Safesearch.net

vicxyz · March 5, 2015

Hi, apologies if this has been covered elsewhere but the search function came up with no results. I have had my internet explorer hijacked by safesearch.net ... using windows 7 with IE 11. I have MacAfee which failed to do anything. I have Ad Aware which failed to do anything and I have Malwarebytes which failed to do anything.

I've followed allkinds of tutorials about editing your IE settings, editing registry to no avail.

Any suggestions?

vicxyz · March 5, 2015

seriously? nobody?

deeprybka · March 5, 2015

Hi & :welcome:

My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully. :excl:

My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Step 1

Please run a FRST scan. This will help us diagnose your problem.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

Start FRST with administator privileges.
Make sure the option Addition.txt is checked and press the Scan button.
When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
Please copy and paste these logs in your next reply.

vicxyz · March 5, 2015

Hi Jurgen, thanks for responding.....

here is the addition.txt...

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by Victor at 2015-03-05 21:37:06
Running from C:\Users\Victor\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Ad-Aware Web Companion (x32 Version: 1.1.908.1803 - Lavasoft) Hidden
Add or Remove Adobe Creative Suite 3 Master Collection (HKLM-x32\...\Adobe_4dcfd9b7e901b57f81f667144603236) (Version: 1.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Alien Skin Eye Candy 5 Nature (HKLM-x32\...\EyeCandy5Nature) (Version: - )
Alien Skin Xenofex 2 (HKLM-x32\...\Xenofex2) (Version: - )
aniMate 2 DS3 (HKLM-x32\...\aniMate 2 DS3 2.0.0.7) (Version: 2.0.0.7 - DAZ 3D)
Apple Application Support (HKLM-x32\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{33EB1061-ABF1-4470-A540-32E97A610536}) (Version: 3.2.0.47 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
As Simple As Photoshop 6.0 (HKLM-x32\...\As Simple As Photoshop_is1) (Version: - Andrei Doubrovski)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Athentech Perfectly Clear (HKLM-x32\...\_{12097B7C-04C4-4049-AEBF-0ECE0D6FCEE3}) (Version: 1.0.0.101 - Corel Corporation)
Athentech Perfectly Clear (Version: 1.0.0.101 - Corel Corporation) Hidden
Athentech Perfectly Clear (x32 Version: 1.0.0.101 - Corel Corporation) Hidden
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
Authorizer 2.7.0 (HKLM\...\{F6762963-9AE5-4bc6-A70F-2D749F6AC02F}_is1) (Version: 2.7.0 - Propellerhead Software AB)
Authorizer Ignition Key Support (Version: 1.0.8.0 - Propellerhead Software AB) Hidden
Avid Mbox Driver 1.1.9 (x64) (HKLM\...\{1F0E3221-8B58-4CD8-ABD9-D2730671E2E9}) (Version: 1.1.9 - Avid)
Avid Pro Tools Express (HKLM-x32\...\{4C77F4F5-DFFC-4A18-A5A5-913350B70865}) (Version: 0.0.0 - Avid Technology, Inc.)
Avid Virtual Instruments Express (HKLM-x32\...\{6444D9E1-244C-465B-A990-F6AB116FC48A}) (Version: 10.2.0 - Avid Technology, Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.7.4101 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FDB8F715-FC8D-4C20-B614-E0361BB69A17}) (Version: 0.9.7.4101 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother HL-5140 (HKLM-x32\...\Brother HL-5140) (Version: - )
Bryce 7.1 (HKLM-x32\...\Bryce 7.1 7.1.0.74) (Version: 7.1.0.74 - DAZ 3D)
BT NetProtect Plus (HKLM-x32\...\MSC) (Version: 13.6.1492 - McAfee, Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
CanoScan 8800F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4805) (Version: - )
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
ComicRack v0.9.142 (HKLM\...\ComicRack) (Version: v0.9.142 - cYo Soft)
Corel Paint Shop Pro Photo XI (HKLM-x32\...\{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}) (Version: 11.00.0000 - Corel Inc)
Corel PaintShop Pro X6 (HKLM-x32\...\_{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.2.0.20 - Corel Corporation)
Corel PaintShop Pro X6 (x32 Version: 16.2.0.20 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
Coupon Printer (HKLM-x32\...\Coupon Printer2.2.0.1) (Version: 2.2.0.1 - Coupons.com Inc.)
Cryostasis (Remove Only) (HKLM-x32\...\{97A8C4B4-2B50-42D1-AFE6-5E8433185436}_is1) (Version: 1.01 - 505games)
Crysis® (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAZ Studio 3 (HKLM-x32\...\DAZ Studio 3 3.1.2.32) (Version: 3.1.2.32 - DAZ 3D)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: - NCH Software)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
EA Download Manager (HKLM-x32\...\EA Download Manager) (Version: 6.0.4.124 - Electronic Arts, Inc.)
EA Download Manager UI (HKLM-x32\...\com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 6.0.4.124 - Electronic Arts)
EA Download Manager UI (x32 Version: 6.0.4 - Electronic Arts) Hidden
EMC 10 Content (x32 Version: 1.0.035 - Roxo, Inc.) Hidden
EMCGadgets64 (Version: 1.0.302 - Sonic) Hidden
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.28 - NCH Software)
EZ Vinyl/Tape Converter 4.1 by MixMeister (HKLM-x32\...\EZ Vinyl/Tape Converter by MixMeister_is1) (Version: - MixMeister Technology LLC)
FaceFilter v3.02 Standard (HKLM-x32\...\{6020758E-57A9-41E3-AF20-8EE311EA6156}) (Version: 3.02.1506.1 - Reallusion Inc.)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free MTS Converter (HKLM-x32\...\Free MTS Converter_is1) (Version: - )
GameSpy Comrade (HKLM-x32\...\{7F752BAB-4AFD-4138-983D-7E9E7CFE077D}) (Version: 3.2.17.236 - GameSpy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HD Writer AE 5.0 (HKLM-x32\...\{433E3E7F-4510-41F9-B9FB-55D8ECB30259}) (Version: 5.00.013.1033 - Panasonic Corporation)
ICA (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
Image Data Converter (HKLM-x32\...\{87998E4E-6D9C-411B-AAE9-B8523FFE357D}) (Version: 4.0.01.09151 - Sony Corporation)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.0 - PACE Anti-Piracy, Inc.)
IPM_PSP_COM (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
IPM_PSP_COM64 (Version: 16.0.0.113 - Corel Corporation) Hidden
iTunes (HKLM\...\{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}) (Version: 10.0.1.22 - Apple Inc.)
Jasc Paint Shop Pro 8 (HKLM-x32\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.10.0000 - Jasc Software Inc)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.191 - McAfee, Inc.)
Medal of Honor (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}) (Version: 1.4.915.1 - Fitipower)
Multimedia Card Reader (x32 Version: 1.4.915.1 - Fitipower) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5856 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}) (Version: 9.10.0223 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.5812 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Pen Tablet (HKLM-x32\...\Pen Tablet Driver) (Version: - Wacom Technology Corp.)
Pinnacle Instant DVD Recorder (HKLM-x32\...\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}) (Version: 2.6.1.127 - Pinnacle Systems)
Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.029 - Pinnacle Systems)
Pixsta (HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Pokki_83453a3d886e527a470b5bb8291dd338de4b1e44) (Version: 2.5.3.4 - Pokki)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.00.09123 - Sony Corporation)
Pokki (HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Pokki) (Version: 0.269.7.513 - Pokki)
Pokki Download Helper (HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.18 - NCH Software)
PSPPContent (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
PSPPro64 (Version: 16.2.0.20 - Corel Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Reason 4.0.1 (HKLM-x32\...\Reason4_is1) (Version: 4.0.1 - Propellerhead Software AB)
Reason 8.0.0 (HKLM\...\Reason8.0_64_is1) (Version: 8.0.0 - Propellerhead Software AB)
Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio File Backup (Version: 1.3.0 - Roxio) Hidden
ScanSoft OmniPage SE 4 (HKLM-x32\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Setup (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Ship Simulator 2008 (HKLM-x32\...\Shipsim2008) (Version: - )
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version: - SSC Localization Group)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Ultimate Creative Collection (X6) (HKLM-x32\...\_{D839B02E-8C50-4F8F-BA53-84FF75487A1A}) (Version: 1.0.0.100 - Corel Corporation)
Ultimate Creative Collection (X6) (x32 Version: 1.0.0.100 - Corel Corporation) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Web Companion (HKLM-x32\...\{AB75B78F-CFFA-4027-A8DC-94357F2F77EE}_WebCompanion) (Version: 1.1.908.1803 - Lavasoft)
Webinaria 2.0 (HKLM-x32\...\Webinaria_is1) (Version: - Charlwood eMarketing)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
YouTube Downloader 2.7 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: - BienneSoft)
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version: - Check Point Software Technologies)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

04-03-2015 21:42:13 LavasoftWeCompanion

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {049775E2-2A90-40C3-9F0A-B85B58F7F34E} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {0D1CB3D7-2ECB-460A-B852-0B5BEA09B4FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {10545267-0B7A-4B93-9EC6-4D436EBDB8B2} - System32\Tasks\{8D0D6A6D-D270-4BA3-965E-E4F11C65F30F} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2003-12-04] (Corel Corporation)
Task: {144C3759-A3C6-43C7-B4C4-9B13AEADB110} - System32\Tasks\{92DA1A3F-1A4F-494F-8667-6E2756ADC679} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {16A9CE25-CEAB-4D84-97E9-0544FEF6DDDD} - System32\Tasks\{354E69EB-F57E-4F50-A680-48E9FFAD167C} => pcalua.exe -a D:\EPSETUP.EXE -d D:\
Task: {2078AE7C-7B0A-43A5-B4A2-B1B72B0FDBD1} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {2CD96539-3015-4158-8004-14CD772F5032} - System32\Tasks\SafeSearchVerify => C:\Program Files\SafeSearch\1_4\se.exe
Task: {3990644C-15DC-4910-BF4B-CFE9E56C8F7C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {48F51FA9-FDE0-483A-9449-E231767A101C} - System32\Tasks\{B35431C7-8373-4F60-B67F-EAE6195BBB9E} => D:\run.exe
Task: {5635657E-8550-40E8-85F1-AAC8BD58AAE9} - System32\Tasks\{F14D4E07-7B09-4732-BF83-EEF7F46D4D5E} => D:\run.exe
Task: {660844DF-AE67-4901-A9ED-90DE752B5C39} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {6ABA6D3B-7151-497D-BD8B-C5057E08CEB8} - System32\Tasks\{E95BA6E9-5F86-4F70-83A4-18E4B4AE2CB2} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2003-12-04] (Corel Corporation)
Task: {756AD110-B68B-4054-9AAD-124056AB6E01} - System32\Tasks\{53C58DCD-6D59-4020-89EF-B3873135A463} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2003-12-04] (Corel Corporation)
Task: {7604BB8B-E6BA-4A8C-B745-1BAB9A4F83BF} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {77D11B42-0000-413C-91F2-119FF2A6BB3C} - \avayvaxvaa No Task File <==== ATTENTION
Task: {7F0D03B8-AFAE-40C5-97BB-196A1CD8CD4F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {807CC4B9-567F-4951-A314-52A50B3E8CD5} - System32\Tasks\{759BDA0A-EE45-4BDC-8344-2B38E1848EF8} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2003-12-04] (Corel Corporation)
Task: {9330DE37-A83D-450D-8F50-BAA22851E025} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {99849050-B934-4CAD-A155-32E8AB140523} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {9B42E008-2BB8-4A86-8789-419F6898FEAF} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {A687062A-0DAB-4ED7-8788-93398EE73094} - System32\Tasks\{5DC1A093-8338-4C12-8AFB-06A0F88D6CD7} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2003-12-04] (Corel Corporation)
Task: {A7C8BD3E-FC09-4499-BA66-4BDCEE6E27CC} - System32\Tasks\{5731ED2D-CE4C-47FF-9756-7728DC46D608} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelDRW.exe [2003-12-04] (Corel Corporation)
Task: {B6C272CF-541E-42A4-919B-4AA7FD394F95} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {BC9F8310-F523-4998-8803-3391C139DA8E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {C3890707-0F8C-40D7-BF65-0B1D59F1124D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {CC1971F6-4B3B-428D-8CE7-8AF4B21B0A93} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {CD35A032-F595-4A3E-B9E1-D497B4165D38} - System32\Tasks\SafeSearchUpdate => C:\Program Files\SafeSearch\1_4\se.exe
Task: {CF75C224-41D6-4036-94FE-FD0D3EF7A9A4} - System32\Tasks\{D02A3EC3-07CB-4097-9CA8-C6FF31FF2D1E} => D:\run.exe
Task: {D41682B6-34E1-4FEB-B021-758C9CB3C810} - System32\Tasks\{B43F8CE8-1310-4B65-8BF8-697B45D6875C} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2003-12-04] (Corel Corporation)
Task: {D89F5D1D-97F7-4239-BFCA-363E89E6D960} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {E888ED54-F180-4C74-BE75-3C8213873827} - System32\Tasks\{AC22345C-56B9-4028-939F-ED2368366E9A} => pcalua.exe -a C:\Drivers\Brother\Pp10f.exe -d C:\Users\Victor\Desktop
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-10-14 10:26 - 2010-12-29 17:37 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2015-02-06 15:02 - 2015-02-06 15:02 - 00089088 _____ () C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2015-03-02 18:01 - 2015-03-02 18:01 - 00017768 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-03-02 18:00 - 2015-03-02 18:00 - 00012144 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-03-02 18:01 - 2015-03-02 18:01 - 00034152 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2010-09-24 21:36 - 2011-08-18 15:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2010-02-09 11:34 - 2010-02-09 11:34 - 01807680 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2014-10-17 09:06 - 2014-10-17 09:06 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\c29d8779b3a3599f44e21e017541cd0c\VistaBridgeLibrary.ni.dll
2013-02-13 02:37 - 2013-02-13 02:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-10-29 19:06 - 2014-10-29 19:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2014-11-20 10:50 - 2014-11-20 10:50 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2010-09-24 21:33 - 2009-10-02 11:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-02-10 18:34 - 2014-11-11 18:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-03-05 09:31 - 2014-12-02 00:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-03-05 09:31 - 2014-12-02 00:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-03-05 09:31 - 2014-12-02 00:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-25 09:17 - 2015-02-18 23:51 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 07:53 - 2014-12-01 21:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 07:53 - 2014-12-01 21:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 07:53 - 2014-12-01 21:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 07:53 - 2014-12-01 21:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 07:53 - 2014-12-01 21:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-06-19 14:22 - 2015-02-18 23:51 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-03-02 18:01 - 2015-03-02 18:01 - 00072512 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-03-02 18:00 - 2015-03-02 18:00 - 00179560 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-03-02 18:01 - 2015-03-02 18:01 - 00046920 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-03-02 18:01 - 2015-03-02 18:01 - 00123224 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-03-02 18:01 - 2015-03-02 18:01 - 00015696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2015-03-02 18:01 - 2015-03-02 18:01 - 00069960 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2015-03-02 18:00 - 2015-03-02 18:00 - 00039256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2015-03-02 18:00 - 2015-03-02 18:00 - 00172368 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.IEController.dll
2015-03-02 18:00 - 2015-03-02 18:00 - 00018256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Automation.dll
2010-02-09 11:34 - 2010-02-09 11:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2010-02-09 11:34 - 2010-02-09 11:34 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2010-02-09 11:34 - 2010-02-09 11:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2010-02-09 11:34 - 2010-02-09 11:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2010-02-09 11:34 - 2010-02-09 11:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00750080 _____ () C:\Users\Victor\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-05 11:18 - 2015-03-05 11:18 - 00043008 _____ () c:\users\victor\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcw71qn.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00047616 _____ () C:\Users\Victor\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00865280 _____ () C:\Users\Victor\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00200704 _____ () C:\Users\Victor\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2010-08-09 23:01 - 2010-08-09 23:01 - 00067872 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-02-13 02:38 - 2013-02-13 02:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-29 19:01 - 2014-10-29 19:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2014-10-29 19:07 - 2014-10-29 19:07 - 00065600 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2015-01-04 04:06 - 2015-01-04 04:06 - 00569856 _____ () C:\Users\Victor\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2015-01-04 04:06 - 2015-01-04 04:06 - 01400846 _____ () C:\Users\Victor\AppData\Local\Pokki\Engine\avcodec-54.dll
2015-01-04 04:06 - 2015-01-04 04:06 - 00151054 _____ () C:\Users\Victor\AppData\Local\Pokki\Engine\avutil-51.dll
2015-01-04 04:06 - 2015-01-04 04:06 - 00222734 _____ () C:\Users\Victor\AppData\Local\Pokki\Engine\avformat-54.dll
2012-06-19 14:22 - 2015-01-28 01:30 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Victor\Local Settings:eBTnN2nsGmdwyE37f
AlternateDataStreams: C:\Users\Victor\AppData\Local:eBTnN2nsGmdwyE37f
AlternateDataStreams: C:\Users\Victor\AppData\Local\Application Data:eBTnN2nsGmdwyE37f
AlternateDataStreams: C:\Users\Victor\AppData\Local\sIupgNEM:gP5EyGLaVOKlXZzD7kW

