Jump to content

Tech support SCAM page on screen on browser


Recommended Posts

Hello guys,

I'm using a laptop computer running Windows 7 SP1 64bit.  I use Chrome as a browser.  Lately, most of the time a try to access a link from a search result, it takes me to a page displaying a gray screen with some cryptic message saying that my computer is infected and advising me to call a number to have it fixed, all this while making a horrendous loud beep.  The screens vary but most say SYSTEM SHUTDOWN  CALL SUPPORT...  It takes several clicks to make it go away.  Next time I try the same link it works just fine.  I ran MalwareBytes free and Spybot Search & Destroy and had a few things removed but the problem persists.  I have not noted any other problem.  Thanks in advance for your help.

The FRST.txt file is this:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2016 03
Ran by grevolorio (administrator) on TRMDU2 (18-07-2016 11:05:54)
Running from C:\Users\grevolorio.trmdu2\Desktop
Loaded Profiles: grevolorio &  (Available Profiles: grevolorio & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\WindowBlinds\WBSrv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\WindowBlinds\WBCore.exe
(Stardock Corporation) F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\WindowFXSRV.exe
() F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\wfx32.exe
(Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(hMailServer) F:\Program Files (x86)\hMailServer\Bin\hMailServer.exe
() F:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Technologies) F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(AVG Technologies) F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\Program Files\Synergy\synergyd.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ZabKat) C:\Program Files\zabkat\xplorer2\xplorer2_64.exe
() C:\Program Files (x86)\Calibre2\calibre.exe
() C:\Program Files (x86)\Calibre2\calibre-parallel.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Malwarebytes) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
() C:\Program Files\Synergy\synergy.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Synergy\synergys.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24204648 2016-07-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AttendeeCommunicator] => C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe [12007776 2016-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [164152 2016-06-01] (Apple Inc.)
Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X]
Winlogon\Notify\MCPClient: C:\Program Files (x86)\Common Files\stardock\MCPStub.dll [2005-01-31] (Stardock)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_ActiveX.exe -update activex
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b93f89d9-224a-11e0-afff-f04da264333e} - E:\setup.exe
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WinSnap] => C:\Program Files\WinSnap\WinSnap64.exe [3874432 2013-06-18] (NTWind Software)
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BitTorrent Sync] => F:\Program Files (x86)\BitTorrent Sync\BTSync.exe [5514592 2015-06-30] (BitTorrent, Inc.)
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Workrave] => F:\Program Files (x86)\Workrave\lib\workrave.exe [4480000 2013-01-13] (The Workrave development team)
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [HideLogonScripts] 1
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\MountPoints2: {6e07364a-5ca0-11e5-8a8f-0002761ce121} - E:\Setup.exe
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\MountPoints2: {bcc773c2-50b0-11e0-b28d-b7985eaf7599} - "D:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6e07364a-5ca0-11e5-8a8f-0002761ce121} - E:\Setup.exe
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {bcc773c2-50b0-11e0-b28d-b7985eaf7599} - "D:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_ActiveX.exe -update activex
HKU\S-1-5-18\...\MountPoints2: {b93f89d9-224a-11e0-afff-f04da264333e} - E:\setup.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files (x86)\Common Files\stardock\MCPCore.dll (Stardock)
SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %SystemRoot%\system32\stobject.dll (Microsoft Corporation)
SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
ShellExecuteHooks-x32:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!BTSync2.0.128Done] -> {581FFA04-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll [2015-06-30] ()
ShellIconOverlayIdentifiers: [!BTSync2.0.128RO] -> {581FFA03-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll [2015-06-30] ()
ShellIconOverlayIdentifiers: [!BTSync2.0.128RW] -> {581FFA02-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll [2015-06-30] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} =>  No File
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [!BTSync2.0.128Done] -> {581FFA04-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension86_33554560.dll [2015-06-30] ()
ShellIconOverlayIdentifiers-x32: [!BTSync2.0.128RO] -> {581FFA03-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension86_33554560.dll [2015-06-30] ()
ShellIconOverlayIdentifiers-x32: [!BTSync2.0.128RW] -> {581FFA02-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension86_33554560.dll [2015-06-30] ()
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DC-2-DB.lnk [2015-09-27]
ShortcutTarget: DC-2-DB.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DC-3-SP.lnk [2015-09-27]
ShortcutTarget: DC-3-SP.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DC_1.lnk [2015-09-27]
ShortcutTarget: DC_1.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Synergy.lnk [2016-03-22]
ShortcutTarget: Synergy.lnk -> C:\Windows\Installer\{68C1AA13-4370-4761-B53F-1862C2CE26CB}\synergy.ico (No File)
Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BHODemon 2.0.lnk [2016-07-11]
ShortcutTarget: BHODemon 2.0.lnk -> C:\Program Files (x86)\BHODemon 2\BHODemon.exe (Definitive Solutions, Inc.)
Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\calibre - E-book management.lnk [2015-06-19]
ShortcutTarget: calibre - E-book management.lnk -> C:\Program Files (x86)\Calibre2\calibre.exe ()
Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-10-02]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BHODemon 2.0.lnk [2016-07-11]
ShortcutTarget: BHODemon 2.0.lnk -> C:\Program Files (x86)\BHODemon 2\BHODemon.exe (Definitive Solutions, Inc.)
Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\calibre - E-book management.lnk [2015-06-19]
ShortcutTarget: calibre - E-book management.lnk -> C:\Program Files (x86)\Calibre2\calibre.exe ()
Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-10-02]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{1CC5E133-5EFA-45B6-95E6-3BEBD35BCB03}: [NameServer] 75.75.75.75
Tcpip\..\Interfaces\{2E7C3C01-490F-4425-84AD-AFDD0E4D2B58}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{5AFE6685-1C35-46C8-A029-662B58E9021D}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{64CC2F48-277C-4B3F-B096-F134D5C26275}: [NameServer] 192.168.0.1,75.75.76.76
Tcpip\..\Interfaces\{75F23FE3-1277-4A15-B393-F09B6F2535B6}: [NameServer] 192.168.0.100

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1085031214-796845957-725345543-2791\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {15261C5A-E2D7-42B4-AE84-D92AE430C800} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {15261C5A-E2D7-42B4-AE84-D92AE430C800} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {91607fa7-3c2f-4f90-93e3-d5337a6b0ac2} URL = Playbryte-fa-outbrowse/search/redirect/?type=default&user_id=f4948b29-18ba-4e54-80f2-876cde2854e2&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2791 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-19] (Siber Systems Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> F:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-06-11] (LastPass)
BHO: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll [2015-04-17] (MediaMall Technologies, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> F:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-06-19] (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-06-11] (LastPass)
BHO-x32: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho.dll [2015-04-17] (MediaMall Technologies, Inc.)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-19] (Siber Systems Inc.)
Toolbar: HKLM - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll [2015-04-17] (MediaMall Technologies, Inc.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-06-11] (LastPass)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-06-19] (Siber Systems Inc.)
Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} -  No File
Toolbar: HKLM-x32 - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll [2015-04-17] (MediaMall Technologies, Inc.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-06-11] (LastPass)
Toolbar: HKU\.DEFAULT -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-19] (Siber Systems Inc.)
IE Session Restore: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> is enabled.
IE Session Restore: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009 -> is enabled.
IE Session Restore: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> is enabled.
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T28L10NSP12_CP1-16851/webex/ieatgpc1.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)

FireFox:
========
FF ProfilePath: C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default
FF DefaultSearchEngine.US: Google
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> F:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> F:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-06-11] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-06-11] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2010-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2010-08-25] (NVIDIA Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll [2015-08-13] (MediaMall Technologies, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-30] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\grevolorio\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-08-11] (Citrix Online)
FF Plugin HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: LWAPlugin15.8 -> C:\Users\grevolorio\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-09-18] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-30] (Wacom)
FF user.js: detected! => C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\user.js [2015-06-16]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll [2014-11-19] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginAOC.dll [2016-03-14] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-02-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Disconnect - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\2.0@disconnect.me.xpi [2015-06-16]
FF Extension: Flashblock - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-05-06]
FF Extension: Turn Off the Lights - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\stefanvandamme@stefanvd.net.xpi [2016-05-06]
FF Extension: LastPass - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\support@lastpass.com [2016-05-06]
FF Extension: Amazon Price Tracker - Keepa.com - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\amptra@keepa.com.xpi [2016-05-06]
FF Extension: PriceZombie, Price Tracker & Price Comparison - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\jid1-a36dFT994VgKDA@jetpack.xpi [2015-10-08]
FF Extension: PlayOn - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\playonplugin@playon.tv [2015-06-24] [not signed]
FF Extension: Video DownloadHelper - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-22]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\extensions\afproxy@anchorfree.com [2015-09-23] [not signed]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-09-23] [not signed]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2015-09-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-12-06] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2015-06-19] [not signed]
FF HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR DefaultSearchKeyword: Default -> lp
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-11]
CHR Extension: (Entanglement Web App) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-06-11]
CHR Extension: (SearchReportRecordResult Class) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-09-16] [UpdateUrl: hxxps://clients2.google/service/cnhpbmgmfaaapmaoibgdmapbjfofolig] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-11]
CHR Extension: (Send to OneNote) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aokbjibjnekbfdjilfpoknnokaffoinp [2015-07-01]
CHR Extension: (Google Drive) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (Turn Off the Lights) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-06-24]
CHR Extension: (YouTube) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Honey) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-07-15]
