.exe

    2012-05-18 06:48 - 2012-05-18 06:48 - 0059154 ____A C:\Users\grevolorio\Desktop\cmbfix.png

    2012-05-18 06:43 - 2012-05-21 05:24 - 4500115 ____R (Swearware) C:\Users\grevolorio\Desktop\ComboFix.exe

    2012-05-18 04:56 - 2012-05-18 04:57 - 0041912 ____A C:\TDSSKiller.2.7.35.0_18.05.2012_08.56.54_log.txt

    2012-05-18 04:37 - 2012-05-18 04:46 - 0081286 ____A C:\TDSSKiller.2.7.35.0_18.05.2012_08.37.34_log.txt

    2012-05-17 11:17 - 2012-05-22 09:43 - 2721556 ____A C:\Windows\ntbtlog.txt

    2012-05-17 10:31 - 2012-05-17 10:31 - 0001715 ____A C:\Users\grevolorio\Desktop\RKreport[3].txt

    2012-05-17 07:20 - 2012-05-22 06:26 - 0000000 ____D C:\Users\grevolorio\Desktop\RK_Quarantine

    2012-05-17 07:18 - 2012-05-22 06:24 - 1454080 ____A C:\Users\grevolorio\Desktop\RogueKiller.exe

    2012-05-17 04:41 - 2012-05-23 09:59 - 0001120 ____A C:\Windows\setupact.log

    2012-05-17 04:41 - 2012-05-23 05:03 - 0038998 ____A C:\Windows\PFRO.log

    2012-05-17 04:41 - 2012-05-17 04:41 - 0000000 ____A C:\Windows\setuperr.log

    2012-05-17 04:38 - 2012-05-17 04:38 - 0000000 ____D C:\_OTL

    2012-05-16 12:32 - 2012-05-16 13:13 - 0003458 ____A C:\Users\grevolorio\Desktop\OTL.Txt

    2012-05-16 12:21 - 2012-05-16 12:21 - 0595456 ____A (OldTimer Tools) C:\Users\grevolorio\Desktop\OTL.exe

    2012-05-16 11:29 - 2012-05-18 05:35 - 0042974 ____A C:\Users\grevolorio\Desktop\ComboFix.zip

    2012-05-16 10:29 - 2012-05-16 10:57 - 0043052 ____A C:\TDSSKiller.2.7.35.0_16.05.2012_14.29.33_log.txt

    2012-05-16 10:27 - 2012-05-16 10:27 - 0000939 ____A C:\Users\sharepointadmin\Desktop\ERUNT.lnk

    2012-05-16 10:27 - 2012-05-16 10:27 - 0000939 ____A C:\Users\grevolorio\Desktop\ERUNT.lnk

    2012-05-16 10:27 - 2012-05-16 10:27 - 0000000 ____D C:\Program Files (x86)\ERUNT

    2012-05-16 06:56 - 2012-05-16 06:56 - 0607260 ____R (Swearware) C:\Users\grevolorio\Desktop\dds.scr

    2012-05-16 06:44 - 2012-05-16 06:44 - 0005778 ____A C:\Users\grevolorio\Documents\cc_20120516_104422.reg

    2012-05-16 06:10 - 2012-04-30 13:03 - 0442702 ____A C:\Windows\System32\Drivers\etc\hosts.20120516-101002.backup

    2012-05-15 12:17 - 2012-05-15 12:17 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Google

    2012-05-15 07:57 - 2012-05-16 06:39 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Media Player Classic

    2012-05-10 10:33 - 2012-04-01 21:34 - 5504880 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

    2012-05-10 10:33 - 2012-04-01 20:46 - 3958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

    2012-05-10 10:33 - 2012-04-01 20:46 - 3902320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

    2012-05-10 10:33 - 2012-04-01 19:01 - 3143680 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

    2012-05-10 10:33 - 2012-03-02 22:29 - 1837568 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll

    2012-05-10 10:33 - 2012-03-02 22:29 - 1541120 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll

    2012-05-10 10:33 - 2012-03-02 22:29 - 0902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll

    2012-05-10 10:33 - 2012-03-02 22:29 - 0320512 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll

    2012-05-10 10:33 - 2012-03-02 22:29 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll

    2012-05-10 10:33 - 2012-03-02 21:40 - 1170944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

    2012-05-10 10:33 - 2012-03-02 21:40 - 1074176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

    2012-05-10 10:33 - 2012-03-02 21:40 - 0739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

    2012-05-10 10:33 - 2012-03-02 21:40 - 0218624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

    2012-05-10 10:33 - 2012-03-02 21:40 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

    2012-05-10 10:32 - 2012-03-30 03:09 - 1895280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

    2012-05-10 10:32 - 2012-03-16 23:55 - 0075632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys

    2012-05-08 12:36 - 2012-05-08 12:36 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\SUPERAntiSpyware.com

    2012-05-08 12:35 - 2012-05-22 11:08 - 0001808 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

    2012-05-07 13:00 - 2012-05-07 13:00 - 1026560 ____A C:\Users\grevolorio\Desktop\TRMDU Project Schedule - NEW.mpp

    2012-05-07 08:35 - 2012-05-07 08:35 - 0000000 ____D C:\Users\grevolorio\AppData\Local\Nero_AG

    2012-05-02 10:11 - 2012-05-22 11:33 - 0000000 ____D C:\Program Files (x86)\Loaris

    2012-05-02 09:42 - 2012-05-02 09:45 - 0000000 ____D C:\Program Files (x86)\Startup Optimizer

    2012-05-02 09:42 - 2012-05-02 09:42 - 0001022 ____A C:\Users\sharepointadmin\Desktop\Startup Optimizer.lnk

    2012-05-02 09:42 - 2012-05-02 09:42 - 0001022 ____A C:\Users\grevolorio\Desktop\Startup Optimizer.lnk

    2012-05-01 05:50 - 2012-05-01 05:50 - 0000826 ____A C:\Users\Public\Desktop\WinX DVD Author.lnk

    2012-05-01 05:50 - 2012-05-01 05:50 - 0000000 ____D C:\Users\grevolorio\Documents\My Videos

    2012-05-01 05:50 - 2012-05-01 05:50 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Digiarty

    2012-05-01 04:36 - 2012-05-01 04:36 - 0000000 ____D C:\Users\grevolorio\Documents\NeroVideo

    2012-05-01 04:36 - 2012-05-01 04:36 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Nero

    2012-05-01 04:36 - 2012-05-01 04:36 - 0000000 ____D C:\Users\grevolorio\AppData\Local\Nero

    2012-04-30 13:22 - 2012-04-30 13:22 - 0002797 ____A C:\Users\Public\Desktop\Nero Video 11.lnk

    2012-04-30 13:22 - 2012-04-30 13:22 - 0002143 ____A C:\Users\Public\Desktop\Nero Kwik Media.lnk

    2012-04-30 13:21 - 2012-04-30 13:21 - 0002783 ____A C:\Users\Public\Desktop\Nero BackItUp 11.lnk

    2012-04-30 13:20 - 2012-04-30 13:20 - 0002843 ____A C:\Users\Public\Desktop\Nero Burning ROM 11.lnk

    2012-04-30 13:18 - 2012-04-30 13:24 - 0000000 ____D C:\Users\All Users\Nero

    2012-04-30 13:11 - 2012-04-30 13:24 - 0000000 ____D C:\Program Files (x86)\Nero

    2012-04-30 13:11 - 2011-12-01 07:42 - 0072240 ____A (Nero AG) C:\Windows\System32\Drivers\NBVol.sys

    2012-04-30 13:11 - 2011-12-01 07:42 - 0015920 ____A (Nero AG) C:\Windows\System32\Drivers\NBVolUp.sys

    2012-04-30 13:10 - 2010-05-26 07:41 - 1868128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll

    2012-04-30 13:10 - 2010-05-26 07:41 - 0470880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll

    2012-04-30 13:10 - 2010-05-26 07:41 - 0248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll

    2012-04-30 13:09 - 2009-09-04 13:29 - 1974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll

    2012-04-30 13:07 - 2009-09-04 13:29 - 1892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll

    2012-04-30 13:06 - 2008-10-15 02:22 - 4379984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll

    2012-04-30 13:05 - 2007-07-19 14:14 - 3727720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll

    2012-04-30 13:03 - 2007-05-16 12:45 - 3497832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll

    2012-04-30 13:02 - 2006-03-31 08:40 - 2388176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll

    2012-04-30 11:17 - 2012-04-30 11:46 - 0000000 ____D C:\Program Files (x86)\Trend Micro

    2012-04-30 11:17 - 2012-04-30 11:17 - 0002127 ____A C:\Users\sharepointadmin\Desktop\HijackThis.lnk

    2012-04-30 10:26 - 2012-04-30 10:26 - 0000000 ____D C:\Users\All Users\boost_interprocess

    2012-04-30 10:26 - 2011-09-28 05:20 - 0119568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL

    2012-04-30 10:26 - 2011-09-28 05:20 - 0115920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msinet.OCX

    2012-04-30 10:26 - 2011-09-28 05:20 - 0040960 ____A (vbAccelerator) C:\Windows\SysWOW64\SSubTmr6.dll

    2012-04-30 10:26 - 2011-09-28 05:20 - 0015360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetfr.DLL

    2012-04-30 10:25 - 2012-04-30 10:26 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\FreeBurner

    2012-04-30 10:25 - 2011-09-28 05:20 - 0141312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCFR.DLL

    2012-04-30 10:25 - 2011-09-28 05:20 - 0032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGFR.DLL

    2012-04-30 08:56 - 2012-04-30 08:58 - 0000000 ____D C:\Program Files (x86)\K-Lite Codec Pack

    2012-04-30 08:56 - 2011-03-02 03:43 - 0175616 ____A C:\Windows\SysWOW64\unrar.dll

    2012-04-30 07:44 - 2012-04-30 07:44 - 17357434 ____A ( ) C:\Users\grevolorio\Downloads\K-Lite_Codec_Pack_860_Full.exe

    2012-04-30 07:40 - 2012-04-30 07:40 - 0000000 ____D C:\DVDTemp

    2012-04-30 07:38 - 2012-04-30 07:38 - 7213444 ____A (www.minidvdsoft.com ) C:\Users\grevolorio\Downloads\freedvdcreator.exe

    2012-04-25 12:30 - 2012-04-25 12:30 - 1997353 ____A C:\Users\grevolorio\Downloads\Saver2Setup.exe

    2012-04-25 07:54 - 2012-04-25 07:54 - 0001100 ____A C:\Users\Public\Desktop\VLC media player.lnk

    2012-04-25 07:42 - 2012-04-25 07:42 - 22259528 ____A C:\Users\grevolorio\Desktop\vlc-2.0.1-win32.exe

    2012-04-25 07:40 - 2012-04-25 07:40 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\VTC Preferences Folder