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\S-1-5-21-3304660120-434486148-2028904278-1001\Software\Classes\.exe: => <===== ATTENTION!

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3304660120-434486148-2028904278-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== Accounts: =============================

8910C1E16859491E8416 (S-1-5-21-3304660120-434486148-2028904278-1006 - Limited - Enabled)
Administrator (S-1-5-21-3304660120-434486148-2028904278-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3304660120-434486148-2028904278-1004 - Limited - Enabled)
Guest (S-1-5-21-3304660120-434486148-2028904278-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3304660120-434486148-2028904278-1002 - Limited - Enabled)
Victor (S-1-5-21-3304660120-434486148-2028904278-1001 - Administrator - Enabled) => C:\Users\Victor

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2015 02:01:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11357

Error: (03/05/2015 02:01:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11357

Error: (03/05/2015 02:01:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/05/2015 02:01:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10358

Error: (03/05/2015 02:01:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10358

Error: (03/05/2015 02:01:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/05/2015 02:01:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9344

Error: (03/05/2015 02:01:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9344

Error: (03/05/2015 02:01:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/05/2015 02:01:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8346

System errors:
=============
Error: (03/05/2015 11:25:58 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (03/05/2015 11:18:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053

Error: (03/05/2015 11:18:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (03/05/2015 11:16:13 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RxFilter

Error: (03/05/2015 11:16:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The BlueStacks Android Service service hung on starting.

Error: (03/05/2015 11:14:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (03/05/2015 11:13:59 AM) (Source: Service Control Manager) (EventID: 7002) (User: )
Description: The BrPar service depends on the Parallel arbitrator group and no member of this group started.

Error: (03/05/2015 10:38:06 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (03/05/2015 10:30:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053

Error: (03/05/2015 10:30:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-10-01 08:16:58.030
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvd3dumx.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-01 08:16:57.840
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvd3dumx.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-22 13:56:53.979
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvd3dumx.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-09-22 13:56:53.779
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvd3dumx.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-02 12:41:52.169
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvd3dumx.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-02 12:41:51.979
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvd3dumx.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-27 12:09:02.814
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvd3dumx.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-27 12:09:02.654
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvd3dumx.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-27 10:12:03.944
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvd3dumx.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-27 10:12:03.784
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvd3dumx.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 36%
Total physical RAM: 8151.08 MB
Available physical RAM: 5216.52 MB
Total Pagefile: 16300.34 MB
Available Pagefile: 11392.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:920.54 GB) (Free:88.22 GB) NTFS
Drive i: (Seagate Expansion Drive) (Fixed) (Total:1863 GB) (Free:1699.03 GB) NTFS
Drive j: () (Fixed) (Total:465.76 GB) (Free:114.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 78000000)
Partition 1: (Not Active) - (Size=94 MB) - (Type=DE)
Partition 2: (Active) - (Size=10.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=920.5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 05CDEBA4)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 6.

==================== End Of Log ============================

vicxyz · March 5, 2015

....and here is the FRST.txt....