CHR Extension: (Adblock Plus) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-01]
CHR Extension: (Incognito-Filter) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik [2015-06-11]
CHR Extension: (Google Search) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Tampermonkey) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-07-16]
CHR Extension: (Unlimited Hotspot Tethering) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\diddhabdhahhfajjfgepdlanilmdnogk [2015-06-24]
CHR Extension: (Facebook Disconnect) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2015-06-11]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2015-06-11]
CHR Extension: (Google Sheets) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-11]
CHR Extension: (Chrome Remote Desktop) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-13]
CHR Extension: (Google Docs Offline) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-22]
CHR Extension: (Close all Tabs) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghcmiphoepcihlmphakgmpapfpldlleg [2015-06-11]
CHR Extension: (AdBlock) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-11]
CHR Extension: (Pin It Button) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-09-26]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2015-06-11]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-07-15]
CHR Extension: (SuperSorter) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij [2015-06-11]
CHR Extension: (Google Keep - notes and lists) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-07-13]
CHR Extension: (Google Theme) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\imoaoigekmpoalkbfohhjgkcocjdapne [2015-06-11]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-22]
CHR Extension: (Cisco WebEx Extension) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-06-11]
CHR Extension: (Speed Dial 2) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-06-01]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-22]
CHR Extension: (The Great Suspender) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-11-02]
CHR Extension: (Roomy Bookmarks Toolbar) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmfbpoigddhdibjcilijiejaidggonfc [2015-08-28]
CHR Extension: (Evernote Web) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-06-11]
CHR Extension: (Instapaper) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh [2016-03-04]
CHR Extension: (Facebook Ads Hider) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\leeebdddeggoocipdjiokmjcpidnmoah [2015-06-11]
CHR Extension: (Unicorn Smasher) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmmeekapjbfjachdkgabdaoccfclpaa [2016-06-17]
CHR Extension: (PlayOn) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2015-09-15]
CHR Extension: (Poppit!) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-06-11]
CHR Extension: (Ghostery) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-03-04]
CHR Extension: (SharePoint Fix) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbkoobmboaainhbkbdojincpeoldlfc [2015-11-02]
CHR Extension: (deviantART muro) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\namljbfbglehfnlonjmebceimaalofei [2015-06-11]
CHR Extension: (Save to Pocket) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-07-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-28]
CHR Extension: (Hover Zoom) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2016-06-01]
CHR Extension: (Evernote Web Clipper) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2016-07-01]
CHR Extension: (Gmail) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-11]
CHR Extension: (Privacy Badger) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2016-06-01]
CHR Extension: (RSS Feed Reader) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2016-07-11]
CHR Extension: (RoboForm Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-03-22]
CHR Profile: C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-01]
CHR Extension: (Google Docs) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-01]
CHR Extension: (Google Drive) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-01]
CHR Extension: (YouTube) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-01]
CHR Extension: (Google Sheets) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-01]
CHR Extension: (Chrome Remote Desktop) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-06-01]
CHR Extension: (20 Cubed) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\geghmabifcdlkmpnkapfefbbfaonhcef [2016-06-01]
CHR Extension: (Google Docs Offline) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-01]
CHR Extension: (AdBlock) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-10]
CHR Extension: (Slinky Wood) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hcaidncenfklbfikefeppfgehcbmmecn [2016-06-01]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-06-24]
CHR Extension: (Invite All Friends on Facebook) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2016-06-24]
CHR Extension: (Speed Dial 2) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-06-01]
CHR Extension: (The Great Suspender) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2016-06-01]
CHR Extension: (PlayOn) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2016-06-01]
CHR Extension: (Pocket) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-06-01]
CHR Extension: (SharePoint Fix) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmbkoobmboaainhbkbdojincpeoldlfc [2016-06-01]
CHR Extension: (Save to Pocket) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-06-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-01]
CHR Extension: (Context Menu Search) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2016-06-01]
CHR Extension: (Gmail) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-01]
CHR Extension: (RSS Feed Reader) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2016-06-25]
CHR Extension: (RoboForm Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-06-01]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-10]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2014-09-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-11-22]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-10]
StartMenuInternet: Google Chrome.HA3GT6LIC6CKERU66IYIZVETX4 - C:\Users\grevolorio\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
S4 CronService; C:\Prey\platform\windows\cronsvc.exe [19968 2011-02-15] (Fork Ltd.) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 hMailServer; F:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [4512768 2015-07-09] (hMailServer) [File not signed]
R2 KinoniSvc; f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [524800 2014-11-12] () [File not signed]
R2 MBAMScheduler; f:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; f:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5933872 2015-09-18] (MediaMall Technologies, Inc.)