    ============ 3 Months Modified Files and Folders =============

    2012-05-23 14:16 - 2012-05-23 14:15 - 0000000 ____D C:\FRST

    2012-05-23 10:07 - 2011-01-11 03:58 - 1865368 ____A C:\Windows\WindowsUpdate.log

    2012-05-23 10:07 - 2009-07-13 20:45 - 0014224 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

    2012-05-23 10:07 - 2009-07-13 20:45 - 0014224 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

    2012-05-23 10:05 - 2011-08-04 05:50 - 0000902 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

    2012-05-23 10:05 - 2011-01-17 08:58 - 0000000 ___RD C:\Users\grevolorio\Dropbox

    2012-05-23 10:05 - 2011-01-17 08:56 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Dropbox

    2012-05-23 10:05 - 2009-07-13 21:13 - 0789722 ____A C:\Windows\System32\PerfStringBackup.INI

    2012-05-23 10:01 - 2011-01-26 13:58 - 0322933 ____A C:\Windows\System32\inst.log

    2012-05-23 10:00 - 2011-01-18 09:02 - 0000000 ____D C:\Users\All Users\VMware

    2012-05-23 10:00 - 2011-01-11 04:58 - 0000000 ____D C:\Users\All Users\NVIDIA

    2012-05-23 10:00 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT

    2012-05-23 09:59 - 2012-05-17 04:41 - 0001120 ____A C:\Windows\setupact.log

    2012-05-23 09:48 - 2012-04-13 06:29 - 0000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

    2012-05-23 09:44 - 2011-08-04 05:50 - 0000906 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

    2012-05-23 09:15 - 2011-01-17 09:59 - 0000928 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-796845957-725345543-2108UA.job

    2012-05-23 07:06 - 2011-01-19 11:36 - 0000000 ___RD C:\Users\grevolorio\Documents\1-Projects

    2012-05-23 07:00 - 2012-05-23 07:00 - 0000162 ___AH C:\Users\grevolorio\Documents\~$S Template.dotx

    2012-05-23 06:14 - 2012-05-23 06:13 - 0000000 ____D C:\Program Files (x86)\SpywareBlaster

    2012-05-23 06:13 - 2012-05-23 06:13 - 0001079 ____A C:\Users\grevolorio\Desktop\SpywareBlaster.lnk

    2012-05-23 06:12 - 2012-05-23 06:11 - 0000000 ____D C:\Users\grevolorio\Desktop\Download

    2012-05-23 06:11 - 2012-05-23 06:11 - 0001181 ____A C:\Users\Public\Desktop\Anti-Malware Toolkit.lnk

    2012-05-23 06:11 - 2012-05-23 06:11 - 0000000 ____D C:\Users\grevolorio\AppData\Local\Lunarsoft

    2012-05-23 06:11 - 2012-05-23 06:11 - 0000000 ____D C:\Program Files (x86)\Lunarsoft

    2012-05-23 05:57 - 2009-07-13 20:45 - 3235848 ____A C:\Windows\System32\FNTCACHE.DAT

    2012-05-23 05:53 - 2012-05-23 05:53 - 0000000 ____D C:\Users\grevolorio\Desktop\backups

    2012-05-23 05:44 - 2012-05-23 05:44 - 0388608 ____A (Trend Micro Inc.) C:\Users\grevolorio\Desktop\HijackThis.exe

    2012-05-23 05:10 - 2012-05-22 10:42 - 0000000 ____D C:\sh4ldr

    2012-05-23 05:10 - 2012-05-22 10:41 - 0000000 ____D C:\Windows\82478B3DFD8E450182AC6C864BD60483.TMP

    2012-05-23 05:03 - 2012-05-17 04:41 - 0038998 ____A C:\Windows\PFRO.log

    2012-05-23 04:53 - 2011-01-17 08:53 - 0000000 ____D C:\Users\All Users\LogMeIn

    2012-05-22 21:15 - 2011-01-17 09:59 - 0000876 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-796845957-725345543-2108Core.job

    2012-05-22 14:00 - 2011-10-20 07:04 - 0000476 ____A C:\Windows\Tasks\ParetoLogic Registration.job

    2012-05-22 12:48 - 2012-05-22 06:03 - 0000000 ____D C:\Program Files\HitmanPro

    2012-05-22 12:18 - 2012-05-22 12:18 - 0030281 ____A C:\Users\grevolorio\Desktop\logs.zip

    2012-05-22 12:16 - 2012-05-22 12:16 - 0607260 ____R (Swearware) C:\Users\grevolorio\Desktop\dds.com

    2012-05-22 12:16 - 2011-02-14 13:20 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\TeraCopy

    2012-05-22 11:33 - 2012-05-02 10:11 - 0000000 ____D C:\Program Files (x86)\Loaris

    2012-05-22 11:09 - 2011-04-28 04:49 - 0000000 ____D C:\Program Files\SUPERAntiSpyware

    2012-05-22 11:08 - 2012-05-08 12:35 - 0001808 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

    2012-05-22 11:06 - 2012-05-22 11:06 - 0000579 ____A C:\rkill.log

    2012-05-22 10:51 - 2012-05-22 10:51 - 0138120 ____A (ESET) C:\Users\grevolorio\Desktop\ESETSirefefRemover.exe

    2012-05-22 10:42 - 2012-05-22 10:42 - 0000000 ____D C:\Program Files\Enigma Software Group

    2012-05-22 09:43 - 2012-05-17 11:17 - 2721556 ____A C:\Windows\ntbtlog.txt

    2012-05-22 09:28 - 2012-05-22 09:29 - 0725408 ____A (Enigma Software Group USA, LLC.) C:\Users\grevolorio\Desktop\SpyHunter-Installer.exe

    2012-05-22 07:50 - 2012-05-22 07:50 - 0000000 ____D C:\Users\All Users\RegRun

    2012-05-22 06:32 - 2011-01-17 08:53 - 0000000 ____D C:\Program Files (x86)\LogMeIn

    2012-05-22 06:31 - 2011-01-17 08:53 - 0087456 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIRfsClientNP.dll

    2012-05-22 06:31 - 2011-01-17 08:53 - 0080768 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIinit.dll

    2012-05-22 06:31 - 2011-01-17 08:53 - 0034688 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIport.dll

    2012-05-22 06:26 - 2012-05-17 07:20 - 0000000 ____D C:\Users\grevolorio\Desktop\RK_Quarantine

    2012-05-22 06:24 - 2012-05-22 06:23 - 0043394 ____A C:\TDSSKiller.2.7.36.0_22.05.2012_10.23.51_log.txt

    2012-05-22 06:24 - 2012-05-17 07:18 - 1454080 ____A C:\Users\grevolorio\Desktop\RogueKiller.exe

    2012-05-22 06:23 - 2012-05-22 06:23 - 0000348 ____A C:\TDSSKiller.2.7.35.0_22.05.2012_10.23.05_log.txt

    2012-05-22 06:23 - 2012-05-21 12:40 - 2127960 ____A (Kaspersky Lab ZAO) C:\Users\grevolorio\Desktop\TDSSKiller.exe

    2012-05-22 06:04 - 2012-05-22 06:03 - 0000000 ____D C:\Users\All Users\HitmanPro

    2012-05-22 06:02 - 2012-05-22 06:02 - 8298672 ____A (SurfRight B.V.) C:\Users\grevolorio\Desktop\HitmanPro36_x64.exe

    2012-05-22 05:58 - 2012-05-22 05:55 - 0000263 ____A C:\Users\grevolorio\Desktop\AntiZeroAccess_Log.txt

    2012-05-22 05:52 - 2012-05-22 05:52 - 0187464 ____A (Webroot) C:\Users\grevolorio\Desktop\antizeroaccess.exe

    2012-05-22 04:58 - 2011-01-18 08:14 - 0000000 ____D C:\Users\grevolorio\AppData\Local\Paint.NET

    2012-05-22 04:52 - 2012-05-22 04:52 - 0302592 ____A C:\Users\grevolorio\Desktop\odupruxo.exe

    2012-05-21 12:21 - 2011-01-20 06:15 - 0000000 ____D C:\Users\grevolorio\.VirtualBox

    2012-05-21 12:18 - 2011-09-09 07:48 - 0000000 ____D C:\Users\grevolorio\AppData\Local\VMware

    2012-05-21 12:18 - 2011-01-20 08:44 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\VMware

    2012-05-21 12:10 - 2011-10-10 06:49 - 0000000 ____D C:\Windows\System32\FxsTmp

    2012-05-21 07:40 - 2011-01-24 14:02 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\TeamViewer

    2012-05-21 06:23 - 2009-07-13 21:08 - 0032568 ____A C:\Windows\Tasks\SCHEDLGU.TXT

    2012-05-21 06:12 - 2012-05-21 06:12 - 0446464 ____A (OldTimer Tools) C:\Users\grevolorio\Desktop\TFC.exe

    2012-05-21 06:03 - 2012-03-15 12:57 - 0000000 ____D C:\Users\grevolorio\Desktop\Backup

    2012-05-21 06:03 - 2011-04-25 11:25 - 0049321 ____A C:\Users\grevolorio\Desktop\INRange.ml

    2012-05-21 05:24 - 2012-05-18 06:43 - 4500115 ____R (Swearware) C:\Users\grevolorio\Desktop\ComboFix.exe

    2012-05-21 04:49 - 2011-04-13 07:28 - 0000000 ____D C:\Qoobox

    2012-05-18 07:21 - 2012-05-18 07:21 - 0000512 ____A C:\Users\grevolorio\Desktop\MBR.dat

    2012-05-18 07:17 - 2012-05-18 07:17 - 4731392 ____A (AVAST Software) C:\Users\grevolorio\Desktop\aswMBR.exe

    2012-05-18 06:48 - 2012-05-18 06:48 - 0059154 ____A C:\Users\grevolorio\Desktop\cmbfix.png

    2012-05-18 05:35 - 2012-05-16 11:29 - 0042974 ____A C:\Users\grevolorio\Desktop\ComboFix.zip

    2012-05-18 04:57 - 2012-05-18 04:56 - 0041912 ____A C:\TDSSKiller.2.7.35.0_18.05.2012_08.56.54_log.txt

    2012-05-18 04:46 - 2012-05-18 04:37 - 0081286 ____A C:\TDSSKiller.2.7.35.0_18.05.2012_08.37.34_log.txt

    2012-05-17 12:16 - 2011-11-18 12:32 - 0000000 ____D C:\Program Files (x86)\Fiddler2

    2012-05-17 12:04 - 2011-01-27 07:17 - 0000000 ____D C:\Users\grevolorio\Documents\CMO Stuff

    2012-05-17 11:19 - 2011-10-28 11:03 - 0442303 ____N C:\Windows\System32\Drivers\etc\hosts

    2012-05-17 10:31 - 2012-05-17 10:31 - 0001715 ____A C:\Users\grevolorio\Desktop\RKreport[3].txt