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by Victor (administrator) on DADS-PC on 05-03-2015 21:35:56
Running from C:\Users\Victor\Downloads
Loaded Profiles: Victor (Available profiles: Victor)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe
(Avid) C:\Program Files (x86)\Avid\Mbox\AudioDevMon.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATI8JA.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Pokki) C:\Users\Victor\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
(RealNetworks, Inc.) C:\Program Files (x86)\real\realplayer\RPDS\Bin64\rpsystray.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Dropbox, Inc.) C:\Users\Victor\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Pokki) C:\Users\Victor\AppData\Local\Pokki\Engine\HostAppService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files (x86)\real\realplayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Pokki) C:\Users\Victor\AppData\Local\Pokki\Engine\HostAppService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.3.336.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(Pokki) C:\Users\Victor\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-07] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [shwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2009-07-17] (Alcor Micro Corp.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] ()
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [updReg] => C:\Windows\UpdReg.EXE [90112 2000-05-10] (Creative Technology Ltd.)
HKLM-x32\...\Run: [DellSupportCenter] => C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe [729088 2003-11-25] (Corel Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-09-08] (Apple Inc.)
HKLM-x32\...\Run: [sSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160 2010-09-24] (Apple Inc.)
HKLM-x32\...\Run: [uVS10 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [533872 2014-10-06] (McAfee, Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [651832 2011-08-24] (Sony Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-11-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-12-12] (BlueStack Systems, Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2011-10-11] (Dell)
HKLM-x32\...\runonceex: [ContentMerger] => c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-06-26] (Sonic Solutions)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Run: [EPSON Stylus Photo R800] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATI8JA.EXE [211968 2007-01-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Run: [Comrade.exe] => C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe [1204640 2011-03-17] (IGN Entertainment Inc.)
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\Steam.exe [2874048 2015-02-18] (Valve Corporation)
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-10-01] (Google Inc.)
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1300288 2015-03-02] (Lavasoft)
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\MountPoints2: {566ce0c6-fc4f-11df-9978-842b2b9a54b4} - J:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk
ShortcutTarget: HD Writer.lnk -> C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\real\realplayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.safesearch.net/?p=h&m=ie&c=wi&s=wi
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.safesearch.net/?p=h&m=ie&c=na&s=na
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.safesearch.net/?p=h&m=ie&c=wi&s=wi
SearchScopes: HKLM -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesearch.net/search?q={searchTerms}&p=sm=ie&c=wi&s=wi
SearchScopes: HKLM -> {685CF95A-35E7-42C3-B685-E1A64BB80C4E} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://www.safesearch.net/search?q={searchTerms}&p=s&m=ie&c=wi&s=wi
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E1DBD288-C4FB-4562-96C1-FC86C015EDB2} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL =
SearchScopes: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> {35E8663E-16D7-44AB-B47B-29A3E5A2F2A9} URL = https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB691D20111214&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> {4A8BDA0A-EBEE-4CF5-82A7-A089BF8BF966} URL = http://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=en&q={searchTerms}&gu=3f2e5cba0e7640a2a204893148a9e828&tu=11JL0008G2B000s&sku=&tstsId=&ver=&&r=355
SearchScopes: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> {685CF95A-35E7-42C3-B685-E1A64BB80C4E} URL =
SearchScopes: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> {BA1BE292-1D15-488B-934D-008742212380} URL =
SearchScopes: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = http://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10006_uk-pup-removal_remove-trovi-search_150304&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> {E1DBD288-C4FB-4562-96C1-FC86C015EDB2} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} https://register.btinternet.com/templates/btwebcontrol028.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [372248] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [372248] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [372248] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [372248] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [372248] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File
FF Plugin-x32: @comrade.gamespy.com/comrade -> C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3304660120-434486148-2028904278-1001: pokki.com/PokkiDownloadHelper -> C:\Users\Victor\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\safesearch.xml
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-20]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-29]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-19]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-12-12] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-12-12] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [786136 2014-12-12] (BlueStack Systems, Inc.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [836984 2015-03-02] (Lavasoft Limited)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-10-06] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2014-12-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2010-12-29] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-20] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17768 2015-03-02] ()
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 SessionLauncher; c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-12-12] (BlueStack Systems)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R2 fp; C:\Windows\System32\DRIVERS\fp.sys [19152 2014-12-27] (Windows ® Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25720 2010-09-30] ()
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69152 2010-08-12] (Lavasoft AB)
S3 MBOX; C:\Windows\System32\DRIVERS\AvidMbox.sys [464616 2014-08-18] (Avid)
S3 MBOXDFU; C:\Windows\System32\DRIVERS\AvidMbox_DFU.sys [31464 2014-08-18] (Avid)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [65520 2009-06-26] (Sonic Solutions)
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek)
S2 BrPar; \SystemRoot\System32\drivers\BrPar.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 21:35 - 2015-03-05 21:36 - 00034798 _____ () C:\Users\Victor\Downloads\FRST.txt
2015-03-05 21:35 - 2015-03-05 21:36 - 00000000 ____D () C:\FRST
2015-03-05 21:34 - 2015-03-05 21:35 - 02092544 _____ (Farbar) C:\Users\Victor\Downloads\FRST64.exe
2015-03-05 20:02 - 2015-03-05 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-03-05 11:14 - 2015-03-05 11:14 - 00000004 ____H () C:\ProgramData\cm-lock
2015-03-05 10:31 - 2015-03-05 11:14 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001
2015-03-05 10:31 - 2015-03-05 11:14 - 00003208 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3304660120-434486148-2028904278-1001
2015-03-05 09:34 - 2015-03-05 09:34 - 00000000 ____D () C:\Users\Victor\AppData\Local\Steam
2015-03-04 21:57 - 2015-03-04 21:57 - 00021976 _____ () C:\Windows\system32\Drivers\SPPD.sys
2015-03-04 21:45 - 2015-03-05 11:30 - 00000000 ____D () C:\searchplugins
2015-03-04 21:45 - 2015-03-04 21:45 - 00000306 _____ () C:\prefs.js
2015-03-04 21:44 - 2015-03-04 21:44 - 00000000 ____D () C:\Users\Victor\AppData\Local\Lavasoft
2015-03-04 21:43 - 2015-03-02 18:02 - 00372248 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-03-04 21:43 - 2015-03-02 18:02 - 00325944 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-03-04 21:42 - 2015-03-04 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-03-04 21:42 - 2015-03-04 21:42 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-03-04 21:41 - 2015-03-04 21:41 - 08068400 _____ (Lavasoft) C:\Users\Victor\Downloads\WebCompanionInstaller.exe
2015-03-04 21:41 - 2015-03-04 21:41 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\Lavasoft
2015-03-04 20:29 - 2015-01-30 16:23 - 00017000 _____ () C:\Windows\system32\roboot64.exe
2015-03-04 20:28 - 2015-03-04 20:28 - 03577784 _____ (K9 Tools ) C:\Users\Victor\Downloads\setup.exe
2015-03-04 18:16 - 2015-03-04 18:16 - 16317304 _____ (SRecorder Company ) C:\Users\Victor\Downloads\srecorder.exe
2015-03-04 09:01 - 2015-03-04 08:58 - 00898472 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2015-03-04 09:01 - 2015-03-04 08:58 - 00818088 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2015-03-04 08:59 - 2015-03-04 08:59 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-01 23:39 - 2015-03-01 23:40 - 24143885 _____ () C:\Users\Victor\Downloads\asap__all_scissors_and_pain_1.mp4
2015-03-01 23:38 - 2015-03-01 23:38 - 24275505 _____ () C:\Users\Victor\Downloads\get_a_peek_of_my_scissors_bobby_9.mp4
2015-03-01 23:36 - 2015-03-01 23:36 - 24211001 _____ () C:\Users\Victor\Downloads\get_a_peek_of_my_scissors_bobby_5.mp4
2015-03-01 23:34 - 2015-03-01 23:34 - 24207925 _____ () C:\Users\Victor\Downloads\get_a_peek_of_my_scissors_bobby_1.mp4
2015-03-01 23:34 - 2015-03-01 23:34 - 24181379 _____ () C:\Users\Victor\Downloads\get_a_peek_of_my_scissors_bobby_10.mp4
2015-03-01 23:32 - 2015-03-01 23:32 - 12332507 _____ () C:\Users\Victor\Downloads\Get a Peek of My SCISSORS Bobby! Photogallery.zip
2015-03-01 23:28 - 2015-03-01 23:28 - 12095836 _____ () C:\Users\Victor\Downloads\ASAP - All Scissors And PAIN! Photogallery.zip
2015-03-01 21:28 - 2015-03-01 21:28 - 24249431 _____ () C:\Users\Victor\Downloads\asap__all_scissors_and_pain_6.mp4
2015-03-01 21:27 - 2015-03-01 21:27 - 24167022 _____ () C:\Users\Victor\Downloads\asap__all_scissors_and_pain_9.mp4
2015-03-01 21:26 - 2015-03-01 21:26 - 24301126 _____ () C:\Users\Victor\Downloads\asap__all_scissors_and_pain_5.mp4
2015-03-01 21:24 - 2015-03-01 21:24 - 24172523 _____ () C:\Users\Victor\Downloads\asap__all_scissors_and_pain_2.mp4
2015-02-26 00:57 - 2015-01-08 23:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 00:57 - 2015-01-08 23:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 00:13 - 2015-02-25 00:13 - 00000000 ____D () C:\Users\Victor\AppData\Local\{9CB97FF7-74E9-4762-A211-E63D38811B5E}
2015-02-23 18:24 - 2015-02-23 18:24 - 00000000 ____D () C:\Windows\System32\Tasks\Leader Technologies
2015-02-23 18:22 - 2015-02-23 18:22 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\Leadertech
2015-02-12 06:57 - 2015-01-23 04:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 06:57 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 06:57 - 2015-01-23 03:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 06:57 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 09:37 - 2015-02-04 03:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 09:37 - 2015-02-04 03:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 09:37 - 2015-02-04 03:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 09:37 - 2015-02-04 03:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 09:37 - 2015-02-04 03:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 09:37 - 2015-02-04 03:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 09:37 - 2015-02-04 03:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 09:37 - 2015-01-27 23:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 09:37 - 2015-01-10 06:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 09:37 - 2015-01-10 06:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 09:37 - 2015-01-10 06:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 09:37 - 2015-01-10 06:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 09:37 - 2015-01-10 06:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 09:37 - 2015-01-10 06:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 09:37 - 2015-01-10 06:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 09:37 - 2015-01-09 03:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-11 09:37 - 2015-01-09 03:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-11 09:37 - 2015-01-09 03:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-11 09:37 - 2015-01-09 02:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-11 09:36 - 2015-01-15 08:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 09:36 - 2015-01-15 08:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 09:36 - 2015-01-15 08:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 09:36 - 2015-01-15 08:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 09:36 - 2015-01-15 08:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 09:36 - 2015-01-15 08:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 09:36 - 2015-01-15 08:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 09:36 - 2015-01-15 08:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 09:36 - 2015-01-15 08:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 09:36 - 2015-01-15 08:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 09:36 - 2015-01-15 08:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 09:36 - 2015-01-15 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 09:36 - 2015-01-15 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 09:36 - 2015-01-15 07:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 09:36 - 2015-01-15 07:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 09:36 - 2015-01-15 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 09:36 - 2015-01-15 07:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 09:36 - 2015-01-15 04:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 09:36 - 2015-01-14 05:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 09:36 - 2015-01-14 05:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 09:36 - 2015-01-13 03:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 09:36 - 2015-01-13 02:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 09:36 - 2015-01-12 03:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 09:36 - 2015-01-12 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 09:36 - 2015-01-12 03:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 09:36 - 2015-01-12 02:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 09:36 - 2015-01-12 02:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 09:36 - 2015-01-12 02:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 09:36 - 2015-01-12 02:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 09:36 - 2015-01-12 02:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 09:36 - 2015-01-12 02:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 09:36 - 2015-01-12 02:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 09:36 - 2015-01-12 02:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 09:36 - 2015-01-12 02:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 09:36 - 2015-01-12 02:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 09:36 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 09:36 - 2015-01-12 02:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 09:36 - 2015-01-12 02:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 09:36 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 09:36 - 2015-01-12 02:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 09:36 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 09:36 - 2015-01-12 02:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 09:36 - 2015-01-12 02:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 09:36 - 2015-01-12 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 09:36 - 2015-01-12 02:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 09:36 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 09:36 - 2015-01-12 02:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 09:36 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 09:36 - 2015-01-12 02:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 09:36 - 2015-01-12 01:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 09:36 - 2015-01-12 01:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 09:36 - 2015-01-12 01:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 09:36 - 2015-01-12 01:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 09:36 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 09:36 - 2015-01-12 01:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 09:36 - 2015-01-12 01:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 09:36 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 09:36 - 2015-01-12 01:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 09:36 - 2015-01-12 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 09:36 - 2015-01-12 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 09:36 - 2015-01-12 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 09:36 - 2015-01-12 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 09:36 - 2015-01-12 01:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 09:36 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 09:36 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 09:36 - 2015-01-12 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 09:36 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 09:36 - 2015-01-12 01:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 09:36 - 2015-01-12 01:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 09:36 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 09:36 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 09:36 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 09:36 - 2014-12-12 05:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 09:36 - 2014-12-12 05:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 09:36 - 2014-11-26 03:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 09:36 - 2014-11-26 03:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 09:36 - 2014-10-04 02:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 09:36 - 2014-10-04 01:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 09:36 - 2014-10-04 01:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 09:36 - 2014-07-07 02:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 09:36 - 2014-07-07 02:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 09:36 - 2014-07-07 01:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 09:36 - 2014-07-07 01:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 09:35 - 2015-01-14 06:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 09:35 - 2015-01-14 06:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 09:35 - 2015-01-14 06:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 09:35 - 2015-01-14 06:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 09:35 - 2015-01-14 05:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 09:35 - 2015-01-14 05:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 09:35 - 2015-01-14 05:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 09:35 - 2015-01-09 02:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 09:35 - 2014-12-08 03:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 09:35 - 2014-12-08 02:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-06 15:09 - 2015-02-06 15:10 - 00222696 _____ (Deposit Files) C:\Users\Victor\Downloads\dfdownloader_Yzke8i_.exe
2015-02-06 15:06 - 2015-02-06 15:06 - 00222696 _____ (Deposit Files) C:\Users\Victor\Downloads\dfdownloader_KHSc0D_.exe
2015-02-06 15:05 - 2015-02-06 15:05 - 00222696 _____ (Deposit Files) C:\Users\Victor\Downloads\dfdownloader_9TtQmj_.exe
2015-02-06 15:02 - 2015-02-06 15:02 - 00001268 _____ () C:\Users\Public\Desktop\NCH Software.lnk
2015-02-06 15:02 - 2015-02-06 15:02 - 00001148 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip.lnk
2015-02-06 15:02 - 2015-02-06 15:02 - 00001136 _____ () C:\Users\Public\Desktop\Express Zip.lnk
2015-02-06 15:02 - 2015-02-06 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities
2015-02-05 11:41 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 21:27 - 2010-09-30 11:27 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-05 21:04 - 2012-04-04 08:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-05 20:49 - 2010-09-30 16:47 - 00024169 _____ () C:\Users\Victor\Documents\Shootdiscuss(1).xlsx
2015-03-05 20:36 - 2009-07-14 05:10 - 01418939 _____ () C:\Windows\WindowsUpdate.log
2015-03-05 20:25 - 2012-11-08 10:17 - 00111609 _____ () C:\Users\Victor\Documents\Activity.xlsx
2015-03-05 11:31 - 2009-07-14 04:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-05 11:31 - 2009-07-14 04:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-05 11:28 - 2014-12-01 18:23 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-05 11:20 - 2011-10-09 16:14 - 00000000 ___RD () C:\Users\Victor\Dropbox
2015-03-05 11:19 - 2011-10-09 16:12 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\Dropbox
2015-03-05 11:16 - 2012-06-19 14:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-05 11:14 - 2010-09-30 11:27 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-05 11:14 - 2010-09-30 07:06 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\WTablet
2015-03-05 11:14 - 2010-09-24 21:59 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-03-05 11:14 - 2010-09-24 21:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-03-05 11:14 - 2010-09-24 21:35 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-03-05 11:14 - 2010-09-24 21:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-05 11:13 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-05 11:13 - 2009-07-14 04:51 - 00150600 _____ () C:\Windows\setupact.log
2015-03-05 09:31 - 2015-01-08 23:36 - 00000000 ____D () C:\Users\Victor\AppData\Local\Pokki
2015-03-05 09:27 - 2010-09-25 06:25 - 00458842 _____ () C:\Windows\PFRO.log
2015-03-04 21:59 - 2010-09-25 07:07 - 00000000 ____D () C:\Windows\Panther
2015-03-04 21:41 - 2010-09-30 11:27 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-03-04 18:35 - 2012-03-22 15:13 - 00000000 ____D () C:\Frapscapture
2015-03-04 18:22 - 2010-09-29 15:16 - 00000000 ____D () C:\Users\Victor\Documents\My PSP8 Files
2015-03-04 18:21 - 2011-02-08 20:55 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\vlc
2015-03-04 18:18 - 2013-08-29 17:39 - 00000004 _____ () C:\END
2015-03-04 18:08 - 2010-09-30 15:23 - 00000000 ____D () C:\Fraps
2015-03-04 09:02 - 2013-11-06 09:43 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-04 09:01 - 2010-09-24 21:32 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-04 08:59 - 2010-09-24 21:33 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-03-04 08:59 - 2010-09-24 21:33 - 00207272 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-04 08:59 - 2010-09-24 21:33 - 00206760 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-04 08:59 - 2010-09-24 21:33 - 00000000 ____D () C:\Program Files\Java
2015-03-04 08:58 - 2014-10-29 08:48 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-04 06:04 - 2010-10-23 07:52 - 00000000 ____D () C:\WTablet
2015-03-02 22:41 - 2010-09-29 19:28 - 00000000 ____D () C:\Users\Victor\Documents\My PSP Files
2015-03-02 22:41 - 2010-09-29 19:28 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\Corel
2015-03-02 20:57 - 2010-09-30 11:27 - 00000000 ____D () C:\Users\Victor\AppData\Local\Google
2015-02-27 15:53 - 2014-03-06 19:19 - 00000000 ____D () C:\Users\Victor\AppData\Local\CrashDumps
2015-02-26 18:55 - 2015-02-01 00:17 - 00000000 ____D () C:\Users\Victor\Documents\SVV
2015-02-26 18:47 - 2014-01-01 15:31 - 00125703 _____ () C:\Users\Victor\Downloads\pspbrwse.jbf
2015-02-26 14:50 - 2009-07-14 05:13 - 00795794 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-26 07:11 - 2015-01-08 23:38 - 00002282 _____ () C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-20 11:29 - 2010-09-30 11:27 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-17 23:01 - 2014-04-13 17:15 - 00009994 _____ () C:\Users\Victor\Documents\Calendar.xlsx
2015-02-17 08:04 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2015-02-13 10:19 - 2010-09-24 21:46 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-02-13 10:05 - 2011-10-09 16:14 - 00001023 _____ () C:\Users\Victor\Desktop\Dropbox.lnk
2015-02-13 10:05 - 2011-10-09 16:12 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 14:39 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-12 06:41 - 2009-07-14 04:45 - 04795280 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 06:38 - 2014-12-11 09:57 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 06:38 - 2014-04-29 23:29 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 06:37 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\tracing
2015-02-12 00:28 - 2010-09-30 15:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-07 09:49 - 2009-07-14 05:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-06 15:08 - 2012-05-10 07:28 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2015-02-06 15:02 - 2012-05-10 07:28 - 00000000 ____D () C:\ProgramData\NCH Software
2015-02-06 15:02 - 2012-05-10 07:28 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2015-02-05 19:04 - 2012-04-04 08:50 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 19:04 - 2012-04-04 08:50 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 19:04 - 2011-06-29 09:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 11:42 - 2010-09-24 21:46 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-05 10:21 - 2010-09-30 11:27 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 10:21 - 2010-09-30 11:27 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 12:03 - 2010-10-25 10:07 - 00000000 ____D () C:\Users\Victor\AppData\Local\Windows Live

==================== Files in the root of some directories =======

2011-12-13 12:26 - 2011-12-13 12:26 - 0038435 _____ () C:\Users\Victor\AppData\Roaming\Comma Separated Values (Windows).ADR
2013-12-19 00:30 - 2014-12-01 11:35 - 0000179 _____ () C:\Users\Victor\AppData\Roaming\WB.CFG
2011-08-04 22:36 - 2011-12-29 10:53 - 0011776 _____ () C:\Users\Victor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-15 08:45 - 2010-10-15 08:45 - 0000094 _____ () C:\Users\Victor\AppData\Local\fusioncache.dat
2012-12-27 19:42 - 2012-12-27 19:42 - 0000000 _____ () C:\Users\Victor\AppData\Local\rx_image32.Cache
2015-03-05 11:14 - 2015-03-05 11:14 - 0000004 ____H () C:\ProgramData\cm-lock