S4 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
S4 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [17920 2011-09-19] (Microsoft) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4476096 2005-09-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 SandraAgentSrv; f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\RpcAgentSrv.exe [73200 2014-11-05] (SiSoftware) [File not signed]
R2 SDScannerService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [997568 2014-06-29] (@ByELDI) [File not signed]
R2 Synergy; C:\Program Files\Synergy\synergyd.exe [312488 2016-03-18] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7184144 2016-07-06] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
R2 VMAuthdService; F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [File not signed]
S2 VMwareHostd; F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-hostd.exe [15680000 2012-08-15] () [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowBlinds; C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe [89600 2013-05-16] (Stardock Corporation) [File not signed]
R2 WindowFX; F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\WindowFXSRV.exe [181904 2012-03-08] (Stardock Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-16] (AnchorFree Inc.)
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel  Corporation)
S3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2014-11-12] (Windows (R) Win 7 DDK provider)
S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2014-11-12] (Windows (R) Win 7 DDK provider)
S4 LMIRfsClientNP; no ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-18] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 SANDRA; f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
U5 UnlockerDriver5; F:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70256 2012-07-06] (VMware, Inc.)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-03-22] (WinISO.com)
S1 bbstlqcp; \??\C:\Windows\system32\drivers\bbstlqcp.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S1 ekgpaanc; \??\C:\Windows\system32\drivers\ekgpaanc.sys [X]
S1 emzyrjza; \??\C:\Windows\system32\drivers\emzyrjza.sys [X]
S1 fzqrwich; \??\C:\Windows\system32\drivers\fzqrwich.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S1 mttwbomv; \??\C:\Windows\system32\drivers\mttwbomv.sys [X]
S1 ouqyzldm; \??\C:\Windows\system32\drivers\ouqyzldm.sys [X]
S1 sesugyny; \??\C:\Windows\system32\drivers\sesugyny.sys [X]
S3 SliceDisk5; \??\C:\Users\grevolorio\AppData\Local\Temp\HBCD\PartitionFindAndMount\slicedisk-x64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S1 vixxdple; \??\C:\Windows\system32\drivers\vixxdple.sys [X]
S2 WGX; System32\Drivers\WGX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-18 11:05 - 2016-07-18 11:07 - 00067984 _____ C:\Users\grevolorio.trmdu2\Desktop\FRST.txt
2016-07-18 11:03 - 2016-07-18 11:03 - 02391040 _____ (Farbar) C:\Users\grevolorio.trmdu2\Desktop\FRST64.exe
2016-07-18 10:07 - 2016-07-18 10:07 - 00000000 ____D C:\Program Files\Common Files\AV
2016-07-18 10:07 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-07-16 08:38 - 2016-05-09 16:48 - 00450051 _____ C:\Windows\system32\Drivers\etc\hosts.20160716-083854.backup
2016-07-13 09:49 - 2016-07-13 09:50 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Roaming\vlc
2016-07-13 09:22 - 2016-07-13 09:22 - 00000000 ____D C:\Users\grevolorio.trmdu2\Projects Series
2016-07-13 09:22 - 2016-07-13 09:22 - 00000000 ____D C:\Users\grevolorio.trmdu2\HDR Projects 4 Pro
2016-07-13 09:20 - 2016-07-13 09:20 - 00001162 _____ C:\Users\Public\Desktop\HDR projects 4 professional (64-Bit).lnk
2016-07-13 09:20 - 2016-07-13 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2016-07-13 09:20 - 2016-07-13 09:20 - 00000000 ____D C:\Program Files\Franzis
2016-07-11 14:07 - 2016-07-11 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-11 10:48 - 2016-07-11 10:48 - 00000957 _____ C:\Users\grevolorio.trmdu2\Desktop\BHODemon 2.0.lnk
2016-07-11 10:48 - 2016-07-11 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BHODemon 2.0
2016-07-11 10:48 - 2016-07-11 10:48 - 00000000 ____D C:\Program Files (x86)\BHODemon 2
2016-07-09 08:49 - 2016-07-09 08:49 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-07-09 08:49 - 2016-07-09 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-07-09 08:49 - 2016-07-09 08:49 - 00000000 ____D C:\Program Files\iTunes