    2012-05-17 04:46 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\Downloaded Program Files

    2012-05-17 04:41 - 2012-05-17 04:41 - 0000000 ____A C:\Windows\setuperr.log

    2012-05-17 04:38 - 2012-05-17 04:38 - 0000000 ____D C:\_OTL

    2012-05-16 13:13 - 2012-05-16 12:32 - 0003458 ____A C:\Users\grevolorio\Desktop\OTL.Txt

    2012-05-16 12:21 - 2012-05-16 12:21 - 0595456 ____A (OldTimer Tools) C:\Users\grevolorio\Desktop\OTL.exe

    2012-05-16 10:57 - 2012-05-16 10:29 - 0043052 ____A C:\TDSSKiller.2.7.35.0_16.05.2012_14.29.33_log.txt

    2012-05-16 10:28 - 2011-04-13 07:29 - 0000000 ____D C:\Windows\ERDNT

    2012-05-16 10:27 - 2012-05-16 10:27 - 0000939 ____A C:\Users\sharepointadmin\Desktop\ERUNT.lnk

    2012-05-16 10:27 - 2012-05-16 10:27 - 0000939 ____A C:\Users\grevolorio\Desktop\ERUNT.lnk

    2012-05-16 10:27 - 2012-05-16 10:27 - 0000000 ____D C:\Program Files (x86)\ERUNT

    2012-05-16 09:55 - 2011-11-15 05:48 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\BitTyrant

    2012-05-16 06:56 - 2012-05-16 06:56 - 0607260 ____R (Swearware) C:\Users\grevolorio\Desktop\dds.scr

    2012-05-16 06:44 - 2012-05-16 06:44 - 0005778 ____A C:\Users\grevolorio\Documents\cc_20120516_104422.reg

    2012-05-16 06:44 - 2012-04-13 10:28 - 0000856 ____A C:\Users\Public\Desktop\CCleaner.lnk

    2012-05-16 06:44 - 2012-04-13 10:28 - 0000000 ____D C:\Program Files\CCleaner

    2012-05-16 06:39 - 2012-05-15 07:57 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Media Player Classic

    2012-05-16 06:39 - 2011-04-25 12:42 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy

    2012-05-16 05:42 - 2011-01-17 06:32 - 0000000 ____D C:\Users\grevolorio\AppData\Local\VirtualStore

    2012-05-16 04:42 - 2011-01-11 05:21 - 57848688 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

    2012-05-16 04:40 - 2011-04-26 06:04 - 1903704 ____A C:\Windows\System32\Drivers\Cat.DB

    2012-05-16 04:37 - 2011-10-10 06:49 - 0000000 ____D C:\Program Files\Windows Journal

    2012-05-15 13:00 - 2011-03-16 06:13 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\SProxy

    2012-05-15 12:17 - 2012-05-15 12:17 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Google

    2012-05-14 12:57 - 2008-07-28 10:02 - 0002096 ___AH C:\Users\grevolorio\Documents\Default.rdp

    2012-05-14 06:43 - 2011-04-25 04:33 - 0002491 ____A C:\Users\Public\Desktop\Safari.lnk

    2012-05-14 06:43 - 2011-04-25 04:33 - 0000000 ____D C:\Program Files (x86)\Safari

    2012-05-10 10:36 - 2011-01-17 09:18 - 0000000 ____D C:\Users\grevolorio\AppData\Local\Microsoft Help

    2012-05-09 05:48 - 2011-03-21 13:02 - 0000000 ____D C:\Program Files (x86)\Saver2

    2012-05-09 04:36 - 2011-01-18 12:38 - 0000000 ____D C:\Users\grevolorio\Documents\SQL Server Management Studio

    2012-05-08 12:36 - 2012-05-08 12:36 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\SUPERAntiSpyware.com

    2012-05-07 13:00 - 2012-05-07 13:00 - 1026560 ____A C:\Users\grevolorio\Desktop\TRMDU Project Schedule - NEW.mpp

    2012-05-07 08:35 - 2012-05-07 08:35 - 0000000 ____D C:\Users\grevolorio\AppData\Local\Nero_AG

    2012-05-07 04:37 - 2011-01-11 07:47 - 0000000 ____D C:\Users\All Users\Microsoft Help

    2012-05-03 12:39 - 2011-07-13 11:19 - 0001018 ____A C:\Users\grevolorio\Desktop\Pandora (Listen Only).lnk

    2012-05-03 12:39 - 2011-03-21 13:03 - 0001013 ____A C:\Users\grevolorio\Desktop\Saver2.lnk

    2012-05-03 10:07 - 2012-04-17 04:56 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Foxit Software

    2012-05-02 09:45 - 2012-05-02 09:42 - 0000000 ____D C:\Program Files (x86)\Startup Optimizer

    2012-05-02 09:42 - 2012-05-02 09:42 - 0001022 ____A C:\Users\sharepointadmin\Desktop\Startup Optimizer.lnk

    2012-05-02 09:42 - 2012-05-02 09:42 - 0001022 ____A C:\Users\grevolorio\Desktop\Startup Optimizer.lnk

    2012-05-01 05:50 - 2012-05-01 05:50 - 0000826 ____A C:\Users\Public\Desktop\WinX DVD Author.lnk

    2012-05-01 05:50 - 2012-05-01 05:50 - 0000000 ____D C:\Users\grevolorio\Documents\My Videos

    2012-05-01 05:50 - 2012-05-01 05:50 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Digiarty

    2012-05-01 04:36 - 2012-05-01 04:36 - 0000000 ____D C:\Users\grevolorio\Documents\NeroVideo

    2012-05-01 04:36 - 2012-05-01 04:36 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Nero

    2012-05-01 04:36 - 2012-05-01 04:36 - 0000000 ____D C:\Users\grevolorio\AppData\Local\Nero

    2012-04-30 13:24 - 2012-04-30 13:18 - 0000000 ____D C:\Users\All Users\Nero

    2012-04-30 13:24 - 2012-04-30 13:11 - 0000000 ____D C:\Program Files (x86)\Nero

    2012-04-30 13:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Cursors

    2012-04-30 13:22 - 2012-04-30 13:22 - 0002797 ____A C:\Users\Public\Desktop\Nero Video 11.lnk

    2012-04-30 13:22 - 2012-04-30 13:22 - 0002143 ____A C:\Users\Public\Desktop\Nero Kwik Media.lnk

    2012-04-30 13:21 - 2012-04-30 13:21 - 0002783 ____A C:\Users\Public\Desktop\Nero BackItUp 11.lnk

    2012-04-30 13:20 - 2012-04-30 13:20 - 0002843 ____A C:\Users\Public\Desktop\Nero Burning ROM 11.lnk

    2012-04-30 13:03 - 2012-05-16 06:10 - 0442702 ____A C:\Windows\System32\Drivers\etc\hosts.20120516-101002.backup

    2012-04-30 12:31 - 2011-10-20 07:01 - 0000450 ____A C:\Windows\Tasks\ParetoLogic Update Version2.job

    2012-04-30 11:46 - 2012-04-30 11:17 - 0000000 ____D C:\Program Files (x86)\Trend Micro

    2012-04-30 11:17 - 2012-04-30 11:17 - 0002127 ____A C:\Users\sharepointadmin\Desktop\HijackThis.lnk

    2012-04-30 10:59 - 2011-09-14 10:45 - 0000000 ____D C:\Program Files (x86)\IObit

    2012-04-30 10:55 - 2011-08-16 06:14 - 0000000 ____D C:\Program Files (x86)\ScanSoft

    2012-04-30 10:54 - 2011-08-16 06:14 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\ScanSoft

    2012-04-30 10:53 - 2011-08-16 06:14 - 0000000 ____D C:\Users\All Users\ScanSoft

    2012-04-30 10:40 - 2011-01-17 06:32 - 0000000 ____D C:\Users\grevolorio\AppData\LocalLow

    2012-04-30 10:38 - 2011-01-17 06:32 - 0000000 ____D C:\users\grevolorio

    2012-04-30 10:27 - 2012-03-15 05:10 - 0001143 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

    2012-04-30 10:27 - 2011-04-05 12:56 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

    2012-04-30 10:26 - 2012-04-30 10:26 - 0000000 ____D C:\Users\All Users\boost_interprocess

    2012-04-30 10:26 - 2012-04-30 10:25 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\FreeBurner

    2012-04-30 10:11 - 2012-04-13 06:28 - 0418464 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

    2012-04-30 10:11 - 2011-05-20 12:09 - 0070304 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

    2012-04-30 08:58 - 2012-04-30 08:56 - 0000000 ____D C:\Program Files (x86)\K-Lite Codec Pack

    2012-04-30 07:44 - 2012-04-30 07:44 - 17357434 ____A ( ) C:\Users\grevolorio\Downloads\K-Lite_Codec_Pack_860_Full.exe

    2012-04-30 07:40 - 2012-04-30 07:40 - 0000000 ____D C:\DVDTemp

    2012-04-30 07:38 - 2012-04-30 07:38 - 7213444 ____A (www.minidvdsoft.com ) C:\Users\grevolorio\Downloads\freedvdcreator.exe

    2012-04-27 09:45 - 2011-03-09 08:33 - 0000000 ____D C:\Users\grevolorio\AppData\Local\CutePDF Writer

    2012-04-25 12:30 - 2012-04-25 12:30 - 1997353 ____A C:\Users\grevolorio\Downloads\Saver2Setup.exe

    2012-04-25 08:05 - 2011-03-18 05:36 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\vlc

    2012-04-25 07:54 - 2012-04-25 07:54 - 0001100 ____A C:\Users\Public\Desktop\VLC media player.lnk

    2012-04-25 07:42 - 2012-04-25 07:42 - 22259528 ____A C:\Users\grevolorio\Desktop\vlc-2.0.1-win32.exe

    2012-04-25 07:40 - 2012-04-25 07:40 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\VTC Preferences Folder

    2012-04-23 05:07 - 2011-01-17 07:31 - 0139952 ____A C:\Users\grevolorio\AppData\Local\GDIPFONTCACHEV1.DAT

    2012-04-19 10:22 - 2012-04-19 09:47 - 0000000 ____D C:\Users\grevolorio\Downloads\John_Lindsay_-_Emails_from_an_A__hole_Real_People_Being_Stupid

    2012-04-19 10:07 - 2012-04-19 10:06 - 1264198 ____A C:\Users\grevolorio\Downloads\wheresjason-1280x800.jpg

    2012-04-19 09:58 - 2011-06-09 10:02 - 0000000 ____D C:\Users\grevolorio\Calibre Library

    2012-04-19 09:50 - 2011-06-09 10:01 - 0000000 ____D C:\Program Files (x86)\Calibre2

    2012-04-19 09:49 - 2012-04-19 09:49 - 46847336 ____A C:\Users\grevolorio\Downloads\calibre-0.8.47.msi