Some content of TEMP:
====================
C:\Users\Victor\AppData\Local\Temp\-7scd7ah.dll
C:\Users\Victor\AppData\Local\Temp\5wvtqrxo.dll
C:\Users\Victor\AppData\Local\Temp\7livqevu.dll
C:\Users\Victor\AppData\Local\Temp\7_snrxkw.dll
C:\Users\Victor\AppData\Local\Temp\aacenc3.exe
C:\Users\Victor\AppData\Local\Temp\blnu8g1e.dll
C:\Users\Victor\AppData\Local\Temp\drm_dyndata_7340014.dll
C:\Users\Victor\AppData\Local\Temp\drm_dyndata_7380006.dll
C:\Users\Victor\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Victor\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcw71qn.dll
C:\Users\Victor\AppData\Local\Temp\ffmpeg19.exe
C:\Users\Victor\AppData\Local\Temp\hi5ybisq.dll
C:\Users\Victor\AppData\Local\Temp\htmlayout.dll
C:\Users\Victor\AppData\Local\Temp\ICReinstall_CodecPack.exe
C:\Users\Victor\AppData\Local\Temp\INST01.dll
C:\Users\Victor\AppData\Local\Temp\INST011.dll
C:\Users\Victor\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\Victor\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Victor\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Victor\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Victor\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Victor\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Victor\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Victor\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Victor\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Victor\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Victor\AppData\Local\Temp\kpqd5p9n.dll
C:\Users\Victor\AppData\Local\Temp\lowproc.exe
C:\Users\Victor\AppData\Local\Temp\Medal of Honor_uninst.exe
C:\Users\Victor\AppData\Local\Temp\mpegc.dll
C:\Users\Victor\AppData\Local\Temp\MSN3B07.exe
C:\Users\Victor\AppData\Local\Temp\oct52D.tmp.exe
C:\Users\Victor\AppData\Local\Temp\octA0EF.tmp.exe
C:\Users\Victor\AppData\Local\Temp\octFD31.tmp.exe
C:\Users\Victor\AppData\Local\Temp\ose00000.exe
C:\Users\Victor\AppData\Local\Temp\ose00001.exe
C:\Users\Victor\AppData\Local\Temp\poubbs1e.dll
C:\Users\Victor\AppData\Local\Temp\prismsetup.exe
C:\Users\Victor\AppData\Local\Temp\pswi_preloaded.exe
C:\Users\Victor\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Victor\AppData\Local\Temp\spkq6qac.dll
C:\Users\Victor\AppData\Local\Temp\SpOrder.dll
C:\Users\Victor\AppData\Local\Temp\Sqlite3.dll
C:\Users\Victor\AppData\Local\Temp\stubhelper.dll
C:\Users\Victor\AppData\Local\Temp\switchsetup.exe
C:\Users\Victor\AppData\Local\Temp\SymInstallStub.exe
C:\Users\Victor\AppData\Local\Temp\thjq7dko.dll
C:\Users\Victor\AppData\Local\Temp\tjngnzwi.dll
C:\Users\Victor\AppData\Local\Temp\tw7n6cxo.dll
C:\Users\Victor\AppData\Local\Temp\ugcigtrl.dll
C:\Users\Victor\AppData\Local\Temp\Uninstall.exe
C:\Users\Victor\AppData\Local\Temp\vw1ebatj.dll
C:\Users\Victor\AppData\Local\Temp\vzq3t44_.dll
C:\Users\Victor\AppData\Local\Temp\x264enc6.exe
C:\Users\Victor\AppData\Local\Temp\zbhlatkf.dll
C:\Users\Victor\AppData\Local\Temp\zipsetup.exe
C:\Users\Victor\AppData\Local\Temp\_is3E25.exe
C:\Users\Victor\AppData\Local\Temp\_nx3_okb.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-05 12:31

==================== End Of Log ============================

deeprybka · March 5, 2015

Hi,

Step 1

Scan with Malwarebytes Anti-Malware

Please open Malwarebytes Anti-Malware.
Please update the database by clicking on the "Update Now" button.
Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
Make sure "Scan for Rootkits" is checked.
Click on Dashboard [3], then click on Scan Now [4] to start the scan.
:exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]
A window with an option to view the detailed log will appear.

Click on "View detailed log".
After viewing the results, please click on the "Copy to Clipboard" button and then OK.
Return to our forum. Paste your log into your next reply.

Step 2

Please download AdwCleaner (by Xplode) and save it to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select "Run As Administrator"
Click on the Scan button.
After the scan has finished, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
After rebooting, a log file (that is saved in C:\AdwCleaner[s#].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.

Step 3

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)

Right-click on icon and select Run as Administrator to start the tool.
Wait patiently until the main console will appear, it may take a minute or two.

In the main box please paste in the following script:

iedefaults;emptyclsid;autoclean;systemspecs;startupall;filesrcm;

Make sure that Scan All Users option is checked.
Push Run Script and wait patiently. The scan may take a couple of minutes.
When the scan completes, a zoek-results logfile should open in notepad.
If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

vicxyz · March 5, 2015

^{Malwarebytes Anti-Malware
www.malwarebytes.org}

^{Scan Date: 05/03/2015
Scan Time: 22:38:11
Logfile:
Administrator: Yes}

^{Version: 2.00.4.1028
Malware Database: v2015.03.05.03
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled}

^{OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Victor}

^{Scan Type: Threat Scan
Result: Completed
Objects Scanned: 399017
Time Elapsed: 24 min, 21 sec}

^{Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled}

^{Processes: 0
(No malicious items detected)}

^{Modules: 0
(No malicious items detected)}

^{Registry Keys: 0
(No malicious items detected)}

^{Registry Values: 0
(No malicious items detected)}

^{Registry Data: 3
PUP.Optional.SafeSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.safesearch.net/?p=h&m=ie&c=wi&s=wi, Good: (www.google.com), Bad: (http://www.safesearch.net/?p=h&m=ie&c=wi&s=wi),Delete-on-Reboot,[d4d500222961c76fbf888b4501048779]
PUP.Optional.SafeSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.safesearch.net/?p=h&m=ie&c=wi&s=wi, Good: (www.google.com), Bad: (http://www.safesearch.net/?p=h&m=ie&c=wi&s=wi),Delete-on-Reboot,[347582a0b1d99c9a67190dcf12f3c43c]
PUP.Optional.SafeSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.safesearch.net/?p=h&m=ie&c=na&s=na, Good: (www.google.com), Bad: (http://www.safesearch.net/?p=h&m=ie&c=na&s=na),Delete-on-Reboot,[adfcc16121692b0bfb8529b3d233b34d]}

^{Folders: 3
PUP.Optional.DealPly.A, C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi, Delete-on-Reboot, [90190e1401892511f1c2cd9d966da15f],
PUP.Optional.DealPly.A, C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi\4.1.0.9_0, Delete-on-Reboot, [90190e1401892511f1c2cd9d966da15f],
PUP.Optional.DealPly.A, C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi\4.1.0.9_0\_metadata, Delete-on-Reboot, [90190e1401892511f1c2cd9d966da15f],}

^{Files: 3
PUP.Optional.DealPly.A, C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi\4.1.0.9_0\_metadata\computed_hashes.json, Delete-on-Reboot, [90190e1401892511f1c2cd9d966da15f],
PUP.Optional.DealPly.A, C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi\4.1.0.9_0\_metadata\verified_contents.json, Delete-on-Reboot, [90190e1401892511f1c2cd9d966da15f],
PUP.Optional.SafeSearch.A, C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "new_tab_url": "http://www.safesearch.net/?p=t",), Replaced,[7930bb6725657bbb943fb75f0600cd33]}

^{Physical Sectors: 0
(No malicious items detected)}

^(end)

vicxyz · March 5, 2015

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupon Printer
Folder Deleted : C:\Program Files (x86)\Coupon Printer
Folder Deleted : C:\Users\Victor\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Victor\AppData\Local\Temp\mt_ffx
Folder Deleted : C:\Users\Victor\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
File Deleted : C:\END
File Deleted : C:\Users\Victor\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Windows\System32\roboot64.exe

***** [ Scheduled tasks ] *****

Task Deleted : DealPlyUpdate
Task Deleted : avayvaxvaa

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKCU\Software\MozillaPlugins\pokki.com/PokkiDownloadHelper
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4A8BDA0A-EBEE-4CF5-82A7-A089BF8BF966}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BA1BE292-1D15-488B-934D-008742212380}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\SPPDCOM
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer2.2.0.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2D81E70-2A98-4A08-A628-94388B063C5E}
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631

-\\ Google Chrome v40.0.2214.115

*************************

AdwCleaner[R0].txt - [6989 bytes] - [05/03/2015 23:15:25]
AdwCleaner[s0].txt - [6246 bytes] - [05/03/2015 23:19:14]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6305 bytes] ##########

vicxyz · March 6, 2015

Zoek.exe v5.0.0.0 Updated 05-March-2015
Tool run by Victor on 05/03/2015 at 23:41:25.76.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7ZK92ZGU\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

05/03/2015 23:52:20 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~3\OptiTex deleted successfully
C:\PROGRA~3\PCDr deleted successfully
C:\Users\Victor\AppData\Roaming\CheckPoint deleted successfully
C:\Users\Victor\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Victor\AppData\Local\DataSafeOnline deleted successfully
C:\Users\Victor\AppData\Local\PACE Anti-Piracy deleted successfully
C:\Users\Victor\AppData\Local\sIupgNEM deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3304660120-434486148-2028904278-1001\Software\Microsoft\Internet Explorer\SearchScopes\{35E8663E-16D7-44AB-B47B-29A3E5A2F2A9} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3304660120-434486148-2028904278-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SearchProtectionService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SearchProtectionService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LavasoftTcpService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LavasoftTcpService deleted successfully

==== Batch Command(s) Run By Tool======================

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Mozilla Firefox\searchplugins\safesearch.xml deleted
C:\PROGRA~2\NCH Software\Components\NCHToolbars deleted
C:\prefs.js deleted
C:\Users\Victor\AppData\Roaming\WB.CFG deleted
C:\Users\Victor\AppData\Roaming\GetRightToGo deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Victor\AppData\Local\Lavasoft\WebCompanion.exe_Url_siq0lwf3tzgxp2khfkllybk3idtbehng deleted
C:\Users\Victor\AppData\Local\Pokki deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lavasoft\WebCompanion deleted
C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted
C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb deleted
C:\windows\SysNative\drivers\SPPD.sys deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Victor\Documents\Add-in Express deleted
C:\Users\Public\Desktop\YouTube Downloader.lnk deleted
C:\Users\Victor\Desktop\Continue Codec Pack Installation.lnk deleted
"C:\Windows\Installer\35bccb7.msi" deleted
"C:\ProgramData\cm-lock" not deleted
"C:\Windows\SysWOW64\LavasoftTcpService.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\ICSharpCode.SharpZipLib.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Interop.LavasoftTcpServiceLib.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\log4net.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\Newtonsoft.Json.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\System.Data.SQLite.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\WebCompanion.exe" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\en-US\WebCompanion.resources.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\x86\SQLite.Interop.dll" deleted
"C:\PROGRA~2\Lavasoft\Web Companion" deleted
"C:\PROGRA~3\Lavasoft\Web Companion" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\en-US" deleted
"C:\PROGRA~2\Lavasoft\Web Companion\Application\x86" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8152 MB
CPU Info: Intel® Core i7 CPU 860 @ 2.80GHz
CPU Speed: 2855.0 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek Digital Output (Realtek |
Display Adapters: NVIDIA GeForce GTX 460 | NVIDIA GeForce GTX 460 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Broadcom NetLink Gigabit Ethernet
CD / DVD Drives: 1x (D: | ) D: Optiarc DVD RW AD-7280S
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 920.5GB | I: 1863.0GB | J: 465.8GB
Hard Disks - Free: C: 86.8GB | I: 1699.0GB | J: 114.8GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE | 08/16/32 | DELL - 20100510
Time Zone: GMT Standard Time
Motherboard *: Dell Inc. 0G3HR7
Country: United Kingdom
Language: ENG

==== System Specs (Software) ======================

Anti-Virus: McAfee Anti-Virus and Anti-Spyware On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: McAfee Anti-Virus and Anti-Spyware disabled (Outdated)
Firewall: McAfee Firewall disabled
Internet Explorer Version: 11.0.9600.17633
Google Chrome version: 40.0.2214.115
Adobe Reader version: 11.0.10.32
Sun Java version: 1.8.0_40 (32-bit)
Sun Java version: 1.8.0_40 (64-bit)
Flash Player version: 16.0.0.305

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Victor\AppData\Local\Temp ====
2015-03-05 23:25:37 057631047016A448B842B96E872B132B 43008 ----a-w- C:\Users\Victor\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt28vks.dll
2015-03-04 21:43:40 A082E5473B2A9A4D846ED7DDF637AC76 8704 ----a-w- C:\Users\Victor\AppData\Local\Temp\SpOrder.dll
2015-02-25 22:27:05 C3A44ECD55F9404CBC1620478E0FECA7 135518328 ----a-w- C:\Users\Victor\AppData\Local\Temp\octFD31.tmp.exe
2015-02-24 18:32:43 55FD284EE60759524338C42DD1F3573A 561576 ----a-w- C:\Users\Victor\AppData\Local\Temp\jre-8u40-windows-au.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-03-04 21:43:37 28D27D376E459218CA3EBE62D6680198 325944 ----a-w- C:\Windows\SysWOW64\Lavasearch
2015-03-04 09:01:39 F47B4F0D0DF0C28759B60CF0B0090A11 898472 ----a-w- C:\Windows\SysWOW64\npdeployJava1.dll
2015-03-04 09:01:39 7BD5D5254C02219AD8D6793A07380155 818088 ----a-w- C:\Windows\SysWOW64\deployJava1.dll
2015-02-26 00:57:58 3B9E2AB1F3ABC53D4A423E699EB625C8 419936 ----a-w- C:\Windows\SysWOW64\locale.nls
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-03-04 21:43:40 651032087C83FAD1F492C07E25DF455B 372248 ----a-w- C:\Windows\Sysnative\LavasoftTcpService64.dll
2015-03-04 08:59:48 76B4EA918E02629EF02F57672A2776C2 111016 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll
2015-02-26 00:57:58 3B9E2AB1F3ABC53D4A423E699EB625C8 419936 ----a-w- C:\Windows\Sysnative\locale.nls
====== C:\Windows\Sysnative\drivers =====
2015-02-11 09:36:33 E45CDE1C8340DFEDF1D6724263F39E5B 458824 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2015-02-11 09:36:32 C60C6B9A2E50B0404F6789C62B428C03 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2015-02-11 09:36:32 78D152A9FD5747FF6AA89C79F0346F62 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-02-05 11:41:45 29F981739E50305128022CBE10B3659C 197704 ----a-w- C:\Windows\Sysnative\drivers\HipShieldK.sys
====== C:\Windows\Tasks ======
2015-03-05 10:31:05 55F791C73BFD5FB5AAFCAD40098059FF 3208 ----a-w- C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3304660120-434486148-2028904278-1001
2015-03-05 10:31:01 6226EEDB8BE6D03DD27FE9E9C3C97F22 3340 ----a-w- C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001
2015-02-23 18:24:21 -------- d-----w- C:\Windows\Sysnative\Tasks\Leader Technologies
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-03-04 21:42:40 -------- d-----w- C:\PROGRA~2\Lavasoft
2015-03-04 08:59:52 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Victor\AppData\Roaming ======
2015-03-05 09:34:52 -------- d-----w- C:\Users\Victor\AppData\Local\Steam
2015-03-04 21:44:29 -------- d-----w- C:\Users\Victor\AppData\Local\Lavasoft
2015-03-04 21:41:27 -------- d-----w- C:\Users\Victor\AppData\Roaming\Lavasoft
2015-02-23 18:22:42 -------- d-----w- C:\Users\Victor\AppData\Roaming\Leadertech
====== C:\Users\Victor ======
2015-03-05 23:21:48 2FE5A27CDE066C0B65ACB8F2C1717464 4 ----a-w- C:\ProgramData\cm-lock
2015-03-05 21:34:57 DB067FDB6AD6DAC38B7A69B282593D54 2092544 ----a-w- C:\Users\Victor\Downloads\FRST64.exe
2015-03-04 21:42:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-03-04 21:41:17 C9F9A703402B26FFBEC6A1926D32D13C 8068400 ----a-w- C:\Users\Victor\Downloads\WebCompanionInstaller.exe
2015-03-04 20:28:31 1D09A1362F5BCE50F7E0A6EC1D169668 3577784 ----a-w- C:\Users\Victor\Downloads\setup.exe
2015-03-04 18:16:39 9DD614E483E8D09C318EA86D7917D15F 16317304 ----a-w- C:\Users\Victor\Downloads\srecorder.exe
2015-02-06 15:02:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities

====== C: exe-files ==
2015-03-04 08:59:20 F29CA354D6E309EE48820168C2283D0D 197544 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\unpack200.exe
2015-03-04 08:59:20 E89BBD1512A51613550136EF833B2E16 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\klist.exe
2015-03-04 08:59:20 DB7F7542B7AE6F51C14FB3DB1F0BC09E 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\tnameserv.exe
2015-03-04 08:59:20 D5F7A1FF7B6205A018427AD2B2EF37C4 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\keytool.exe
2015-03-04 08:59:20 C3A19A1D2EA810A67E7038DC35CEBEB0 15784 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\java-rmi.exe
2015-03-04 08:59:20 C10B23D45949634BB5B203F5B76C3B17 206760 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\java.exe
2015-03-04 08:59:20 BF3CA14817AE2C5609F0177C169C4688 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\pack200.exe
2015-03-04 08:59:20 BC69789A18C4450C0701C62E9F1BD2F5 66472 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\ssvagent.exe
2015-03-04 08:59:20 A434996DEB3A419F4F0880BE8193AE6D 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\kinit.exe
2015-03-04 08:59:20 8CD76D429A03BB2F4CCC47B2777D8240 15784 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\jjs.exe
2015-03-04 08:59:20 885B022B51C792CE0BE4626ED8F69653 77224 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\javacpl.exe
2015-03-04 08:59:20 87772AAA7D9E4DC5185FFFFF1D66AAC1 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\ktab.exe
2015-03-04 08:59:20 83492C6B3CE1B24D99DF58F423578C04 16808 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\rmiregistry.exe
2015-03-04 08:59:20 7571F354DC6266AE3F641A0FC810A370 99752 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\jp2launcher.exe
2015-03-04 08:59:20 6364CCE37B5B48ED516E833124147D7A 319912 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\javaws.exe
2015-03-04 08:59:20 5EAC3F56872C6828B49951EBAB7BF4CD 16296 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\orbd.exe
2015-03-04 08:59:20 51486673818C862FB955A37BEA75C7DC 16808 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\policytool.exe
2015-03-04 08:59:20 491069DBCB825D2E585D0D8536F8F7AF 34216 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\jabswitch.exe
2015-03-04 08:59:20 47F35CAD3B7DA73DD6033950F0B018A2 16808 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\servertool.exe
2015-03-04 08:59:20 47179F241C883785191F856A7772E320 15784 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\rmid.exe
2015-03-04 08:59:20 250C7E62532CE498564C4AF2739158B0 207272 ----a-w- C:\Program Files\Java\jre1.8.0_40\bin\javaw.exe
2015-03-04 08:58:45 C10B23D45949634BB5B203F5B76C3B17 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe
2015-03-04 08:58:45 6364CCE37B5B48ED516E833124147D7A 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-03-04 08:58:45 250C7E62532CE498564C4AF2739158B0 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-03-04 08:58:37 F340F09E5124455FA81AB8EFE04DCCC3 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\policytool.exe
2015-03-04 08:58:37 EF59DABB7C9789B9335841A595748C0B 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmiregistry.exe
2015-03-04 08:58:37 E57ED773B6CB41DE8225A10AFE149510 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jjs.exe
2015-03-04 08:58:37 E2E61790688574F5F058AD01145E0473 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmid.exe
2015-03-04 08:58:37 CE2F700CA51229054C9A03D96646DE51 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssvagent.exe
2015-03-04 08:58:37 CBE5D74B4ECC80BF2C792C18CCEA92BF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\java-rmi.exe
2015-03-04 08:58:37 C96C6041829212284EFB5A85B08B1536 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\servertool.exe
2015-03-04 08:58:37 C731C96456335BDAA2F58220AE25A202 191400 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaw.exe
2015-03-04 08:58:37 C126BE266A4D76737EEDD0CFB436D7E3 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\keytool.exe
2015-03-04 08:58:37 B189CEE3C0CB5C9EABBF70329E0F4195 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe
2015-03-04 08:58:37 9DAEE38424615751379400964713D6D7 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaws.exe
2015-03-04 08:58:37 9A97AB583FB5BD6FFFCE8C47E6DCCA62 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jabswitch.exe
2015-03-04 08:58:37 8C71D92983B9BBB5B8D823D8C0FDD129 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\klist.exe
2015-03-04 08:58:37 879578D2FAE8E10DBE30FD0B829313DE 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\ktab.exe
2015-03-04 08:58:37 6F4EB294ACF731771AFE3EF6F7EE812D 190888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\java.exe
2015-03-04 08:58:37 5D5801D096F9F362F442673632013727 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\tnameserv.exe
2015-03-04 08:58:37 5BF6CD8A5984AA5F2607364B5BEBBA11 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\orbd.exe
2015-03-04 08:58:37 32F50E7E4D45A38E60EA7D6D701A08C9 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\unpack200.exe
2015-03-04 08:58:37 30791C426723A4D76ADE3EF276F3F9FC 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\kinit.exe
2015-03-04 08:58:37 228AAF84B541C80BCFE7C1EE57502B61 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\pack200.exe
2015-03-04 08:58:37 113298AC181C026AB425E38CB7F963A3 76712 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2launcher.exe
2015-03-02 20:27:51 78206B34BD050DB564BF5B4B8C697925 1617224 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\SearchWithGoogleUpdate_6F4EEAE8D7FCDAD8.exe
2015-03-02 20:27:48 327C893AA5966AC436CA275F8D64C8C0 1072072 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_BA9226F4C70BECC2.exe
2015-03-02 20:26:59 D15EE16B871FE911D8D7C91FD5F57EBA 532312 ----a-w- C:\Program Files (x86)\Google\Update\Install\{E3EA665C-D160-4B30-A577-00A680FAFEA8}\GoogleToolbarInstaller_updater_signed.exe
2015-03-02 20:26:59 D15EE16B871FE911D8D7C91FD5F57EBA 532312 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.6227.252\GoogleToolbarInstaller_updater_signed.exe
=== C: other files ==
2015-03-04 08:59:20 9C585B18B266B9471AC39BC5F688D761 14130 ----a-w- C:\Program Files\Java\jre1.8.0_40\lib\deploy\ffjcext.zip
2015-03-04 08:58:37 0A513FB75ADF2580D0F0D55D0A245C4F 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\lib\deploy\ffjcext.zip
2015-03-01 23:32:25 57D7C59FED79810522BAA34C948FD9D3 12332507 ----a-w- C:\Users\Victor\Downloads\Get a Peek of My SCISSORS Bobby! Photogallery.zip
2015-03-01 23:28:47 E1FE3DC8F6EEB01F5604AC5BFD7B08EE 12095836 ----a-w- C:\Users\Victor\Downloads\ASAP - All Scissors And PAIN! Photogallery.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3304660120-434486148-2028904278-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo R800"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATI8JA.EXE /FU C:\Windows\TEMP\E_SD75F.tmp /EF HKCU"
"Comrade.exe"="C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe"
"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Web Companion"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
"ShwiconXP9106"="C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe"
"Dell DataSafe Online"="C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe /m"
"THX Audio Control Panel"="C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe /r"
"UpdReg"="C:\Windows\UpdReg.EXE"
"DellSupportCenter"="C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter"
"CorelDRAW Graphics Suite 11b"="C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title=CorelDRAW Graphics Suite 12 /date=101510 serial=DR12WEX-1504397-KTY lang=EN"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"SSBkgdUpdate"="C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot"
"OpwareSE4"="C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"UVS10 Preload"="C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe"
"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
"DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"
"mcpltui_exe"="C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe /platui /runkey"
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe -osboot"
"RealDownloader"="C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe"
"BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo R800"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATI8JA.EXE /FU C:\Windows\TEMP\E_SD75F.tmp /EF HKCU"
"Comrade.exe"="C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe"
"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Web Companion"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RunDLLEntry_THXCfg"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64"
"RunDLLEntry_EptMon"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64"

==== Startup Folders ======================

2010-09-24 21:51:43 2000 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
2010-09-24 21:51:43 2000 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
2010-09-29 14:31:54 1980 ----a-w- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
2011-10-09 16:12:56 1141 ----a-w- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2010-09-30 15:36:41 1308 ----a-w- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
2014-11-01 12:57:08 2209 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk
2013-05-15 11:21:32 2172 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk
2014-11-20 10:50:20 1250 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05/02/2015 19:04]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Ad-Aware Update (Weekly)" [C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe]
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\RealDownloader Update Check" [C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe]
"C:\Windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3304660120-434486148-2028904278-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3304660120-434486148-2028904278-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3304660120-434486148-2028904278-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\SafeSearchUpdate" [C:\Program Files\SafeSearch\1_4\se.exe]
"C:\Windows\SysNative\tasks\SafeSearchVerify" [C:\Program Files\SafeSearch\1_4\se.exe]
"C:\Windows\SysNative\tasks\{53C58DCD-6D59-4020-89EF-B3873135A463}" [C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe]
"C:\Windows\SysNative\tasks\{5731ED2D-CE4C-47FF-9756-7728DC46D608}" [C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelDRW.exe]
"C:\Windows\SysNative\tasks\{5DC1A093-8338-4C12-8AFB-06A0F88D6CD7}" [C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe]
"C:\Windows\SysNative\tasks\{759BDA0A-EE45-4BDC-8344-2B38E1848EF8}" [C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe]
"C:\Windows\SysNative\tasks\{8D0D6A6D-D270-4BA3-965E-E4F11C65F30F}" [C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe]
"C:\Windows\SysNative\tasks\{B35431C7-8373-4F60-B67F-EAE6195BBB9E}" [D:\run.exe]
"C:\Windows\SysNative\tasks\{B43F8CE8-1310-4B65-8BF8-697B45D6875C}" [C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe]
"C:\Windows\SysNative\tasks\{D02A3EC3-07CB-4097-9CA8-C6FF31FF2D1E}" [D:\run.exe]
"C:\Windows\SysNative\tasks\{E95BA6E9-5F86-4F70-83A4-18E4B4AE2CB2}" [C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe]
"C:\Windows\SysNative\tasks\{F14D4E07-7B09-4732-BF83-EEF7F46D4D5E}" [D:\run.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{338950EA-82DB-44C1-930D-0C28E023C9F0}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [20/11/2014 10:51]

==== Chromium Look ======================

Google Chrome Version: 40.0.2214.115 (Possible outdated, latest Stable version: 41.0.2272.76)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[26/07/2013 14:31]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.safesearch.net/?p=h&m=ie&c=na&s=na"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.safesearch.net/?p=h&m=ie&c=na&s=na"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{BA1BE292-1D15-488B-934D-008742212380}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{685CF95A-35E7-42C3-B685-E1A64BB80C4E} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url="Not_Found"
{85A60A59-D3D8-468F-B598-FB4393789EF4} Google Url="https://www.google.com/search?q={searchTerms}"
{BA1BE292-1D15-488B-934D-008742212380} Unknown Url="Not_Found"
{E1DBD288-C4FB-4562-96C1-FC86C015EDB2} Unknown Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3304660120-434486148-2028904278-1001\Software\Microsoft\Internet Explorer\SearchScopes\{685CF95A-35E7-42C3-B685-E1A64BB80C4E} deleted successfully
HKEY_USERS\S-1-5-21-3304660120-434486148-2028904278-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully
HKEY_USERS\S-1-5-21-3304660120-434486148-2028904278-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BA1BE292-1D15-488B-934D-008742212380} deleted successfully
HKEY_USERS\S-1-5-21-3304660120-434486148-2028904278-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E1DBD288-C4FB-4562-96C1-FC86C015EDB2} deleted successfully
HKEY_USERS\S-1-5-21-3304660120-434486148-2028904278-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4eb3fc20-7158-4dd5-a08e-707541e9341c} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F87B57BAAFFC72048ACD4953F7F277EE deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AB75B78F-CFFA-4027-A8DC-94357F2F77EE} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AB75B78F-CFFA-4027-A8DC-94357F2F77EE}_WebCompanion deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F87B57BAAFFC72048ACD4953F7F277EE deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Victor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Victor\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7ZK92ZGU will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4182 folders=135 330798417 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Victor\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Victor\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\cm-lock" not deleted
"C:\Users\Victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7ZK92ZGU" not found

==== EOF on 06/03/2015 at 0:33:09.37 ======================

deeprybka · March 6, 2015

Hi,

Step 1

Please downloadOnline Scanner and save it to your Desktop.

Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
Start with administartor privileges.
Select the option Yes, I accept the Terms of Use and click on Start.
Choose the following settings:

Click on Start. The virus signature database will begin to download. This may take some time.
When completed the Online Scan will begin automatically.
Note: This scan might take a long time! Please be patient.
When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
Now click on Finish
A log fileis created at
Copy and paste the content of this log file in your next reply.

Note: Do not forget to re-enable your antivirus application after running the above scan!

Step 2

Start FRST with administator privileges.

Make sure the following option is checked:
Press the Scan button.
When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
Please copy and paste these logs in your next reply.

Can you please tell me which problems still persist now?

How is the computer running

vicxyz · March 6, 2015

C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir a variant of Win64/Systweak.A potentially unwanted application
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Program Files (x86)\NCH Software\Debut\debut.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\Debut\debutsetup_v1.64.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\Debut\uninst.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\ExpressZip\expresszipsetup_v2.28.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\Prism\prism.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\Prism\prismsetup_v2.18.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\Switch\switch.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\Switch\switchsetup_v4.47.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Users\Victor\Comics\PRIORITY\TVCentury21\installer_cdisplay_English.exe Win32/Toggle potentially unwanted application
C:\Users\Victor\Downloads\cbsidlm-tr1_13-Free_MTS_Converter-ORG-75735048 (1).exe Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Victor\Downloads\cbsidlm-tr1_13-Free_MTS_Converter-ORG-75735048.exe Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Victor\Downloads\CodecPack.exe Win32/InstallCore.BN potentially unwanted application
C:\Users\Victor\Downloads\dfdownloader_9TtQmj_.exe a variant of Win32/DepoDownloader.A potentially unwanted application
C:\Users\Victor\Downloads\dfdownloader_KHSc0D_.exe a variant of Win32/DepoDownloader.A potentially unwanted application
C:\Users\Victor\Downloads\dfdownloader_Yzke8i_.exe a variant of Win32/DepoDownloader.A potentially unwanted application
C:\Users\Victor\Downloads\setup.exe Win32/Systweak.K potentially unwanted application
C:\Users\Victor\Downloads\srecorder.exe Win32/Somoto.Q potentially unwanted application
C:\Users\Victor\Downloads\vlcmediaplayer-setup.exe Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Victor\New folder\YouTubeDownloaderSetup27.exe a variant of Win32/Toolbar.Widgi potentially unwanted application
C:\zoek_backup\C_PROGRA~2_NCH Software_Components_NCHToolbars\ask.com\ApnStub.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
I:\Comics\PRIORITY\TVCentury21\installer_cdisplay_English.exe Win32/Toggle potentially unwanted application
I:\lorian\Music\Diana Vickers - Man In The Mirror.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan
J:\$RECYCLE.BIN\S-1-5-21-4116563069-2793408434-1502969175-1000\$RI69G80\Diana Vickers - Man In The Mirror.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan
J:\lorian\Music\Diana Vickers - Man In The Mirror.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan

deeprybka · March 6, 2015

Please try to post the ESET log as instructed.

vicxyz · March 6, 2015

the above was the only info that could be copied, there is not log file at the ESET directory

deeprybka · March 6, 2015

Step 1

Start FRST with Administrator privileges.
Write the following text into the Search textbox:

log.txt

Click on the Search Files button.
When finished, a log file (Search.txt) pops up and is saved to the same location the tool was run from.
Please copy and paste its contents in your next reply.

vicxyz · March 6, 2015

should I run the FRST or try again with ESET ?

deeprybka · March 6, 2015

Search with FRST please.

vicxyz · March 6, 2015

Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by Victor at 2015-03-06 18:19:18
Running from C:\Users\Victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IUZJR6Q0
Boot Mode: Normal

================== Search Files: "log.txt" =============

C:\Users\Victor\AppData\Roaming\DAZ 3D\Studio3\log.txt
[2011-02-28 21:38][2011-02-28 22:20] 0038497 ____A () 54C0B4085331378CA880873879541D62

C:\Users\Victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData\McAfee\SiteAdvisorSiteAdvisor\mcbrwctl.dll\mcbrwctl.dll\log.txt
[2014-12-08 14:14][2015-03-04 21:39] 0001396 ____A () 56B49E3A4BD6C4E49C34085229A5D382

C:\Users\Victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData\McAfee\SiteAdvisor\mcbrwctl.dll\log.txt
[2013-07-01 07:57][2015-03-06 18:17] 3913850 ____A () 2C3A860CF5579DBC111474F79938829B

C:\Users\Victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData\McAfee\IEXPLORE.EXE\log.txt
[2014-05-18 14:09][2015-03-06 18:18] 10488860 ____A () 73536C2DC5146B6F968C6D0F370FC778

C:\ProgramData\McAfee\SiteAdvisor\saupkeep.dll\log.txt
[2013-06-27 07:54][2015-03-06 18:21] 2318104 ____A () E29B87C773E4E9CEEBB9C94093271ED9

C:\ProgramData\McAfee\SiteAdvisor\saUpd.exe\log.txt
[2012-07-21 08:56][2015-03-06 17:15] 0784935 ____A () 704B32DCEC0F6611D79E8E868E278FAE

C:\ProgramData\McAfee\SiteAdvisor\saui.exe\log.txt
[2013-10-17 14:07][2015-03-06 09:33] 0626962 ____A () 9B2B1CF1E04BBA4D09971FCA048A5B86

C:\ProgramData\McAfee\SiteAdvisor\sasshmod.dll\log.txt
[2011-12-14 13:08][2015-03-06 18:21] 5859154 ____A () A264C74FDFFF5A7DF39E72836DC4E921

C:\ProgramData\McAfee\SiteAdvisor\saInst.exe\log.txt
[2013-09-23 23:02][2013-09-23 23:02] 0003035 ____A () 3C91952F7C95B098A726C298F709BC8B

C:\ProgramData\McAfee\SiteAdvisor\mcsacore.exe\log.txt
[2012-01-03 14:53][2014-11-20 10:23] 0002147 ____A () E2FD5D381790938EDAC46D57089CCEF7

C:\ProgramData\McAfee\SiteAdvisor\mcbrwctl.dll\log.txt
[2014-02-13 00:07][2015-02-13 20:23] 0845740 ____A () EA435042512285B5A719AE29BAB3CA84

====== End Of Search ======

deeprybka · March 6, 2015

OK. Please proceed in this way:

Step 1

Start FRST with administator privileges.

Make sure the following option is checked:
Press the Scan button.
When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
Please copy and paste these logs in your next reply.

Can you please tell me which problems still persist now?
How is the computer running