2016-07-09 08:49 - 2016-07-09 08:49 - 00000000 ____D C:\Program Files\iPod
2016-06-24 09:43 - 2016-07-08 21:18 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-18 11:05 - 2014-01-30 12:00 - 00000548 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1085031214-796845957-725345543-2108.job
2016-07-18 11:05 - 2012-05-23 18:15 - 00000000 ____D C:\FRST
2016-07-18 11:05 - 2011-08-04 09:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-18 11:01 - 2014-11-04 15:34 - 00000382 _____ C:\Windows\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job
2016-07-18 10:55 - 2015-09-16 12:08 - 00192216 ____C (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-18 10:32 - 2015-07-02 10:19 - 00000644 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1085031214-796845957-725345543-2108.job
2016-07-18 10:21 - 2012-07-27 08:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-18 10:08 - 2015-06-30 08:58 - 00000916 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-18 10:07 - 2014-08-20 09:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-07-18 06:15 - 2009-07-14 00:45 - 00033392 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-18 06:15 - 2009-07-14 00:45 - 00033392 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-18 02:07 - 2015-06-11 15:15 - 00000000 ____D C:\ProgramData\MediaMall
2016-07-18 01:19 - 2015-06-30 08:58 - 00000912 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-17 22:59 - 2015-09-30 10:32 - 00000000 ____D C:\Program Files\KMSpico
2016-07-17 20:05 - 2011-08-04 09:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-17 09:28 - 2009-07-14 01:13 - 00845984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-17 09:28 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-07-14 20:21 - 2012-07-27 08:46 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 20:21 - 2012-04-13 10:28 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 20:21 - 2011-05-20 16:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-13 15:39 - 2015-06-11 20:52 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Local\CrashDumps
2016-07-13 13:18 - 2011-01-21 14:14 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-13 12:43 - 2015-07-07 13:19 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent
2016-07-13 09:22 - 2015-06-11 14:53 - 00000000 ____D C:\Users\grevolorio.trmdu2
2016-07-12 16:21 - 2012-01-26 17:19 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-12 16:21 - 2011-01-21 11:27 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-11 14:08 - 2015-06-30 08:57 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-07-11 10:59 - 2012-06-11 10:02 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-09 08:49 - 2015-07-07 11:43 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-07-09 08:49 - 2014-02-28 10:55 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-07-07 09:58 - 2015-06-17 13:26 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Local\calibre-cache
2016-07-07 09:22 - 2015-06-17 13:25 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Roaming\calibre
2016-07-01 13:31 - 2015-11-02 15:45 - 00000960 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2016-07-01 13:31 - 2011-06-09 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2016-07-01 13:31 - 2011-06-09 14:01 - 00000000 ____D C:\Program Files (x86)\Calibre2
2016-06-27 11:21 - 2015-09-23 03:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-27 11:21 - 2012-10-10 13:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-27 10:24 - 2015-06-11 20:51 - 00000000 ____D C:\Users\grevolorio.trmdu2\.VirtualBox
2016-06-24 17:46 - 2015-06-17 09:21 - 00143848 _____ C:\Users\grevolorio.trmdu2\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-21 05:42 - 2013-11-12 12:46 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-21 05:41 - 2014-03-18 09:15 - 00000000 ____D C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories =======

2012-01-30 09:55 - 2015-06-11 15:56 - 16258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-06-12 19:46 - 2015-06-12 19:46 - 0000064 _____ () C:\Users\grevolorio.trmdu2\AppData\Roaming\Sandra.ldb
2015-06-12 19:46 - 2015-06-12 21:14 - 14417920 _____ () C:\Users\grevolorio.trmdu2\AppData\Roaming\Sandra.mdb
2015-08-28 17:23 - 2015-08-28 17:23 - 0000020 ___SH () C:\Users\grevolorio.trmdu2\AppData\Roaming\Sys11965 DataCollection.dat
2015-08-28 17:23 - 2015-08-28 17:23 - 0000020 ___SH () C:\Users\grevolorio.trmdu2\AppData\Roaming\System413_DataDB.ind