    2012-04-19 09:46 - 2012-04-19 09:47 - 1447867 ____A C:\Users\grevolorio\Downloads\John_Lindsay_-_Emails_from_an_A__hole_Real_People_Being_Stupid.rar

    2012-04-17 04:57 - 2012-04-17 04:57 - 0001160 ____A C:\Users\Public\Desktop\Foxit Reader 5.1.lnk

    2012-04-17 04:50 - 2012-04-17 04:50 - 8864476 ____A C:\Users\grevolorio\Documents\Potato_April_2012.doc

    2012-04-17 04:39 - 2012-04-17 04:39 - 0613152 ____A C:\Users\grevolorio\Documents\Potato_April_2012.pdf

    2012-04-13 10:30 - 2012-04-13 10:30 - 0025798 ____A C:\Users\grevolorio\Documents\cc_20120413_143028.reg

    2012-04-13 10:28 - 2011-01-11 06:49 - 0000000 ____D C:\Windows\Panther

    2012-04-13 09:45 - 2011-01-18 09:03 - 0786306 ____A C:\Windows\SysWOW64\PerfStringBackup.INI

    2012-04-10 07:34 - 2012-04-09 11:41 - 0000000 ____D C:\Users\grevolorio\Documents\My Kindle Content

    2012-04-09 11:41 - 2012-04-09 11:41 - 0002028 ____A C:\Users\grevolorio\Desktop\Kindle.lnk

    2012-04-09 11:41 - 2012-04-09 11:41 - 0000000 ____D C:\Users\grevolorio\AppData\Local\Amazon

    2012-04-09 11:41 - 2012-04-09 11:41 - 0000000 ____D C:\Program Files (x86)\Amazon

    2012-04-09 11:21 - 2011-10-28 11:03 - 0000602 ___RA C:\Windows\System32\Drivers\etc\hosts.20120430-151620.backup

    2012-04-09 06:02 - 2012-04-09 06:02 - 0085647 ____A C:\Users\grevolorio\Documents\C7djl.jpg

    2012-04-06 06:07 - 2012-04-06 06:07 - 0000000 ____D C:\Users\grevolorio\AppData\Local\Plex

    2012-04-06 06:06 - 2012-04-06 06:06 - 0000000 ____D C:\Program Files (x86)\Plex

    2012-04-06 06:05 - 2012-04-06 06:05 - 43715544 ____A (Plex, Inc.) C:\Users\grevolorio\Documents\Plex-Media-Center-0.9.5.2.1.exe

    2012-04-04 11:56 - 2011-04-05 12:56 - 0024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

    2012-04-04 08:03 - 2012-04-04 08:03 - 0262656 ____A C:\Users\grevolorio\Documents\IHPPS LTCH 2012 Final Rule OHA Summary.doc

    2012-04-02 12:17 - 2012-04-02 12:17 - 0040985 ____A C:\Users\grevolorio\AppData\Roaming\a.7z

    2012-04-02 06:45 - 2012-04-02 06:45 - 0001817 ____A C:\Users\Public\Desktop\iTunes.lnk

    2012-04-02 06:45 - 2012-04-02 06:45 - 0000000 ____D C:\Program Files\iTunes

    2012-04-02 06:45 - 2012-04-02 06:45 - 0000000 ____D C:\Program Files\iPod

    2012-04-02 06:45 - 2012-03-12 04:48 - 0000000 ____D C:\Program Files (x86)\iTunes

    2012-04-01 21:34 - 2012-05-10 10:33 - 5504880 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

    2012-04-01 20:46 - 2012-05-10 10:33 - 3958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

    2012-04-01 20:46 - 2012-05-10 10:33 - 3902320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

    2012-04-01 19:01 - 2012-05-10 10:33 - 3143680 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

    2012-03-30 03:09 - 2012-05-10 10:32 - 1895280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

    2012-03-29 10:15 - 2012-03-29 10:15 - 0607260 ____A (Swearware) C:\Users\grevolorio\Downloads\dds.scr

    2012-03-22 08:06 - 2011-01-18 08:23 - 0000000 ____D C:\Program Files (x86)\Java

    2012-03-22 07:03 - 2012-03-22 07:03 - 0000000 ____D C:\Users\grevolorio\AppData\Local\Macroplant

    2012-03-22 07:02 - 2012-03-22 07:02 - 0000000 ____D C:\Program Files (x86)\iExplorer

    2012-03-16 23:55 - 2012-05-10 10:32 - 0075632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys

    2012-03-16 06:47 - 2012-03-16 06:47 - 0000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services

    2012-03-16 06:46 - 2012-03-16 06:46 - 0000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

    2012-03-16 06:46 - 2011-01-11 07:47 - 0000000 ____D C:\Program Files (x86)\Microsoft Office

    2012-03-16 06:45 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared

    2012-03-16 06:44 - 2011-01-11 07:49 - 0000000 ____D C:\Program Files\Microsoft Office

    2012-03-16 05:18 - 2012-03-16 05:17 - 0000000 ___SD C:\Users\grevolorio\SharePoint Sites

    2012-03-16 05:07 - 2012-03-07 12:50 - 0000000 ____D C:\Users\grevolorio\AppData\Local\Facebook

    2012-03-15 13:09 - 2011-01-18 07:55 - 0000000 ____D C:\Users\grevolorio\Documents\MyLifeOrganized

    2012-03-15 12:58 - 2012-03-15 13:09 - 0039958 ____A C:\Users\grevolorio\Desktop\INRange.ml.ver23.bak

    2012-03-15 12:56 - 2012-03-15 12:56 - 0001181 ____A C:\Users\Public\Desktop\MLO.lnk

    2012-03-15 12:56 - 2011-01-28 10:36 - 0000000 ____D C:\Program Files (x86)\MyLifeOrganized.net

    2012-03-14 05:41 - 2011-07-20 07:24 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Graphic.lyAir.524A3AB5801B9AE08DEEB1BA295EDE84BDC333F2.1

    2012-03-14 05:23 - 2011-07-20 07:15 - 0000000 ____D C:\Program Files (x86)\Graphic.ly AIR

    2012-03-14 05:21 - 2011-06-08 08:01 - 0000000 ____D C:\Program Files (x86)\eBookConverter

    2012-03-14 05:11 - 2011-09-28 07:30 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\5pm-downloader

    2012-03-14 05:06 - 2012-02-13 07:48 - 0000000 ____D C:\Users\All Users\Lavasoft

    2012-03-13 06:23 - 2012-03-13 06:23 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Motorola

    2012-03-12 05:30 - 2011-01-24 13:50 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\Apple Computer

    2012-03-12 05:12 - 2012-03-12 05:09 - 0000000 ____D C:\Saved Music

    2012-03-12 05:11 - 2011-01-18 08:11 - 0000000 ____D C:\Program Files (x86)\Notepad++

    2012-03-12 05:07 - 2012-02-13 07:49 - 0000064 ____A C:\Windows\SysWOW64\rp_stats.dat

    2012-03-12 05:07 - 2012-02-13 07:49 - 0000044 ____A C:\Windows\SysWOW64\rp_rules.dat

    2012-03-12 05:06 - 2012-03-12 05:06 - 0000000 __SHD C:\Windows\System32\%APPDATA%

    2012-03-07 07:45 - 2012-03-07 07:45 - 5480448 ____A C:\Windows\System32\config\DEFAULT.iobit

    2012-03-07 07:45 - 2012-03-07 07:45 - 39219200 ____A C:\Windows\System32\config\SYSTEM.iobit

    2012-03-07 07:45 - 2012-03-07 07:45 - 121745408 ____A C:\Windows\System32\config\SOFTWARE.iobit

    2012-03-07 07:45 - 2012-03-07 07:45 - 0036864 ____A C:\Windows\System32\config\SECURITY.iobit

    2012-03-07 07:45 - 2012-03-07 07:45 - 0036864 ____A C:\Windows\System32\config\SAM.iobit

    2012-03-07 07:30 - 2012-03-07 07:30 - 0000000 ____D C:\Users\All Users\IObit

    2012-03-07 07:29 - 2011-09-14 10:45 - 0000000 ____D C:\Users\grevolorio\AppData\Roaming\IObit

    2012-03-05 06:23 - 2012-02-29 10:00 - 0202296 ____A C:\Users\grevolorio\Documents\DFS Template.dotx

    2012-03-02 22:29 - 2012-05-10 10:33 - 1837568 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll

    2012-03-02 22:29 - 2012-05-10 10:33 - 1541120 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll

    2012-03-02 22:29 - 2012-05-10 10:33 - 0902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll

    2012-03-02 22:29 - 2012-05-10 10:33 - 0320512 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll

    2012-03-02 22:29 - 2012-05-10 10:33 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll

    2012-03-02 21:40 - 2012-05-10 10:33 - 1170944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

    2012-03-02 21:40 - 2012-05-10 10:33 - 1074176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

    2012-03-02 21:40 - 2012-05-10 10:33 - 0739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

    2012-03-02 21:40 - 2012-05-10 10:33 - 0218624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

    2012-03-02 21:40 - 2012-05-10 10:33 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

    2012-03-02 10:10 - 2011-01-19 15:47 - 0000000 ____D C:\Users\grevolorio\Documents\Images and Logos

    2012-03-01 06:06 - 2009-01-09 11:49 - 0048051 ____A C:\Users\grevolorio\Documents\SRS Template.dotx

    2012-02-29 22:54 - 2012-04-13 06:33 - 0022896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys

    2012-02-29 22:45 - 2012-04-13 06:33 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll

    2012-02-29 22:40 - 2012-04-13 06:33 - 0080896 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll

    2012-02-29 22:35 - 2012-04-13 06:33 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll

    2012-02-29 21:49 - 2012-04-13 06:33 - 0172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

    2012-02-29 21:45 - 2012-04-13 06:33 - 0158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

    2012-02-29 21:40 - 2012-04-13 06:33 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll

    2012-02-29 11:23 - 2011-02-01 07:27 - 0039248 ____A C:\bar.emf

    2012-02-29 05:52 - 2009-01-09 09:12 - 0268800 ____A C:\Users\grevolorio\Documents\SRS.doc

    2012-02-27 23:34 - 2012-04-13 06:44 - 17790976 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

    2012-02-27 23:02 - 2012-04-13 06:44 - 10888704 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

    2012-02-27 22:56 - 2012-04-13 06:44 - 2311168 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

    2012-02-27 22:50 - 2012-04-13 06:44 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

    2012-02-27 22:49 - 2012-04-13 06:44 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

    2012-02-27 22:48 - 2012-04-13 06:44 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

    2012-02-27 22:48 - 2012-04-13 06:44 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

    2012-02-27 22:47 - 2012-04-13 06:44 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

    2012-02-27 22:45 - 2012-04-13 06:44 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

    2012-02-27 22:43 - 2012-04-13 06:45 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