vicxyz · March 6, 2015

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by Victor (administrator) on DADS-PC on 06-03-2015 18:33:53
Running from C:\Users\Victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJX53QQ6
Loaded Profiles: Victor (Available profiles: Victor)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Avid) C:\Program Files (x86)\Avid\Mbox\AudioDevMon.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(RealNetworks, Inc.) C:\Program Files (x86)\real\realplayer\RPDS\Bin64\rpsystray.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Dropbox, Inc.) C:\Users\Victor\AppData\Roaming\Dropbox\bin\Dropbox.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files (x86)\real\realplayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.3.336.0\McCSPServiceHost.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-07] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [shwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2009-07-17] (Alcor Micro Corp.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] ()
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [updReg] => C:\Windows\UpdReg.EXE [90112 2000-05-10] (Creative Technology Ltd.)
HKLM-x32\...\Run: [DellSupportCenter] => C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe [729088 2003-11-25] (Corel Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-09-08] (Apple Inc.)
HKLM-x32\...\Run: [sSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160 2010-09-24] (Apple Inc.)
HKLM-x32\...\Run: [uVS10 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [533872 2014-10-06] (McAfee, Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [651832 2011-08-24] (Sony Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-11-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [560192 2014-10-29] ()
HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-12-12] (BlueStack Systems, Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2011-10-11] (Dell)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Run: [EPSON Stylus Photo R800] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATI8JA.EXE [211968 2007-01-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Run: [Comrade.exe] => C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe [1204640 2011-03-17] (IGN Entertainment Inc.)
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\Steam.exe [2874048 2015-02-18] (Valve Corporation)
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-10-01] (Google Inc.)
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\MountPoints2: {566ce0c6-fc4f-11df-9978-842b2b9a54b4} - J:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk
ShortcutTarget: HD Writer.lnk -> C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\real\realplayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.safesearch.net/?p=h&m=ie&c=wi&s=wi
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.safesearch.net/?p=h&m=ie&c=na&s=na
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.safesearch.net/?p=h&m=ie&c=wi&s=wi
SearchScopes: HKLM -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL =
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL =
SearchScopes: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3304660120-434486148-2028904278-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} https://register.btinternet.com/templates/btwebcontrol028.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @comrade.gamespy.com/comrade -> C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-20]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-29]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-19]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-12-12] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-12-12] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [786136 2014-12-12] (BlueStack Systems, Inc.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-10-06] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2014-12-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2010-12-29] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-20] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 SessionLauncher; c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-12-12] (BlueStack Systems)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R2 fp; C:\Windows\System32\DRIVERS\fp.sys [19152 2014-12-27] (Windows ® Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25720 2010-09-30] ()
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69152 2010-08-12] (Lavasoft AB)
S3 MBOX; C:\Windows\System32\DRIVERS\AvidMbox.sys [464616 2014-08-18] (Avid)
S3 MBOXDFU; C:\Windows\System32\DRIVERS\AvidMbox_DFU.sys [31464 2014-08-18] (Avid)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [65520 2009-06-26] (Sonic Solutions)
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek)
S2 BrPar; \SystemRoot\System32\drivers\BrPar.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-06 11:27 - 2015-03-06 11:27 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-06 09:22 - 2015-03-06 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-03-06 09:15 - 2015-03-06 09:16 - 00000004 ____H () C:\ProgramData\cm-lock
2015-03-06 00:33 - 2015-03-06 00:33 - 00000000 ____D () C:\Users\Victor\AppData\Local\DataSafeOnline
2015-03-06 00:22 - 2015-03-05 23:37 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-03-05 23:51 - 2015-03-06 00:33 - 00033556 _____ () C:\zoek-results.log
2015-03-05 23:37 - 2015-03-06 00:07 - 00000000 ____D () C:\zoek_backup
2015-03-05 23:14 - 2015-03-05 23:19 - 00000000 ____D () C:\AdwCleaner
2015-03-05 21:37 - 2015-03-05 21:38 - 00048597 _____ () C:\Users\Victor\Downloads\Addition.txt
2015-03-05 21:35 - 2015-03-06 18:33 - 00000000 ____D () C:\FRST
2015-03-05 21:35 - 2015-03-05 21:38 - 00066309 _____ () C:\Users\Victor\Downloads\FRST.txt
2015-03-05 21:34 - 2015-03-05 21:35 - 02092544 _____ (Farbar) C:\Users\Victor\Downloads\FRST64.exe
2015-03-05 10:31 - 2015-03-06 00:25 - 00003208 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3304660120-434486148-2028904278-1001
2015-03-05 10:31 - 2015-03-06 00:24 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001
2015-03-05 09:34 - 2015-03-05 09:34 - 00000000 ____D () C:\Users\Victor\AppData\Local\Steam
2015-03-04 21:45 - 2015-03-05 11:30 - 00000000 ____D () C:\searchplugins
2015-03-04 21:44 - 2015-03-06 00:07 - 00000000 ____D () C:\Users\Victor\AppData\Local\Lavasoft
2015-03-04 21:43 - 2015-03-02 18:02 - 00372248 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-03-04 21:43 - 2015-03-02 18:02 - 00325944 _____ (Lavasoft Limited) C:\Windows\SysWOW64\Lavasearch
2015-03-04 21:42 - 2015-03-06 00:08 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-03-04 21:42 - 2015-03-06 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-03-04 21:41 - 2015-03-04 21:41 - 08068400 _____ (Lavasoft) C:\Users\Victor\Downloads\WebCompanionInstaller.exe
2015-03-04 21:41 - 2015-03-04 21:41 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\Lavasoft
2015-03-04 20:28 - 2015-03-04 20:28 - 03577784 _____ (K9 Tools ) C:\Users\Victor\Downloads\setup.exe
2015-03-04 18:16 - 2015-03-04 18:16 - 16317304 _____ (SRecorder Company ) C:\Users\Victor\Downloads\srecorder.exe
2015-03-04 09:01 - 2015-03-04 08:58 - 00898472 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2015-03-04 09:01 - 2015-03-04 08:58 - 00818088 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2015-03-04 08:59 - 2015-03-04 08:59 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-01 23:39 - 2015-03-01 23:40 - 24143885 _____ () C:\Users\Victor\Downloads\asap__all_scissors_and_pain_1.mp4
2015-03-01 23:38 - 2015-03-01 23:38 - 24275505 _____ () C:\Users\Victor\Downloads\get_a_peek_of_my_scissors_bobby_9.mp4
2015-03-01 23:36 - 2015-03-01 23:36 - 24211001 _____ () C:\Users\Victor\Downloads\get_a_peek_of_my_scissors_bobby_5.mp4
2015-03-01 23:34 - 2015-03-01 23:34 - 24207925 _____ () C:\Users\Victor\Downloads\get_a_peek_of_my_scissors_bobby_1.mp4
2015-03-01 23:34 - 2015-03-01 23:34 - 24181379 _____ () C:\Users\Victor\Downloads\get_a_peek_of_my_scissors_bobby_10.mp4
2015-03-01 23:32 - 2015-03-01 23:32 - 12332507 _____ () C:\Users\Victor\Downloads\Get a Peek of My SCISSORS Bobby! Photogallery.zip
2015-03-01 23:28 - 2015-03-01 23:28 - 12095836 _____ () C:\Users\Victor\Downloads\ASAP - All Scissors And PAIN! Photogallery.zip
2015-03-01 21:28 - 2015-03-01 21:28 - 24249431 _____ () C:\Users\Victor\Downloads\asap__all_scissors_and_pain_6.mp4
2015-03-01 21:27 - 2015-03-01 21:27 - 24167022 _____ () C:\Users\Victor\Downloads\asap__all_scissors_and_pain_9.mp4
2015-03-01 21:26 - 2015-03-01 21:26 - 24301126 _____ () C:\Users\Victor\Downloads\asap__all_scissors_and_pain_5.mp4
2015-03-01 21:24 - 2015-03-01 21:24 - 24172523 _____ () C:\Users\Victor\Downloads\asap__all_scissors_and_pain_2.mp4
2015-02-26 00:57 - 2015-01-08 23:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 00:57 - 2015-01-08 23:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-23 18:24 - 2015-02-23 18:24 - 00000000 ____D () C:\Windows\System32\Tasks\Leader Technologies
2015-02-23 18:22 - 2015-02-23 18:22 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\Leadertech
2015-02-12 06:57 - 2015-01-23 04:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 06:57 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 06:57 - 2015-01-23 03:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 06:57 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 09:37 - 2015-02-04 03:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 09:37 - 2015-02-04 03:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 09:37 - 2015-02-04 03:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 09:37 - 2015-02-04 03:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 09:37 - 2015-02-04 03:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 09:37 - 2015-02-04 03:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 09:37 - 2015-02-04 03:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 09:37 - 2015-01-27 23:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 09:37 - 2015-01-10 06:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 09:37 - 2015-01-10 06:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 09:37 - 2015-01-10 06:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 09:37 - 2015-01-10 06:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 09:37 - 2015-01-10 06:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 09:37 - 2015-01-10 06:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 09:37 - 2015-01-10 06:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 09:37 - 2015-01-10 06:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 09:37 - 2015-01-09 03:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-11 09:37 - 2015-01-09 03:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-11 09:37 - 2015-01-09 03:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-11 09:37 - 2015-01-09 02:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-11 09:36 - 2015-01-15 08:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 09:36 - 2015-01-15 08:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 09:36 - 2015-01-15 08:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 09:36 - 2015-01-15 08:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 09:36 - 2015-01-15 08:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 09:36 - 2015-01-15 08:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 09:36 - 2015-01-15 08:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 09:36 - 2015-01-15 08:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 09:36 - 2015-01-15 08:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 09:36 - 2015-01-15 08:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 09:36 - 2015-01-15 08:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 09:36 - 2015-01-15 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 09:36 - 2015-01-15 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 09:36 - 2015-01-15 07:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 09:36 - 2015-01-15 07:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 09:36 - 2015-01-15 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 09:36 - 2015-01-15 07:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 09:36 - 2015-01-15 04:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 09:36 - 2015-01-14 05:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 09:36 - 2015-01-14 05:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 09:36 - 2015-01-13 03:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 09:36 - 2015-01-13 02:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 09:36 - 2015-01-12 03:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 09:36 - 2015-01-12 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 09:36 - 2015-01-12 03:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 09:36 - 2015-01-12 02:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 09:36 - 2015-01-12 02:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 09:36 - 2015-01-12 02:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 09:36 - 2015-01-12 02:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 09:36 - 2015-01-12 02:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 09:36 - 2015-01-12 02:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 09:36 - 2015-01-12 02:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 09:36 - 2015-01-12 02:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 09:36 - 2015-01-12 02:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 09:36 - 2015-01-12 02:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 09:36 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 09:36 - 2015-01-12 02:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 09:36 - 2015-01-12 02:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 09:36 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 09:36 - 2015-01-12 02:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 09:36 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 09:36 - 2015-01-12 02:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 09:36 - 2015-01-12 02:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 09:36 - 2015-01-12 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 09:36 - 2015-01-12 02:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 09:36 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 09:36 - 2015-01-12 02:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 09:36 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 09:36 - 2015-01-12 02:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 09:36 - 2015-01-12 01:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 09:36 - 2015-01-12 01:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 09:36 - 2015-01-12 01:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 09:36 - 2015-01-12 01:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 09:36 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 09:36 - 2015-01-12 01:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 09:36 - 2015-01-12 01:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 09:36 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 09:36 - 2015-01-12 01:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 09:36 - 2015-01-12 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 09:36 - 2015-01-12 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 09:36 - 2015-01-12 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 09:36 - 2015-01-12 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 09:36 - 2015-01-12 01:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 09:36 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 09:36 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 09:36 - 2015-01-12 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 09:36 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 09:36 - 2015-01-12 01:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 09:36 - 2015-01-12 01:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 09:36 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 09:36 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 09:36 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 09:36 - 2014-12-12 05:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 09:36 - 2014-12-12 05:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 09:36 - 2014-11-26 03:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 09:36 - 2014-11-26 03:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 09:36 - 2014-10-04 02:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 09:36 - 2014-10-04 01:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 09:36 - 2014-10-04 01:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 09:36 - 2014-07-07 02:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 09:36 - 2014-07-07 02:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 09:36 - 2014-07-07 01:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 09:36 - 2014-07-07 01:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 09:35 - 2015-01-14 06:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 09:35 - 2015-01-14 06:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 09:35 - 2015-01-14 06:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 09:35 - 2015-01-14 06:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 09:35 - 2015-01-14 05:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 09:35 - 2015-01-14 05:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 09:35 - 2015-01-14 05:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 09:35 - 2015-01-09 02:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 09:35 - 2014-12-08 03:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 09:35 - 2014-12-08 02:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-06 15:09 - 2015-02-06 15:10 - 00222696 _____ (Deposit Files) C:\Users\Victor\Downloads\dfdownloader_Yzke8i_.exe
2015-02-06 15:06 - 2015-02-06 15:06 - 00222696 _____ (Deposit Files) C:\Users\Victor\Downloads\dfdownloader_KHSc0D_.exe
2015-02-06 15:05 - 2015-02-06 15:05 - 00222696 _____ (Deposit Files) C:\Users\Victor\Downloads\dfdownloader_9TtQmj_.exe
2015-02-06 15:02 - 2015-02-06 15:02 - 00001268 _____ () C:\Users\Public\Desktop\NCH Software.lnk
2015-02-06 15:02 - 2015-02-06 15:02 - 00001148 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip.lnk
2015-02-06 15:02 - 2015-02-06 15:02 - 00001136 _____ () C:\Users\Public\Desktop\Express Zip.lnk
2015-02-06 15:02 - 2015-02-06 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities
2015-02-05 11:41 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-06 18:26 - 2010-09-30 11:27 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-06 18:04 - 2012-04-04 08:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-06 17:38 - 2009-07-14 05:10 - 01490633 _____ () C:\Windows\WindowsUpdate.log
2015-03-06 10:26 - 2010-09-30 11:27 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-06 09:30 - 2009-07-14 04:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-06 09:30 - 2009-07-14 04:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-06 09:24 - 2012-06-19 14:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-06 09:20 - 2011-10-09 16:14 - 00000000 ___RD () C:\Users\Victor\Dropbox
2015-03-06 09:20 - 2011-10-09 16:12 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\Dropbox
2015-03-06 09:16 - 2010-09-30 07:06 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\WTablet
2015-03-06 09:16 - 2010-09-24 21:59 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-03-06 09:16 - 2010-09-24 21:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-03-06 09:16 - 2010-09-24 21:35 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-03-06 09:15 - 2010-09-25 06:25 - 00461196 _____ () C:\Windows\PFRO.log
2015-03-06 09:15 - 2010-09-24 21:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-06 09:15 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-06 09:15 - 2009-07-14 04:51 - 00150768 _____ () C:\Windows\setupact.log
2015-03-06 00:56 - 2010-09-29 15:16 - 00000000 ____D () C:\Users\Victor\Documents\My PSP8 Files
2015-03-06 00:24 - 2014-12-06 18:45 - 00000008 __RSH () C:\Users\Victor\ntuser.pol
2015-03-06 00:24 - 2010-09-29 14:28 - 00000000 ____D () C:\Users\Victor
2015-03-06 00:08 - 2010-09-30 11:27 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-03-06 00:07 - 2009-07-14 03:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-03-06 00:07 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-03-05 22:38 - 2014-12-01 18:23 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-05 20:49 - 2010-09-30 16:47 - 00024169 _____ () C:\Users\Victor\Documents\Shootdiscuss(1).xlsx
2015-03-05 20:25 - 2012-11-08 10:17 - 00111609 _____ () C:\Users\Victor\Documents\Activity.xlsx
2015-03-04 21:59 - 2010-09-25 07:07 - 00000000 ____D () C:\Windows\Panther
2015-03-04 18:35 - 2012-03-22 15:13 - 00000000 ____D () C:\Frapscapture
2015-03-04 18:21 - 2011-02-08 20:55 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\vlc
2015-03-04 18:08 - 2010-09-30 15:23 - 00000000 ____D () C:\Fraps
2015-03-04 09:02 - 2013-11-06 09:43 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-04 09:01 - 2010-09-24 21:32 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-04 08:59 - 2010-09-24 21:33 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-03-04 08:59 - 2010-09-24 21:33 - 00207272 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-04 08:59 - 2010-09-24 21:33 - 00206760 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-04 08:59 - 2010-09-24 21:33 - 00000000 ____D () C:\Program Files\Java
2015-03-04 08:58 - 2014-10-29 08:48 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-04 06:04 - 2010-10-23 07:52 - 00000000 ____D () C:\WTablet
2015-03-02 22:41 - 2010-09-29 19:28 - 00000000 ____D () C:\Users\Victor\Documents\My PSP Files
2015-03-02 22:41 - 2010-09-29 19:28 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\Corel
2015-03-02 20:57 - 2010-09-30 11:27 - 00000000 ____D () C:\Users\Victor\AppData\Local\Google
2015-02-27 15:53 - 2014-03-06 19:19 - 00000000 ____D () C:\Users\Victor\AppData\Local\CrashDumps
2015-02-26 18:55 - 2015-02-01 00:17 - 00000000 ____D () C:\Users\Victor\Documents\SVV
2015-02-26 18:47 - 2014-01-01 15:31 - 00125703 _____ () C:\Users\Victor\Downloads\pspbrwse.jbf
2015-02-26 14:50 - 2009-07-14 05:13 - 00795794 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-20 11:29 - 2010-09-30 11:27 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-17 23:01 - 2014-04-13 17:15 - 00009994 _____ () C:\Users\Victor\Documents\Calendar.xlsx
2015-02-17 08:04 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2015-02-13 10:19 - 2010-09-24 21:46 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-02-13 10:05 - 2011-10-09 16:14 - 00001023 _____ () C:\Users\Victor\Desktop\Dropbox.lnk
2015-02-13 10:05 - 2011-10-09 16:12 - 00000000 ____D () C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 14:39 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-12 06:41 - 2009-07-14 04:45 - 04795280 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 06:38 - 2014-12-11 09:57 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 06:38 - 2014-04-29 23:29 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 06:37 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\tracing
2015-02-12 00:28 - 2010-09-30 15:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-07 09:49 - 2009-07-14 05:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-06 15:08 - 2012-05-10 07:28 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2015-02-06 15:02 - 2012-05-10 07:28 - 00000000 ____D () C:\ProgramData\NCH Software
2015-02-06 15:02 - 2012-05-10 07:28 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2015-02-05 19:04 - 2012-04-04 08:50 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 19:04 - 2012-04-04 08:50 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 19:04 - 2011-06-29 09:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 11:42 - 2010-09-24 21:46 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-05 10:21 - 2010-09-30 11:27 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 10:21 - 2010-09-30 11:27 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2011-12-13 12:26 - 2011-12-13 12:26 - 0038435 _____ () C:\Users\Victor\AppData\Roaming\Comma Separated Values (Windows).ADR
2011-08-04 22:36 - 2011-12-29 10:53 - 0011776 _____ () C:\Users\Victor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-15 08:45 - 2010-10-15 08:45 - 0000094 _____ () C:\Users\Victor\AppData\Local\fusioncache.dat
2012-12-27 19:42 - 2012-12-27 19:42 - 0000000 _____ () C:\Users\Victor\AppData\Local\rx_image32.Cache
2015-03-06 09:15 - 2015-03-06 09:16 - 0000004 ____H () C:\ProgramData\cm-lock

Some content of TEMP:
====================
C:\Users\Victor\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpan_ly9.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-05 12:31