2015-07-04 08:40 - 2015-07-09 19:01 - 0000600 _____ () C:\Users\grevolorio.trmdu2\AppData\Roaming\winscp.rnd
2015-09-28 09:21 - 2015-09-28 09:21 - 0000038 ___SH () C:\Users\grevolorio.trmdu2\AppData\Local\5678c43253f8bbb5ed82a9.59421958
2015-07-04 08:47 - 2015-07-13 11:07 - 0000600 _____ () C:\Users\grevolorio.trmdu2\AppData\Local\PUTTY.RND
2015-09-16 12:03 - 2015-09-16 12:03 - 0045957 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-09-16 12:03 - 2015-09-16 12:03 - 0000296 _____ () C:\ProgramData\HELP_DECRYPT.URL
2012-08-20 10:22 - 2012-08-28 15:25 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-12-18 12:06 - 2014-12-18 12:06 - 0000202 _____ () C:\ProgramData\nbinst.ini
2013-11-25 17:35 - 2013-11-25 17:35 - 0000018 _____ () C:\ProgramData\ruby-uuid

Files to move or delete:
====================
C:\Users\grevolorio\SyncToy_6f9d1157-50ab-4e8a-b246-c8013fe8d91a.dat
C:\Users\grevolorio\SyncToy_eb83ad46-2f1d-44ad-8333-991854e5ef51.dat


Some files in TEMP:
====================
C:\Users\grevolorio\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_kz8ag.dll
C:\Users\grevolorio\AppData\Local\Temp\RoboForm-Setup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-07 10:41

==================== End of FRST.txt ============================

 

 

And the Addition.txt is:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2016 03
Ran by grevolorio (2016-07-18 11:08:11)
Running from C:\Users\grevolorio.trmdu2\Desktop
Windows 7 Professional Service Pack 1 (X64) (2012-06-05 17:59:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3578782807-1016812498-1856270605-500 - Administrator - Disabled)
grevolorio (S-1-5-21-3578782807-1016812498-1856270605-1009 - Administrator - Enabled) => C:\Users\grevolorio.trmdu2
Guest (S-1-5-21-3578782807-1016812498-1856270605-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Out of date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Out of date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\uTorrent) (Version: 3.4.3.40466 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.3.40466 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.15 - STMicroelectronics)
Acute Email IDs Production Engine (HKLM-x32\...\{CB72E17B-1BCA-441F-A8A0-64C6FDF09425}) (Version: 10.3.5 - SAGAWEBS.COM)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe LiveCycle Designer 7.1 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\InstallShield_{B8420E42-9664-43AF-BD01-F7B12EBA92CF}) (Version: 7.1.0000 - Adobe)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader 64-bit fixes (HKLM\...\{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1) (Version:  - Leo Davidson / Pretentious Name)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Allway Sync version 10.3.25 (HKLM\...\Allway Sync_is1) (Version:  - Botkind Inc)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6F085FCD-4B6A-4F63-AF23-B74629C40797}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-5 - Wacom Technology Corp.)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.0 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.0.0 - Wacom Europe GmbH) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
BHODemon 2.0.0.23 (HKLM-x32\...\BHODemon_is1) (Version:  - Definitive Solutions, Inc.)
BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 2.0.128 - BitTorrent Inc.)
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Box Edit (HKLM-x32\...\{8887D190-E3EC-45D9-A62D-DF423B53CBEE}) (Version: 3.0.25.511 - Box)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
calibre (HKLM-x32\...\{BA623AFD-BE42-4B5F-9B8E-01FAB9BB2B51}) (Version: 2.61.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{95EB2FCC-AE0B-40E9-B804-347C6358923B}) (Version: 51.0.2704.7 - Google Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{AFB80939-4486-49D8-A04E-2B05C0F2DE39}) (Version: 1.0.252 - Citrix)
ClipX (HKLM-x32\...\ClipX) (Version:  - )
Color Cop 5.4.3 (HKLM-x32\...\Color Cop_is1) (Version:  - Jay Prall)
Color Picker (HKLM-x32\...\ST6UNST #1) (Version:  - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CutePDF Professional 3.3 (HKLM-x32\...\{F10D1D8F-C20C-4F0D-B243-688C0C6873F6}) (Version: 3.30.1001 - Acro Software Inc.)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
eReader (HKLM-x32\...\{453C9E55-80DF-4BD2-9885-52A1FB0D9382}) (Version: 3.0.3 - Palm Digital Media)
Evernote v. 5.2 (HKLM-x32\...\{090931D6-A2F4-11E3-AD9C-00163E98E7D0}) (Version: 5.2.0.2946 - Evernote Corp.)