    2012-02-27 22:43 - 2012-04-13 06:44 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

    2012-02-27 22:42 - 2012-04-13 06:45 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

    2012-02-27 22:39 - 2012-04-13 06:44 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

    2012-02-27 17:52 - 2012-04-13 06:44 - 12281856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

    2012-02-27 17:27 - 2012-04-13 06:44 - 9705984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

    2012-02-27 17:18 - 2012-04-13 06:44 - 1799168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

    2012-02-27 17:12 - 2012-04-13 06:44 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

    2012-02-27 17:11 - 2012-04-13 06:44 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

    2012-02-27 17:11 - 2012-04-13 06:44 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

    2012-02-27 17:09 - 2012-04-13 06:44 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

    2012-02-27 17:08 - 2012-04-13 06:44 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

    2012-02-27 17:06 - 2012-04-13 06:44 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

    2012-02-27 17:04 - 2012-04-13 06:44 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

    2012-02-27 17:03 - 2012-04-13 06:45 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

    2012-02-27 17:03 - 2012-04-13 06:45 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

    2012-02-27 16:59 - 2012-04-13 06:44 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

    2012-02-27 12:30 - 2011-01-19 11:40 - 0000000 ____D C:\Users\grevolorio\Documents\Change Requests

    ========================= Known DLLs (Whitelisted) ============

    ========================= Bamital & volsnap Check ============

    C:\Windows\System32\winlogon.exe => MD5 is legit

    C:\Windows\System32\wininit.exe => MD5 is legit

    C:\Windows\SysWOW64\wininit.exe => MD5 is legit

    C:\Windows\explorer.exe => MD5 is legit

    C:\Windows\SysWOW64\explorer.exe => MD5 is legit

    C:\Windows\System32\svchost.exe => MD5 is legit

    C:\Windows\SysWOW64\svchost.exe => MD5 is legit

    C:\Windows\System32\User32.dll => MD5 is legit

    C:\Windows\SysWOW64\User32.dll => MD5 is legit

    C:\Windows\System32\userinit.exe => MD5 is legit

    C:\Windows\SysWOW64\userinit.exe => MD5 is legit

    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK

    HKLM\...\exefile\DefaultIcon: %1 => OK

    HKLM\...\exefile\open\command: "%1" %* => OK

    ========================= Memory info ======================

    Percentage of memory in use: 8%

    Total physical RAM: 16316.38 MB

    Available physical RAM: 14916.28 MB

    Total Pagefile: 16314.53 MB

    Available Pagefile: 14913.02 MB

    Total Virtual: 8192 MB

    Available Virtual: 8191.9 MB

    ======================= Partitions =========================

    1 Drive c: () (Fixed) (Total:100 GB) (Free:1.28 GB) NTFS

    2 Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]

    4 Drive f: (SoftRaid) (Fixed) (Total:731.32 GB) (Free:210.57 GB) NTFS

    5 Drive g: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS

    6 Drive h: () (Removable) (Total:7.62 GB) (Free:3.62 GB) FAT32

    7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

    Disk ### Status Size Free Dyn Gpt

    -------- ------------- ------- ------- --- ---

    Disk 0 Online 465 GB 1024 KB *

    Disk 1 Online 465 GB 1024 KB *

    Disk 2 Online 7832 MB 0 B

    Partitions of Disk 0:

    ===============

    Partition ### Type Size Offset

    ------------- ---------------- ------- -------

    Partition 1 Dynamic Data 992 KB 31 KB

    Partition 2 Dynamic Data 100 MB 1024 KB

    Partition 3 Dynamic Data 100 GB 101 MB

    Partition 4 Dynamic Data 365 GB 100 GB

    ======================================================================================================

    Disk: 0

    Partition 1

    Type : 42

    Hidden: Yes

    Active: No

    There is no volume associated with this partition.

    ======================================================================================================

    Disk: 0

    Partition 2

    Type : 42

    Hidden: Yes

    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 2 D System Rese NTFS Mirror 100 MB Healthy

    ======================================================================================================

    Disk: 0

    Partition 3

    Type : 42

    Hidden: Yes

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 1 C NTFS Mirror 100 GB Healthy

    ======================================================================================================

    Disk: 0

    Partition 4

    Type : 42

    Hidden: Yes

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 0 F SoftRaid NTFS Stripe 731 GB Healthy

    ======================================================================================================

    Partitions of Disk 1:

    ===============

    Partition ### Type Size Offset

    ------------- ---------------- ------- -------

    Partition 1 Dynamic Data 992 KB 31 KB

    Partition 2 Dynamic Data 100 MB 1024 KB

    Partition 3 Dynamic Data 100 GB 101 MB

    Partition 4 Dynamic Data 365 GB 100 GB

    ======================================================================================================

    Disk: 1

    Partition 1

    Type : 42

    Hidden: Yes

    Active: No

    There is no volume associated with this partition.

    ======================================================================================================

    Disk: 1

    Partition 2

    Type : 42

    Hidden: Yes

    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 2 D System Rese NTFS Mirror 100 MB Healthy

    ======================================================================================================

    Disk: 1

    Partition 3

    Type : 42

    Hidden: Yes

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 1 C NTFS Mirror 100 GB Healthy

    ======================================================================================================

    Disk: 1

    Partition 4

    Type : 42

    Hidden: Yes

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 0 F SoftRaid NTFS Stripe 731 GB Healthy

    ======================================================================================================

    Partitions of Disk 2:

    ===============

    Partition ### Type Size Offset

    ------------- ---------------- ------- -------

    Partition 1 Primary 7820 MB 29 KB

    ======================================================================================================

    Disk: 2

    Partition 1

    Type : 0B

    Hidden: No

    Active: No

    Volume ### Ltr Label Fs Type Size Status Info

    ---------- --- ----------- ----- ---------- ------- --------- --------

    * Volume 5 H FAT32 Removable 7820 MB Healthy

    ======================================================================================================

    ==========================================================

    Last Boot: 2012-05-18 20:08

    ======================= End Of Log ==========================

  8. I thought you had given up on me. Thank you so much!!!

    This is the DDS.txt:

    .

    DDS (Ver_2011-08-26.01) - NTFSAMD64

    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.0.0

    Run by GRevolorio at 17:01:10 on 2012-05-22

    Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.16316.10624 [GMT -4:00]

    .

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\wininit.exe

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Program Files\Tablet\Pen\Pen_TouchService.exe

    C:\Windows\system32\WUDFHost.exe

    C:\Windows\SYSTEM32\WISPTIS.EXE

    C:\Program Files\HitmanPro\hmpsched.exe

    C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

    C:\Windows\System32\spoolsv.exe

    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\Program Files\Bonjour\mDNSResponder.exe

    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

    C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

    C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

    C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe

    C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

    C:\Windows\system32\taskhost.exe

    C:\Windows\SYSTEM32\WISPTIS.EXE

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

    C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe

    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

    C:\Windows\SysWOW64\nlssrv32.exe

    c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

    C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe

    C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe

    C:\Program Files\Tablet\Pen\Pen_Tablet.exe

    C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

    C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

    C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

    C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe

    C:\Program Files\Tablet\Pen\Pen_Tablet.exe

    C:\Windows\SysWOW64\vmnat.exe

    C:\Windows\SysWOW64\vmnetdhcp.exe

    C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

    C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe

    C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe

    C:\Program Files\Microsoft IntelliPoint\ipoint.exe

    C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe

    C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe

    C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe

    C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe

    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

    C:\Windows\system32\SearchIndexer.exe

    C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

    C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe

    C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\DDHelper.exe

    C:\Program Files (x86)\iTunes\iTunesHelper.exe

    C:\Users\grevolorio\AppData\Roaming\Dropbox\bin\Dropbox.exe

    C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

    C:\Program Files (x86)\Launchy\Launchy.exe

    C:\Program Files\iPod\bin\iPodService.exe

    C:\Program Files (x86)\MyLifeOrganized.net\MLO\mlo.exe

    C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

    C:\Windows\system32\conhost.exe

    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\system32\wuauclt.exe

    C:\Program Files (x86)\Nero\Update\NASvc.exe

    C:\Program Files\xplorer2\xplorer2_64.exe

    C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe

    C:\Windows\system32\svchost.exe -k SDRSVC

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe

    C:\Windows\system32\WUDFHost.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\System32\svchost.exe -k swprv

    C:\Windows\system32\msiexec.exe

    C:\Windows\SysWOW64\ping.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\SysWOW64\ping.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\system32\DllHost.exe

    C:\Windows\system32\DllHost.exe

    C:\Windows\SysWOW64\cmd.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\SysWOW64\cscript.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.google.com/

    uSearch Bar = Preserve

    uInternet Settings,ProxyOverride = localhost; 127.0.0.1; <local>

    BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

    BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - C:\Program Files (x86)\LastPass\LPBar.dll

    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

    BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

    TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll

    TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

    TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

    uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"

    uRun: [WinSnap] "C:\Program Files\WinSnap\WinSnap.exe" /startup

    uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

    mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

    mRun: [unlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"

    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

    StartupFolder: C:\Users\GREVOL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\grevolorio\AppData\Roaming\Dropbox\bin\Dropbox.exe

    StartupFolder: C:\Users\GREVOL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

    StartupFolder: C:\Users\GREVOL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Launchy.lnk - C:\Program Files (x86)\Launchy\Launchy.exe

    StartupFolder: C:\Users\GREVOL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MYLIFE~1.LNK - C:\Program Files (x86)\MyLifeOrganized.net\MLO\mlo.exe

    StartupFolder: C:\Users\GREVOL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~2.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

    StartupFolder: C:\Users\GREVOL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VPNGUI~1.LNK - C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe

    uPolicies-system: HideLogonScripts = 1 (0x1)

    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

    mPolicies-system: EnableLinkedConnections = 1 (0x1)

    mPolicies-system: DisableCAD = 1 (0x1)

    dPolicies-system: HideLegacyLogonScripts = 1 (0x1)

    dPolicies-system: HideLogonScripts = 1 (0x1)

    dPolicies-system: HideLogoffScripts = 1 (0x1)

    IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

    IE: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass

    IE: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms

    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html

    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html

    IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

    IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"

    IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

    IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll

    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

    LSP: mswsock.dll

    LSP: C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll

    Trusted Zone: calshr01

    Trusted Zone: emmarx.com\reports

    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab

    DPF: {CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4/jinstall-14_07-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

    DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100

    TCP: DhcpNameServer = 10.1.2.20 10.1.2.19

    TCP: Interfaces\{1CC5E133-5EFA-45B6-95E6-3BEBD35BCB03} : NameServer = 208.67.222.222,208.67.220.220

    TCP: Interfaces\{1CC5E133-5EFA-45B6-95E6-3BEBD35BCB03} : DhcpNameServer = 10.1.2.20 10.1.2.19