==================== End Of Log ============================

vicxyz · March 6, 2015

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by Victor at 2015-03-06 18:35:33
Running from C:\Users\Victor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJX53QQ6
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Add or Remove Adobe Creative Suite 3 Master Collection (HKLM-x32\...\Adobe_4dcfd9b7e901b57f81f667144603236) (Version: 1.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Alien Skin Eye Candy 5 Nature (HKLM-x32\...\EyeCandy5Nature) (Version: - )
Alien Skin Xenofex 2 (HKLM-x32\...\Xenofex2) (Version: - )
aniMate 2 DS3 (HKLM-x32\...\aniMate 2 DS3 2.0.0.7) (Version: 2.0.0.7 - DAZ 3D)
Apple Application Support (HKLM-x32\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{33EB1061-ABF1-4470-A540-32E97A610536}) (Version: 3.2.0.47 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
As Simple As Photoshop 6.0 (HKLM-x32\...\As Simple As Photoshop_is1) (Version: - Andrei Doubrovski)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Athentech Perfectly Clear (HKLM-x32\...\_{12097B7C-04C4-4049-AEBF-0ECE0D6FCEE3}) (Version: 1.0.0.101 - Corel Corporation)
Athentech Perfectly Clear (Version: 1.0.0.101 - Corel Corporation) Hidden
Athentech Perfectly Clear (x32 Version: 1.0.0.101 - Corel Corporation) Hidden
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
Authorizer 2.7.0 (HKLM\...\{F6762963-9AE5-4bc6-A70F-2D749F6AC02F}_is1) (Version: 2.7.0 - Propellerhead Software AB)
Authorizer Ignition Key Support (Version: 1.0.8.0 - Propellerhead Software AB) Hidden
Avid Mbox Driver 1.1.9 (x64) (HKLM\...\{1F0E3221-8B58-4CD8-ABD9-D2730671E2E9}) (Version: 1.1.9 - Avid)
Avid Pro Tools Express (HKLM-x32\...\{4C77F4F5-DFFC-4A18-A5A5-913350B70865}) (Version: 0.0.0 - Avid Technology, Inc.)
Avid Virtual Instruments Express (HKLM-x32\...\{6444D9E1-244C-465B-A990-F6AB116FC48A}) (Version: 10.2.0 - Avid Technology, Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.7.4101 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FDB8F715-FC8D-4C20-B614-E0361BB69A17}) (Version: 0.9.7.4101 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother HL-5140 (HKLM-x32\...\Brother HL-5140) (Version: - )
Bryce 7.1 (HKLM-x32\...\Bryce 7.1 7.1.0.74) (Version: 7.1.0.74 - DAZ 3D)
BT NetProtect Plus (HKLM-x32\...\MSC) (Version: 13.6.1492 - McAfee, Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
CanoScan 8800F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4805) (Version: - )
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
ComicRack v0.9.142 (HKLM\...\ComicRack) (Version: v0.9.142 - cYo Soft)
Corel Paint Shop Pro Photo XI (HKLM-x32\...\{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}) (Version: 11.00.0000 - Corel Inc)
Corel PaintShop Pro X6 (HKLM-x32\...\_{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.2.0.20 - Corel Corporation)
Corel PaintShop Pro X6 (x32 Version: 16.2.0.20 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
Cryostasis (Remove Only) (HKLM-x32\...\{97A8C4B4-2B50-42D1-AFE6-5E8433185436}_is1) (Version: 1.01 - 505games)
Crysis® (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAZ Studio 3 (HKLM-x32\...\DAZ Studio 3 3.1.2.32) (Version: 3.1.2.32 - DAZ 3D)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: - NCH Software)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
EA Download Manager (HKLM-x32\...\EA Download Manager) (Version: 6.0.4.124 - Electronic Arts, Inc.)
EA Download Manager UI (HKLM-x32\...\com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 6.0.4.124 - Electronic Arts)
EA Download Manager UI (x32 Version: 6.0.4 - Electronic Arts) Hidden
EMC 10 Content (x32 Version: 1.0.035 - Roxo, Inc.) Hidden
EMCGadgets64 (Version: 1.0.302 - Sonic) Hidden
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.28 - NCH Software)
EZ Vinyl/Tape Converter 4.1 by MixMeister (HKLM-x32\...\EZ Vinyl/Tape Converter by MixMeister_is1) (Version: - MixMeister Technology LLC)
FaceFilter v3.02 Standard (HKLM-x32\...\{6020758E-57A9-41E3-AF20-8EE311EA6156}) (Version: 3.02.1506.1 - Reallusion Inc.)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free MTS Converter (HKLM-x32\...\Free MTS Converter_is1) (Version: - )
GameSpy Comrade (HKLM-x32\...\{7F752BAB-4AFD-4138-983D-7E9E7CFE077D}) (Version: 3.2.17.236 - GameSpy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HD Writer AE 5.0 (HKLM-x32\...\{433E3E7F-4510-41F9-B9FB-55D8ECB30259}) (Version: 5.00.013.1033 - Panasonic Corporation)
ICA (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
Image Data Converter (HKLM-x32\...\{87998E4E-6D9C-411B-AAE9-B8523FFE357D}) (Version: 4.0.01.09151 - Sony Corporation)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.0 - PACE Anti-Piracy, Inc.)
IPM_PSP_COM (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
IPM_PSP_COM64 (Version: 16.0.0.113 - Corel Corporation) Hidden
iTunes (HKLM\...\{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}) (Version: 10.0.1.22 - Apple Inc.)
Jasc Paint Shop Pro 8 (HKLM-x32\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.10.0000 - Jasc Software Inc)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.194 - McAfee, Inc.)
Medal of Honor (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}) (Version: 1.4.915.1 - Fitipower)
Multimedia Card Reader (x32 Version: 1.4.915.1 - Fitipower) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5856 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}) (Version: 9.10.0223 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.5812 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Pen Tablet (HKLM-x32\...\Pen Tablet Driver) (Version: - Wacom Technology Corp.)
Pinnacle Instant DVD Recorder (HKLM-x32\...\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}) (Version: 2.6.1.127 - Pinnacle Systems)
Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.029 - Pinnacle Systems)
Pixsta (HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\Pokki_83453a3d886e527a470b5bb8291dd338de4b1e44) (Version: 2.5.3.4 - Pokki)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.00.09123 - Sony Corporation)
Pokki Download Helper (HKU\S-1-5-21-3304660120-434486148-2028904278-1001\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.18 - NCH Software)
PSPPContent (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
PSPPro64 (Version: 16.2.0.20 - Corel Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Reason 4.0.1 (HKLM-x32\...\Reason4_is1) (Version: 4.0.1 - Propellerhead Software AB)
Reason 8.0.0 (HKLM\...\Reason8.0_64_is1) (Version: 8.0.0 - Propellerhead Software AB)
Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio File Backup (Version: 1.3.0 - Roxio) Hidden
ScanSoft OmniPage SE 4 (HKLM-x32\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Setup (x32 Version: 16.0.0.113 - Corel Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Ship Simulator 2008 (HKLM-x32\...\Shipsim2008) (Version: - )
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version: - SSC Localization Group)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Ultimate Creative Collection (X6) (HKLM-x32\...\_{D839B02E-8C50-4F8F-BA53-84FF75487A1A}) (Version: 1.0.0.100 - Corel Corporation)
Ultimate Creative Collection (X6) (x32 Version: 1.0.0.100 - Corel Corporation) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Webinaria 2.0 (HKLM-x32\...\Webinaria_is1) (Version: - Charlwood eMarketing)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3304660120-434486148-2028904278-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Victor\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

04-03-2015 21:42:13 LavasoftWeCompanion
05-03-2015 23:51:59 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D1CB3D7-2ECB-460A-B852-0B5BEA09B4FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {10545267-0B7A-4B93-9EC6-4D436EBDB8B2} - System32\Tasks\{8D0D6A6D-D270-4BA3-965E-E4F11C65F30F} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2003-12-04] (Corel Corporation)
Task: {144C3759-A3C6-43C7-B4C4-9B13AEADB110} - System32\Tasks\{92DA1A3F-1A4F-494F-8667-6E2756ADC679} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {16A9CE25-CEAB-4D84-97E9-0544FEF6DDDD} - System32\Tasks\{354E69EB-F57E-4F50-A680-48E9FFAD167C} => pcalua.exe -a D:\EPSETUP.EXE -d D:\
Task: {1741F95E-4F2D-494B-B6A2-22D9EE2AA78D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {2078AE7C-7B0A-43A5-B4A2-B1B72B0FDBD1} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {2CD96539-3015-4158-8004-14CD772F5032} - System32\Tasks\SafeSearchVerify => C:\Program Files\SafeSearch\1_4\se.exe
Task: {3990644C-15DC-4910-BF4B-CFE9E56C8F7C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {48F51FA9-FDE0-483A-9449-E231767A101C} - System32\Tasks\{B35431C7-8373-4F60-B67F-EAE6195BBB9E} => D:\run.exe
Task: {5635657E-8550-40E8-85F1-AAC8BD58AAE9} - System32\Tasks\{F14D4E07-7B09-4732-BF83-EEF7F46D4D5E} => D:\run.exe
Task: {660844DF-AE67-4901-A9ED-90DE752B5C39} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {6ABA6D3B-7151-497D-BD8B-C5057E08CEB8} - System32\Tasks\{E95BA6E9-5F86-4F70-83A4-18E4B4AE2CB2} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2003-12-04] (Corel Corporation)
Task: {72FB8A85-4593-469B-BBC7-88CA240AA34E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {756AD110-B68B-4054-9AAD-124056AB6E01} - System32\Tasks\{53C58DCD-6D59-4020-89EF-B3873135A463} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2003-12-04] (Corel Corporation)
Task: {7604BB8B-E6BA-4A8C-B745-1BAB9A4F83BF} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {7F0D03B8-AFAE-40C5-97BB-196A1CD8CD4F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {807CC4B9-567F-4951-A314-52A50B3E8CD5} - System32\Tasks\{759BDA0A-EE45-4BDC-8344-2B38E1848EF8} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2003-12-04] (Corel Corporation)
Task: {99849050-B934-4CAD-A155-32E8AB140523} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {9B42E008-2BB8-4A86-8789-419F6898FEAF} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {A687062A-0DAB-4ED7-8788-93398EE73094} - System32\Tasks\{5DC1A093-8338-4C12-8AFB-06A0F88D6CD7} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2003-12-04] (Corel Corporation)
Task: {A7C8BD3E-FC09-4499-BA66-4BDCEE6E27CC} - System32\Tasks\{5731ED2D-CE4C-47FF-9756-7728DC46D608} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelDRW.exe [2003-12-04] (Corel Corporation)
Task: {BC9F8310-F523-4998-8803-3391C139DA8E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {C3890707-0F8C-40D7-BF65-0B1D59F1124D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {CC1971F6-4B3B-428D-8CE7-8AF4B21B0A93} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {CD35A032-F595-4A3E-B9E1-D497B4165D38} - System32\Tasks\SafeSearchUpdate => C:\Program Files\SafeSearch\1_4\se.exe
Task: {CF75C224-41D6-4036-94FE-FD0D3EF7A9A4} - System32\Tasks\{D02A3EC3-07CB-4097-9CA8-C6FF31FF2D1E} => D:\run.exe
Task: {D41682B6-34E1-4FEB-B021-758C9CB3C810} - System32\Tasks\{B43F8CE8-1310-4B65-8BF8-697B45D6875C} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2003-12-04] (Corel Corporation)
Task: {D89F5D1D-97F7-4239-BFCA-363E89E6D960} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3304660120-434486148-2028904278-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)
Task: {E888ED54-F180-4C74-BE75-3C8213873827} - System32\Tasks\{AC22345C-56B9-4028-939F-ED2368366E9A} => pcalua.exe -a C:\Drivers\Brother\Pp10f.exe -d C:\Users\Victor\Desktop
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-10-14 10:26 - 2010-12-29 17:37 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2010-09-24 21:36 - 2011-08-18 15:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2010-02-09 11:34 - 2010-02-09 11:34 - 01807680 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2014-10-17 09:06 - 2014-10-17 09:06 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\c29d8779b3a3599f44e21e017541cd0c\VistaBridgeLibrary.ni.dll
2013-02-13 02:37 - 2013-02-13 02:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-10-29 19:06 - 2014-10-29 19:06 - 00560192 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2014-11-20 10:50 - 2014-11-20 10:50 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2010-09-24 21:33 - 2009-10-02 11:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2010-02-09 11:34 - 2010-02-09 11:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2010-02-09 11:34 - 2010-02-09 11:34 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2010-02-09 11:34 - 2010-02-09 11:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2010-02-09 11:34 - 2010-02-09 11:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2010-02-09 11:34 - 2010-02-09 11:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2010-08-09 23:01 - 2010-08-09 23:01 - 00067872 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00750080 _____ () C:\Users\Victor\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-06 09:17 - 2015-03-06 09:17 - 00043008 _____ () c:\users\victor\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpan_ly9.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00047616 _____ () C:\Users\Victor\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00865280 _____ () C:\Users\Victor\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00200704 _____ () C:\Users\Victor\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2013-02-13 02:38 - 2013-02-13 02:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-29 19:01 - 2014-10-29 19:01 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2014-10-29 19:07 - 2014-10-29 19:07 - 00065600 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Victor\Local Settings:eBTnN2nsGmdwyE37f
AlternateDataStreams: C:\Users\Victor\AppData\Local:eBTnN2nsGmdwyE37f
AlternateDataStreams: C:\Users\Victor\AppData\Local\Application Data:eBTnN2nsGmdwyE37f

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\S-1-5-21-3304660120-434486148-2028904278-1001\Software\Classes\.exe: => <===== ATTENTION!

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3304660120-434486148-2028904278-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== Accounts: =============================

8910C1E16859491E8416 (S-1-5-21-3304660120-434486148-2028904278-1006 - Limited - Enabled)
Administrator (S-1-5-21-3304660120-434486148-2028904278-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3304660120-434486148-2028904278-1004 - Limited - Enabled)
Guest (S-1-5-21-3304660120-434486148-2028904278-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3304660120-434486148-2028904278-1002 - Limited - Enabled)
Victor (S-1-5-21-3304660120-434486148-2028904278-1001 - Administrator - Enabled) => C:\Users\Victor

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/06/2015 11:27:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/06/2015 11:27:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/06/2015 09:16:16 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/06/2015 00:24:22 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/06/2015 00:22:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: accept: 10022 (An invalid argument was supplied.)

Error: (03/06/2015 00:21:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: accept: 10022 (An invalid argument was supplied.)

Error: (03/06/2015 00:20:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: accept: 10022 (An invalid argument was supplied.)

Error: (03/06/2015 00:19:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Paint Shop Pro.exe version 8.1.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 25a4

Start Time: 01d057a2d754c322

Termination Time: 16

Application Path: C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 8\Paint Shop Pro.exe

Report Id: 5fd8f200-c396-11e4-9b49-842b2b9a54b4

Error: (03/06/2015 00:19:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: accept: 10022 (An invalid argument was supplied.)

Error: (03/06/2015 00:18:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: accept: 10022 (An invalid argument was supplied.)

System errors:
=============
Error: (03/06/2015 09:26:21 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (03/06/2015 09:20:33 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The McAfee Home Network service hung on starting.

Error: (03/06/2015 09:17:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053

Error: (03/06/2015 09:17:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (03/06/2015 09:16:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (03/06/2015 09:16:22 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RxFilter

Error: (03/06/2015 09:16:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (03/06/2015 09:16:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (03/06/2015 09:15:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (03/06/2015 09:15:38 AM) (Source: Service Control Manager) (EventID: 7002) (User: )
Description: The BrPar service depends on the Parallel arbitrator group and no member of this group started.