ExtraPutty 0.22 (HKLM-x32\...\{14C76057-E495-47E1-BDF0-1A1CC1752ADF}) (Version: 0.22 - )
Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.5.6 - Telerik)
FileMenu Tools (HKLM\...\FileMenu Tools_is1) (Version:  - LopeSoft - Rubén López Hernández)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Fine Woodworking Archive (HKLM-x32\...\{84D74E02-0F71-4107-B92F-48848C06ABB0}) (Version: 2.0.1 - Taunton)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Git version 1.7.6-preview20110708 (HKLM-x32\...\Git_is1) (Version: 1.7.6-preview20110708 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GoToMeeting 7.2.0.2759 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.2.0.2759 - CitrixOnline)
Gtk# for .Net 2.12.25 (HKLM-x32\...\{889E7D77-2A98-4020-83B1-0296FA1BDE8A}) (Version: 2.12.25 - Xamarin, Inc.)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
HDR projects 4 professional (64-Bit) (HKLM\...\HDR_PROJECTS_4_3_3BF7CE82_is1) (Version: 4.41 - Franzis Verlag GmbH)
hMailServer 5.6.4-B2283 (HKLM-x32\...\hMailServer_is1) (Version:  - )
huey 1.0.5 (HKLM-x32\...\huey_is1) (Version:  - Pantone & GretagMacbeth)
IdeaRoom (HKLM-x32\...\{9D3E0103-F902-4368-8CAE-21EE46F2DE9E}) (Version: 1.36.0070 - Sawtooth Ideas)
IETester v0.4.10 (remove only) (HKLM-x32\...\IETester) (Version: 0.4.10 - Core Services)
iExplorer 3.2.2.6 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
IMG to ISO (HKLM-x32\...\{F10528D1-6478-4F67-A393-CCAC1DB958C1}_is1) (Version:  - imgtoiso.com)
Inkscape 0.48.1  (HKLM-x32\...\Inkscape) (Version: 0.48.1 - )
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
IsoBuster 3.4 (HKLM-x32\...\IsoBuster_is1) (Version: 3.4 - Smart Projects)
iTunes (HKLM\...\{709990D1-03DA-4302-B364-E4D9F17E2198}) (Version: 12.4.1.6 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.1 (HKLM-x32\...\{CD0159C9-17FB-11D6-A76A-00B0D079AF64}) (Version:  - )
Java 2 Runtime Environment, SE v1.4.1_07 (HKLM-x32\...\{CA532E73-1BB7-11D8-9D6A-00010240CE95}) (Version:  - )
Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
Java Web Start (HKLM-x32\...\Java Web Start) (Version:  - )
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 29 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416029FF}) (Version: 6.0.290 - Oracle)
Java(TM) 6 Update 39 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216039FF}) (Version: 6.0.390 - Oracle)
Java(TM) SE Development Kit 6 Update 39 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160390}) (Version: 1.6.0.390 - Oracle)
Java(TM) SE Development Kit 7 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
join.me (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\JoinMe) (Version: 1.17.0.156 - LogMeIn, Inc.)
Keywords Studio Pro (HKLM-x32\...\Keywords Studio Pro 1.0.0) (Version: 1.0.0 - intraSEO)
Keywords Studio Pro (x32 Version: 1.0.0 - intraSEO) Hidden
KinoniDrivers 2.8.1 (HKLM-x32\...\KinoniDrivers) (Version: 2.8.1 - Kinoni)
K-Lite Codec Pack 8.6.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.6.0 - )
KMSpico v9.3.1 (HKLM\...\KMSpico_is1) (Version: 9.3.1 - )
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LAN-Fax Utilities (HKLM\...\LAN-Fax Utilities) (Version:  - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Launchy 2.5 (HKLM-x32\...\Launchy_21344213_is1) (Version:  - Code Jelly)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.71 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.71 - Alliance Software Pty Ltd) Hidden
Maxwell for SketchUp 2014 (HKLM-x32\...\{E3FA7086-A065-4FAF-B819-400927194F80}) (Version: 3.0.11 - Next Limit Technologies)
MDF to ISO version 1.0 (HKLM-x32\...\{79DDA36F-B19E-4293-A4F2-FA3EC1C06E6E}_is1) (Version: 1.0 - mdftoiso.com)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Metalogix Content Matrix Console - File Share Edition (HKLM-x32\...\{99641A98-EE9B-4521-916C-DF09AC9DD4A3}) (Version: 6.2.0302 - Metalogix Software Corp.)