    TCP: Interfaces\{29AFB5A5-9D29-441F-A64B-D2DC0F50AA0C} : DhcpNameServer = 172.16.206.215 172.16.206.215

    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

    AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL

    mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache

    BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO-X64: AcroIEHelperStub - No File

    C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

    BHO-X64: RoboForm - No File

    BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    BHO-X64: LastPass Browser Helper Object: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll

    BHO-X64: LastPass Browser Helper Object - No File

    BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

    BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    BHO-X64: SkypeIEPluginBHO - No File

    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

    BHO-X64: URLRedirectionBHO - No File

    BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

    BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

    BHO-X64: SmartSelect - No File

    TB-X64: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll

    TB-X64: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

    TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

    TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

    mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

    mRun-x64: [unlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"

    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

    IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html

    IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html

    IE-X64: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

    IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

    IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    IE-X64: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"

    IE-X64: {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe

    AppInit_DLLs-X64: C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL

    Hosts: 127.0.0.1 www.spywareinfo.com

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath - C:\Users\grevolorio\AppData\Roaming\Mozilla\Firefox\Profiles\5nju9yau.default\

    FF - prefs.js: browser.search.selectedEngine - Google

    FF - prefs.js: browser.startup.homepage - about:home

    FF - prefs.js: network.proxy.http - 127.0.0.1

    FF - prefs.js: network.proxy.http_port - 8118

    FF - prefs.js: network.proxy.type - 0

    FF - component: C:\Users\grevolorio\AppData\Roaming\Mozilla\Firefox\Profiles\5nju9yau.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll

    FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll

    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

    FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

    FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll

    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll

    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

    FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll

    FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll

    FF - plugin: C:\Users\grevolorio\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll

    FF - plugin: C:\Users\grevolorio\AppData\Roaming\Mozilla\Firefox\Profiles\5nju9yau.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2.dll

    FF - plugin: C:\Users\grevolorio\AppData\Roaming\Mozilla\Firefox\Profiles\5nju9yau.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\system32\DRIVERS\NBVol.sys --> C:\Windows\system32\DRIVERS\NBVol.sys [?]

    R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\system32\DRIVERS\NBVolUp.sys --> C:\Windows\system32\DRIVERS\NBVolUp.sys [?]

    R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]

    R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]

    R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]

    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

    R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]

    R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]

    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]

    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

    R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2012-5-22 107848]

    R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2010-12-8 375176]

    R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2010-9-17 15928]

    R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]

    R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]

    R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\System32\nlssrv32.exe [2011-1-21 64512]

    R2 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2009-4-1 2440120]

    R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2012-2-23 6583160]

    R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-3-19 2666880]

    R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2012-2-23 528760]

    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

    R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-11-11 539248]

    R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]

    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-1-26 132656]

    R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]

    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

    R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]

    R3 RAMDiskVE;RAMDiskVE;C:\Windows\system32\Drivers\RAMDiskVE.sys --> C:\Windows\system32\Drivers\RAMDiskVE.sys [?]

    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

    R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

    R3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-4 136176]

    S2 MouseWithoutBordersSvc;Mouse without Borders Service;C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [2011-9-19 17920]

    S2 PEVSystemStart;PEVSystemStart;C:\32788R22FWJFW\pev.3XE [2011-6-26 256000]

    S2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]

    S2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2012-5-4 996256]

    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-8-25 235624]

    S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 284016]

    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-13 253088]

    S3 applebmt;Apple Wireless Mouse;C:\Windows\system32\DRIVERS\applebmt.sys --> C:\Windows\system32\DRIVERS\applebmt.sys [?]

    S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

    S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-8-17 1038088]

    S3 glavcam;BW Microscope;C:\Windows\System32\drivers\glavcam.sys [2011-3-2 80000]

    S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-8-23 30192]

    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-4 136176]

    S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]

    S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\system32\Drivers\motoandroid.sys --> C:\Windows\system32\Drivers\motoandroid.sys [?]

    S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]

    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

    S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]

    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

    S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]

    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

    S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]

    S4 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-5-27 98208]

    S4 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2011-2-15 19968]

    S4 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]

    S4 msvsmon80;Visual Studio 2005 Remote Debugger;C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2005-9-23 4476096]

    S4 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2011-4-26 366840]

    S4 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2011-4-26 1150936]

    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

    .

    =============== File Associations ===============

    .

    .txt=SigilTXT

    .

    =============== Created Last 30 ================

    .

    2012-05-22 18:42:37 110080 ----a-r- C:\Users\grevolorio\AppData\Roaming\Microsoft\Installer\{82478B3D-FD8E-4501-82AC-6C864BD60483}\IconF7A21AF7.exe

    2012-05-22 18:42:37 110080 ----a-r- C:\Users\grevolorio\AppData\Roaming\Microsoft\Installer\{82478B3D-FD8E-4501-82AC-6C864BD60483}\IconD7F16134.exe

    2012-05-22 18:42:37 110080 ----a-r- C:\Users\grevolorio\AppData\Roaming\Microsoft\Installer\{82478B3D-FD8E-4501-82AC-6C864BD60483}\Icon1226A4C5.exe

    2012-05-22 18:42:36 -------- d-----w- C:\sh4ldr

    2012-05-22 18:42:36 -------- d-----w- C:\Program Files\Enigma Software Group

    2012-05-22 18:41:35 -------- d-----w- C:\Windows\82478B3DFD8E450182AC6C864BD60483.TMP

    2012-05-22 15:50:09 -------- d-----w- C:\ProgramData\RegRun

    2012-05-22 14:03:59 -------- d-----w- C:\Program Files\HitmanPro

    2012-05-22 14:03:38 -------- d-----w- C:\ProgramData\HitmanPro

    2012-05-17 12:46:12 -------- d-----w- C:\Program Files (x86)\ESET

    2012-05-17 12:38:36 -------- d-----w- C:\_OTL

    2012-05-10 18:32:56 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys

    2012-05-10 18:32:53 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys

    2012-05-10 18:32:51 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

    2012-05-10 18:32:51 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

    2012-05-10 18:32:51 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

    2012-05-10 18:32:50 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

    2012-05-10 18:32:50 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

    2012-05-08 20:36:19 -------- d-----w- C:\Users\grevolorio\AppData\Roaming\SUPERAntiSpyware.com

    2012-05-07 16:35:59 -------- d-----w- C:\Users\grevolorio\AppData\Local\Nero_AG

    2012-05-07 12:33:21 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{366E680E-86A9-4541-9805-3C4E03346FB7}\mpengine.dll

    2012-05-02 18:11:38 -------- d-----w- C:\Program Files (x86)\Loaris

    2012-05-02 17:42:44 -------- d-----w- C:\Program Files (x86)\Startup Optimizer

    2012-05-01 13:50:56 -------- d-----w- C:\Users\grevolorio\AppData\Roaming\Digiarty

    2012-05-01 12:36:35 -------- d-----w- C:\Users\grevolorio\AppData\Local\Nero

    2012-04-30 21:18:45 -------- d-----w- C:\ProgramData\Nero

    2012-04-30 21:11:25 15920 ----a-w- C:\Windows\System32\drivers\NBVolUp.sys

    2012-04-30 21:11:03 72240 ----a-w- C:\Windows\System32\drivers\NBVol.sys

    2012-04-30 21:11:03 -------- d-----w- C:\Program Files (x86)\Nero

    2012-04-30 21:10:22 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll

    2012-04-30 21:10:22 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll

    2012-04-30 21:10:22 1868128 ----a-w- C:\Windows\SysWow64\d3dcsx_43.dll

    2012-04-30 21:09:04 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll

    2012-04-30 21:07:49 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll

    2012-04-30 21:06:34 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll

    2012-04-30 21:05:14 3727720 ----a-w- C:\Windows\SysWow64\d3dx9_35.dll

    2012-04-30 21:03:51 3497832 ----a-w- C:\Windows\SysWow64\d3dx9_34.dll

    2012-04-30 19:17:29 -------- d-----w- C:\Program Files (x86)\Trend Micro

    2012-04-30 18:26:03 -------- d-----w- C:\ProgramData\boost_interprocess

    2012-04-30 18:26:00 40960 ----a-w- C:\Windows\SysWow64\SSubTmr6.dll

    2012-04-30 18:26:00 15360 ----a-w- C:\Windows\SysWow64\inetfr.DLL

    2012-04-30 18:26:00 119568 ----a-w- C:\Windows\SysWow64\VB6FR.DLL

    2012-04-30 18:26:00 115920 ----a-w- C:\Windows\SysWow64\msinet.OCX

    2012-04-30 18:25:59 32768 ----a-w- C:\Windows\SysWow64\CMDLGFR.DLL

    2012-04-30 18:25:59 141312 ----a-w- C:\Windows\SysWow64\MSCMCFR.DLL

    2012-04-30 18:25:59 -------- d-----w- C:\Users\grevolorio\AppData\Roaming\FreeBurner

    2012-04-30 16:56:36 175616 ----a-w- C:\Windows\SysWow64\unrar.dll

    2012-04-30 16:56:33 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack

    2012-04-30 15:40:38 -------- d-----w- C:\DVDTemp

    2012-04-25 15:40:13 -------- d-----w- C:\Users\grevolorio\AppData\Roaming\VTC Preferences Folder

    .

    ==================== Find3M ====================

    .

    2012-05-22 14:31:29 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll

    2012-05-22 14:31:29 80768 ----a-w- C:\Windows\System32\LMIinit.dll

    2012-05-22 14:31:29 34688 ----a-w- C:\Windows\System32\LMIport.dll

    2012-04-30 18:11:41 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2012-04-30 18:11:41 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

    2012-04-04 19:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

    2012-04-02 05:34:04 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe

    2012-04-02 04:46:44 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

    2012-04-02 04:46:44 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

    2012-04-02 03:01:19 3143680 ----a-w- C:\Windows\System32\win32k.sys

    2012-03-03 06:29:57 1541120 ----a-w- C:\Windows\System32\DWrite.dll

    2012-03-03 06:29:42 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

    2012-03-03 06:29:42 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

    2012-03-03 06:29:42 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll

    2012-03-03 06:29:41 902656 ----a-w- C:\Windows\System32\d2d1.dll

    2012-03-03 05:40:21 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll

    2012-03-03 05:40:10 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

    2012-03-03 05:40:09 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

    2012-03-03 05:40:09 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

    2012-03-03 05:40:09 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

    2012-03-01 06:54:38 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

    2012-03-01 06:45:41 220672 ----a-w- C:\Windows\System32\wintrust.dll

    2012-03-01 06:40:14 80896 ----a-w- C:\Windows\System32\imagehlp.dll

    2012-03-01 06:35:16 5120 ----a-w- C:\Windows\System32\wmi.dll

    2012-03-01 05:49:05 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

    2012-03-01 05:45:05 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll

    2012-03-01 05:40:44 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

    2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll

    2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll

    2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

    2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

    2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll

    2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

    2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

    2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    2012-02-23 14:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe

    2012-01-30 13:55:36 14534176 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe

    2006-05-03 16:06:54 163328 --sha-r- C:\Windows\SysWOW64\flvDX.dll

    2007-02-21 17:47:16 31232 --sha-r- C:\Windows\SysWOW64\msfDX.dll

    2008-03-16 19:30:52 216064 --sha-r- C:\Windows\SysWOW64\nbDX.dll

    .

    ============= FINISH: 17:01:54.46 ===============

    and the attach.txt:

    .

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

    IF REQUESTED, ZIP IT UP & ATTACH IT

    .

    DDS (Ver_2011-08-26.01)

    .

    Microsoft Windows 7 Professional

    Boot Device: \Device\HarddiskVolume1

    Install Date: 1/11/2011 6:56:15 AM

    System Uptime: 5/22/2012 3:23:25 PM (2 hours ago)

    .

    Motherboard: Dell Inc. | | 0T105W

    Processor: Intel® Core i7 CPU Q 740 @ 1.73GHz | U2E1 | 1734/133mhz

    .

    ==== Disk Partitions =========================

    .

    C: is FIXED (NTFS) - 100 GiB total, 2.6 GiB free.

    D: is FIXED (FAT32) - 2 GiB total, 2.003 GiB free.

    E: is CDROM ()

    F: is FIXED (NTFS) - 731 GiB total, 210.566 GiB free.

    H: is CDROM ()

    I: is FIXED (NTFS) - 932 GiB total, 897.54 GiB free.

    K: is CDROM (CDFS)

    L: is Removable

    U: is NetworkDisk (NTFS) - 547 GiB total, 119.561 GiB free.

    .

    ==== Disabled Device Manager Items =============

    .

    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

    Description: Cisco Systems VPN Adapter for 64-bit Windows

    Device ID: ROOT\NET\0000

    Manufacturer: Cisco Systems

    Name: Cisco Systems VPN Adapter for 64-bit Windows

    PNP Device ID: ROOT\NET\0000

    Service: CVirtA

    .

    ==== System Restore Points ===================

    .

    RP321: 5/17/2012 - Scheduled Checkpoint

    RP322: 5/17/2012 2:44:43 PM - Revo Uninstaller's restore point - BHODemon 2.0.0.23

    RP323: 5/22/2012 2:41:42 PM - Installed SpyHunter

    RP324: 5/22/2012 3:30:21 PM - Revo Uninstaller's restore point - Loaris Trojan Remover 1.2

    RP325: 5/22/2012 4:53:51 PM - Revo Uninstaller's restore point - Adobe Acrobat X Pro - English, Français, Deutsch

    .

    ==== Installed Programs ======================

    .

    Update for Microsoft Office 2007 (KB2508958)

    AccelerometerP11

    Acrobat.com

    Adobe Acrobat X Pro - English, Français, Deutsch

    Adobe After Effects CS4

    Adobe After Effects CS4 Presets

    Adobe After Effects CS4 Third Party Content

    Adobe AIR

    Adobe Anchor Service CS4

    Adobe Asset Services CS4

    Adobe Bridge CS4

    Adobe CMaps CS4

    Adobe Color - Photoshop Specific CS4

    Adobe Color EU Extra Settings CS4

    Adobe Color JA Extra Settings CS4

    Adobe Color NA Recommended Settings CS4

    Adobe Color Video Profiles AE CS4

    Adobe Color Video Profiles CS CS4

    Adobe Contribute CS4

    Adobe Creative Suite 4 Master Collection

    Adobe CS4 American English Speech Analysis Models

    Adobe CSI CS4

    Adobe Default Language CS4

    Adobe Device Central CS4

    Adobe Digital Editions

    Adobe Dreamweaver CS4

    Adobe Drive CS4

    Adobe Dynamiclink Support

    Adobe Encore CS4

    Adobe Encore CS4 Codecs

    Adobe ExtendScript Toolkit CS4

    Adobe Extension Manager CS4

    Adobe Fireworks CS4

    Adobe Flash CS4

    Adobe Flash CS4 Extension - Flash Lite STI en

    Adobe Flash CS4 STI-en

    Adobe Flash Player 10 Plugin

    Adobe Fonts All

    Adobe Illustrator CS4

    Adobe InDesign CS4

    Adobe InDesign CS4 Application Feature Set Files (Roman)

    Adobe InDesign CS4 Common Base Files

    Adobe InDesign CS4 Icon Handler

    Adobe Linguistics CS4

    Adobe LiveCycle Designer 7.1

    Adobe Media Encoder CS4

    Adobe Media Encoder CS4 Additional Exporter

    Adobe Media Encoder CS4 Dolby

    Adobe Media Encoder CS4 Exporter

    Adobe Media Encoder CS4 Importer

    Adobe Media Player

    Adobe MotionPicture Color Files CS4

    Adobe OnLocation CS4

    Adobe Output Module

    Adobe PDF Library Files CS4

    Adobe Photoshop CS4

    Adobe Photoshop CS4 Support

    Adobe Premiere Pro CS4

    Adobe Premiere Pro CS4 Functional Content

    Adobe Premiere Pro CS4 Third Party Content

    Adobe Reader X (10.1.2)

    Adobe Search for Help

    Adobe Service Manager Extension

    Adobe Setup

    Adobe SGM CS4

    Adobe SING CS4

    Adobe Soundbooth CS4

    Adobe Soundbooth CS4 Codecs

    Adobe Type Support CS4

    Adobe Update Manager CS4

    Adobe Version Cue CS4 Server

    Adobe WinSoft Linguistics Plugin

    Adobe XMP Panels CS4

    AdobeColorCommonSetCMYK

    AdobeColorCommonSetRGB

    AI RoboForm

    Amazon Kindle

    Android SDK Tools

    Apple Application Support

    Apple Software Update

    Axiom 2012

    Axosoft OnTime 2010 Windows

    Bamboo Dock

    BW Microscope

    calibre

    CDBurnerXP

    ClipX

    Color Picker

    Connect

    Content

    Corel Painter 11

    Corel Painter 11 - ICA

    Corel Painter 11 - IPM

    CutePDF Professional 3.3

    D3DX10

    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

    DiskAid 5.01

    Dropbox

    eMedia Piano and Keyboard Method

    eReader

    ERUNT 1.1j

    ESET Online Scanner v3

    Evernote v. 4.5.6

    ExtraPutty 0.22

    Fiddler2

    FlowBreeze Standard 2.5.0.68

    Foxit Reader 5.1

    Google Chrome

    Google Desktop

    Google Earth

    Google Earth Plug-in

    Google Update Helper

    High-Definition Video Playback

    huey 1.0.5

    iConcur Axiom for Word

    IconHandler 32 bit

    IETester v0.4.10 (remove only)

    iExplorer 2.2.1.3

    Inkscape 0.48.1

    iPhoneBrowser

    Java 2 Runtime Environment, SE v1.4.1_07

    Java Auto Updater

    Java Web Start

    Java 6 Update 22

    Java 6 Update 31

    Java 7

    Java SE Development Kit 7

    JMicron Flash Media Controller Driver

    K-Lite Codec Pack 8.6.0 (Full)

    kuler

    Langauge

    LastPass (uninstall only)

    Launchy 2.5

    LiveUpdate 3.3 (Symantec Corporation)

    LogMeIn

    Magic ISO Maker v5.5 (build 0265)

    Malwarebytes Anti-Malware version 1.61.0.1400

    Manga Studio EX 4.0

    Mesh Runtime

    Micro-Measure

    Microsoft .NET Compact Framework 1.0 SP3 Developer

    Microsoft .NET Compact Framework 2.0

    Microsoft Device Emulator version 1.0 - ENU

    Microsoft Document Explorer 2005

    Microsoft Garage Mouse without Borders

    Microsoft Office 2003 Web Components

    Microsoft Office 2007 Service Pack 3 (SP3)

    Microsoft Office 2010 Service Pack 1 (SP1)

    Microsoft Office Access MUI (English) 2007

    Microsoft Office Access Setup Metadata MUI (English) 2007

    Microsoft Office Excel MUI (English) 2007

    Microsoft Office File Validation Add-In

    Microsoft Office InfoPath 2007

    Microsoft Office InfoPath MUI (English) 2007

    Microsoft Office OneNote 2007

    Microsoft Office OneNote 2010

    Microsoft Office OneNote MUI (English) 2007

    Microsoft Office OneNote MUI (English) 2010

    Microsoft Office Outlook Connector

    Microsoft Office Outlook MUI (English) 2007

    Microsoft Office PowerPoint MUI (English) 2007

    Microsoft Office Professional Plus 2007

    Microsoft Office Project 2007 Service Pack 3 (SP3)

    Microsoft Office Project MUI (English) 2007

    Microsoft Office Project Professional 2007

    Microsoft Office Proof (English) 2007

    Microsoft Office Proof (English) 2010

    Microsoft Office Proof (French) 2007

    Microsoft Office Proof (French) 2010

    Microsoft Office Proof (Spanish) 2007

    Microsoft Office Proof (Spanish) 2010

    Microsoft Office Proofing (English) 2007

    Microsoft Office Proofing (English) 2010

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

    Microsoft Office Publisher MUI (English) 2007

    Microsoft Office Shared MUI (English) 2007

    Microsoft Office Shared MUI (English) 2010

    Microsoft Office Shared Setup Metadata MUI (English) 2007

    Microsoft Office Shared Setup Metadata MUI (English) 2010

    Microsoft Office SharePoint Designer 2007

    Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

    Microsoft Office SharePoint Designer MUI (English) 2007

    Microsoft Office Visio 2007 Service Pack 3 (SP3)

    Microsoft Office Visio MUI (English) 2007

    Microsoft Office Visio Professional 2007

    Microsoft Office Word MUI (English) 2007

    Microsoft OneNote 2010

    Microsoft Robocopy GUI

    Microsoft Silverlight

    Microsoft SQL Server 2005

    Microsoft SQL Server 2005 Books Online (English) (September 2007)

    Microsoft SQL Server 2005 Mobile [ENU] Developer Tools

    Microsoft SQL Server 2005 Tools

    Microsoft SQL Server Setup Support Files (English)

    Microsoft Visual C++ 2005 Redistributable

    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

    Microsoft Visual J# 2.0 Redistributable Package

    Microsoft Visual Studio 2005 Premier Partner Edition - ENU

    Microsoft Visual Studio 2005 Premier Partner Edition - ENU Service Pack 1 (KB926601)

    Microsoft Visual Studio 2005 Professional Edition - ENU

    Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601)

    MotoHelper 2.1.32 Driver 5.2.0

    MotoHelper MergeModules

    Mozilla Firefox 10.0.1 (x86 en-US)

    MSDN Library for Visual Studio 2005

    MSVCRT

    MSXML 4.0 SP2 (KB954430)

    MSXML 4.0 SP2 (KB973688)

    MyLifeOrganized v. 3.6.1

    MySQL Tools for 5.0

    Nero 11

    Nero 11 Disc Menus Basic

    Nero 11 Effects Basic

    Nero 11 Image Samples

    Nero 11 Kwik Themes Basic

    Nero 11 PiP Effects Basic

    Nero Audio Pack 1

    Nero BackItUp 11

    Nero BackItUp 11 Help (CHM)

    Nero Burning ROM 11

    Nero Burning ROM 11 Help (CHM)

    Nero ControlCenter 11

    Nero ControlCenter 11 Help (CHM)

    Nero Core Components 11

    Nero CoverDesigner 11

    Nero CoverDesigner 11 Help (CHM)

    Nero Express 11

    Nero Express 11 Help (CHM)

    Nero Kwik Media

    Nero Kwik Media Help (CHM)

    Nero Recode 11

    Nero Recode 11 Help (CHM)

    Nero RescueAgent 11

    Nero RescueAgent 11 Help (CHM)

    Nero SoundTrax 11

    Nero SoundTrax 11 Help (CHM)

    Nero Update

    Nero Video 11

    Nero Video 11 Help (CHM)

    Nero WaveEditor 11

    Nero WaveEditor 11 Help (CHM)

    nero.prerequisites.msi

    NewsBin Pro

    Notepad++

    NVIDIA Stereoscopic 3D Driver

    Octoshape add-in for Adobe Flash Player

    openCanvas4.5e Plus

    OpenOffice.org 3.3

    OutlookTools 2

    Pandora

    ParetoLogic Data Recovery

    PDF Settings CS4

    PDFill PDF Editor with FREE PDF Writer and Tools

    PDFill PDF Writer

    Photoshop Camera Raw

    Pixel Bender Toolkit

    Plex

    Polipo 1.0.4.1

    Python 2.6 pycrypto-2.3

    Qdabra InfoPath to SharePoint List Tool

    QuickTime

    RAMDisk

    Realtek Ethernet Controller Driver

    Realtek High Definition Audio Driver

    Recover My Files

    Renesas Electronics USB 3.0 Host Controller Driver

    Revo Uninstaller 1.92

    Safari

    Saver2

    Seagate Dashboard

    SeaTools for Windows

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

    Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2553091)

    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

    Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

    Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

    Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB937061)

    Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB971023)

    Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB971090)

    Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB973673)

    Send to OneNote 2007

    Sharpener Pro 3.0

    Skype Toolbars

    Skype™ 5.1

    Smart Defrag 2

    Spybot - Search & Destroy

    Spyware Doctor 8.0

    Startup Optimizer 1.6

    Suite Shared Configuration CS4

    SysInfoMyWork

    TeamViewer 7

    tools-freebsd

    tools-linux

    tools-netware

    tools-solaris

    tools-windows

    tools-winPre2k

    TopStyle (Version 3)

    Tor 0.2.1.30

    TreeSize Professional 5.3.4

    TuneWiki

    U2 PCAM

    Unlocker 1.9.1

    Update for 2007 Microsoft Office System (KB967642)

    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

    Update for Microsoft .NET Framework 4 Extended (KB2468871)

    Update for Microsoft .NET Framework 4 Extended (KB2533523)

    Update for Microsoft .NET Framework 4 Extended (KB2600217)

    Update for Microsoft Office 2007 Help for Common Features (KB963673)

    Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

    Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2494150)

    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2566458)

    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

    Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

    Update for Microsoft Office Access 2007 Help (KB963663)

    Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

    Update for Microsoft Office Excel 2007 Help (KB963678)

    Update for Microsoft Office Infopath 2007 Help (KB963662)

    Update for Microsoft Office OneNote 2007 Help (KB963670)

    Update for Microsoft Office Outlook 2007 Help (KB963677)

    Update for Microsoft Office Powerpoint 2007 Help (KB963669)

    Update for Microsoft Office Project 2007 Help (KB963668)

    Update for Microsoft Office Publisher 2007 Help (KB963667)

    Update for Microsoft Office Script Editor Help (KB963671)

    Update for Microsoft Office Sharepoint Designer 2007 Help (KB963675)

    Update for Microsoft Office Visio 2007 Help (KB963666)

    Update for Microsoft Office Word 2007 Help (KB963665)

    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

    Update for Microsoft Visual Studio 2005 Premier Partner Edition - ENU (KB932232)

    Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB932232)

    Vector Magic

    Velvia Vision

    Vertus Fluid Mask 3 2.100.2-RC2

    Vidalia 0.2.12

    Video Enhancer 1.9.6

    VirtualCloneDrive

    VLC media player 2.0.1

    VMware Workstation

    WebTablet FB Plugin

    WebTablet IE Plugin

    WebTablet Netscape Plugin

    welcome

    Windows Live Communications Platform

    Windows Live Essentials

    Windows Live Installer

    Windows Live Mesh

    Windows Live PIMT Platform

    Windows Live SOXE

    Windows Live SOXE Definitions

    Windows Live UX Platform

    Windows Live UX Platform Language Pack

    Windows Media Player Firefox Plugin

    Windows Resource Kit Tools

    WinSCP 4.3.5

    WinSnap

    WinX DVD Author 5.8

    .

    ==== Event Viewer Messages From Past Week ========

    .

    5/22/2012 3:43:26 PM, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s).

    5/22/2012 3:43:13 PM, Error: Service Control Manager [7034] - The SpyHunter 4 Service service terminated unexpectedly. It has done this 1 time(s).

    5/22/2012 3:43:03 PM, Error: Service Control Manager [7034] - The Seagate Dashboard Service service terminated unexpectedly. It has done this 1 time(s).

    5/22/2012 3:42:44 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    5/22/2012 3:31:16 PM, Error: Microsoft-Windows-TerminalServices-RemoteConnectionManager [1067] - The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted. .

    5/22/2012 3:26:42 PM, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

    5/22/2012 3:25:00 PM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: An attempt was made to logon, but the network logon service was not started.

    5/22/2012 3:25:00 PM, Error: Microsoft-Windows-Time-Service [46] - The time service encountered an error and was forced to shut down. The error was: 0x80070700: An attempt was made to logon, but the network logon service was not started.

    5/22/2012 3:24:52 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.

    5/22/2012 3:24:49 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

    5/22/2012 3:24:42 PM, Error: Service Control Manager [7009] - A timeout was reached (120000 milliseconds) while waiting for the PEVSystemStart service to connect.

    5/22/2012 3:24:42 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

    5/22/2012 3:24:37 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

    5/22/2012 3:24:21 PM, Error: Microsoft-Windows-GroupPolicy [1055] - The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following: a) Name Resolution failure on the current domain controller. b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

    5/22/2012 3:24:14 PM, Error: volmgr [45] - The system could not sucessfully load the crash dump driver.

    5/22/2012 10:31:25 AM, Error: Service Control Manager [7034] - The PEVSystemStart service terminated unexpectedly. It has done this 1 time(s).

    5/22/2012 10:23:16 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}

    5/22/2012 10:23:16 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

    5/22/2012 1:46:55 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004

    5/22/2012 1:33:59 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.

    5/22/2012 1:32:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

    5/22/2012 1:32:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

    5/22/2012 1:32:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

    5/22/2012 1:32:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

    5/22/2012 1:31:59 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    5/22/2012 1:31:59 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    5/22/2012 1:31:59 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    5/22/2012 1:31:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}

    5/22/2012 1:31:57 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache eeCtrl ElbyCDIO SASDIFSV SASKUTIL spldr SRTSP SRTSPX VBoxDrv VBoxUSBMon vmm Wanarpv6

    5/22/2012 1:31:54 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

    5/21/2012 11:50:16 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

    5/21/2012 11:20:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

    5/21/2012 11:20:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

    5/21/2012 11:19:49 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache eeCtrl ElbyCDIO NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr SRTSP SRTSPX tdx VBoxDrv VBoxUSBMon vmm vwififlt Wanarpv6 WfpLwf ws2ifsl

    5/21/2012 11:19:46 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

    5/21/2012 11:19:46 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

    5/21/2012 11:19:46 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

    5/21/2012 11:19:46 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

    5/21/2012 11:19:46 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

    5/21/2012 11:19:46 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

    5/21/2012 11:19:43 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

    5/21/2012 11:19:43 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

    5/21/2012 11:19:43 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

    5/21/2012 11:19:43 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

    5/21/2012 11:18:43 AM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The data is invalid.

    5/21/2012 11:00:07 AM, Error: Service Control Manager [7031] - The Symantec Endpoint Protection service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    5/21/2012 10:26:16 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

    5/21/2012 10:25:54 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The Remote Desktop Configuration service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    5/21/2012 10:23:54 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    5/21/2012 1:28:28 PM, Error: Service Control Manager [7031] - The Symantec Settings Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

    5/21/2012 1:28:28 PM, Error: Service Control Manager [7031] - The Symantec Event Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 200 milliseconds: Restart the service.

    5/21/2012 1:28:23 PM, Error: Service Control Manager [7031] - The Symantec Endpoint Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    5/18/2012 4:50:19 PM, Error: BTHUSB [5] - The Bluetooth driver expected an HCI event with a certain size but did not receive it.

    5/17/2012 4:12:51 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

    5/17/2012 12:03:54 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.

    5/17/2012 1:36:19 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user INRANGE\GRevolorio SID (S-1-5-21-1085031214-796845957-725345543-2108) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

    5/17/2012 1:36:19 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user INRANGE\GRevolorio SID (S-1-5-21-1085031214-796845957-725345543-2108) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

    5/16/2012 8:57:04 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual Studio 2005 Service Pack 1 XML Editor (KB2251481).

    5/16/2012 8:43:09 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2007 suites (KB2596880).

    5/16/2012 8:43:09 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition.

    5/16/2012 8:42:49 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Excel 2007 (KB2597161).

    5/16/2012 8:42:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Word 2007 (KB2596917).

    5/16/2012 8:42:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2656405).

    5/16/2012 8:41:39 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290).

    5/16/2012 8:41:19 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2604121).

    5/16/2012 8:40:30 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition.

    5/16/2012 8:40:30 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2007 suites (KB2596672).

    5/16/2012 8:40:20 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2007 suites (KB2597969).

    5/16/2012 8:40:20 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2007 suites (KB2597162).

    5/16/2012 8:39:49 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Silverlight (KB2690729).

    5/16/2012 8:39:49 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2007 suites (KB2596792).

    5/15/2012 12:05:17 PM, Error: BROWSER [8020] - The browser was unable to promote itself to master browser. The computer that currently believes it is the master browser is unknown.

    5/15/2012 1:48:46 PM, Error: BROWSER [8019] - The browser was unable to promote itself to master browser. The browser will continue to attempt to promote itself to the master browser, but will no longer log any events in the event log in Event Viewer.

    .

    ==== End Of File ===========================

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.