Metalogix Content Matrix Console - Public Folder Edition (HKLM-x32\...\{E18CB092-505F-4FE1-B4C7-C53DBBBBA938}) (Version: 6.2.0302 - Metalogix Software Corp.)
Metalogix Content Matrix Console - SharePoint Edition (HKLM-x32\...\{A4E8B4B5-C6D6-414B-A513-EDDB70F58959}) (Version: 6.2.0302 - Metalogix Software Corp.)
Micro-Measure (HKLM-x32\...\{75E1D518-6772-4073-A71C-354B71181391}) (Version: 1.0.0 - Brightwell)
Microsoft .NET Compact Framework 1.0 SP3 Developer (HKLM-x32\...\{6C531060-84FB-4F96-8F33-29DF020632EB}) (Version: 1.0.4292 - Microsoft Corporation)
Microsoft .NET Compact Framework 2.0 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5238 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Device Emulator version 1.0 - ENU (HKLM-x32\...\{78B75C6D-E53C-424C-BF83-4B63BD4A6682}) (Version: 1.0.50727.42 - Microsoft Corporation)
Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version:  - Microsoft Corporation)
Microsoft Exchange Web Services Managed API 2.1 (HKLM-x32\...\{24CA683D-8174-4EBF-AD4D-3F2DD7814716}) (Version: 15.0.847.30 - Microsoft Corporation)
Microsoft Expression Blend 3 SDK (HKLM-x32\...\{256E7DAC-9BE8-494E-8DE7-7857BF96B774}) (Version: 1.0.1343.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.20525.0) (Version: 4.0.20525.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{9B3A1C97-A361-463E-8817-444F9F88CDFE}) (Version: 2.0.20525.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}) (Version: 2.0.20525.0 - Microsoft Corporation)
Microsoft Expression Design 4 (HKLM-x32\...\Design_7.0.20516.0) (Version: 7.0.20516.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1639.0) (Version: 4.0.1639.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{BF127B80-CFD5-4379-9752-E8AF1A5D0141}) (Version: 4.0.1639.0 - Microsoft Corporation)
Microsoft Expression Studio 4 (HKLM-x32\...\ExpressionStudio_4.0.20525.0) (Version: 4.0.20525.0 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1303.0) (Version: 4.0.1303.0 - Microsoft Corporation)
Microsoft Expression Web 4 Service Pack 2 (HKLM-x32\...\{F5993FCC-DF5D-4879-B70D-AA1F379C5C6B}) (Version:  - Microsoft Corporation)
Microsoft Filter Pack 1.0 (HKLM\...\{95120000-2000-0409-1000-0000000FF1CE}) (Version: 12.0.4518.1104 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Lync 2010 Attendee (HKLM-x32\...\{09335E49-1C8F-4973-9929-941BE9C6EF33}) (Version: 4.0.7577.4498 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM\...\{52CAD0B7-8759-4CE5-94D7-8825BBFD7445}) (Version: 15.8.8653.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4833.1001 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Developer Tools for Visual Studio 2013 - November 2014 Update (HKLM-x32\...\{ac415136-ae46-4301-b23e-6559062bfa7b}) (Version: 12.0.31105.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version:  - Microsoft)
Microsoft Office Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesignerR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version:  - Microsoft)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version:  - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Robocopy GUI (HKLM-x32\...\{107C666F-63C5-4263-8D40-8B9CFB5FED08}) (Version: 1.0.0 - Microsoft)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM-x32\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{62D2F823-0EAA-496D-B0F9-A869BFC51550}) (Version: 8.05.2312 - Microsoft Corporation)
Microsoft SQL Server 2005 Books Online (English) (September 2007) (HKLM-x32\...\{6FDD4688-E063-401D-B6BE-7234E20B9173}) (Version: 9.00.3104 - Microsoft Corporation)
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools (HKLM-x32\...\{1389C6A4-4965-4AEC-9175-08B54A10FA48}) (Version: 3.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies  (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{88CB5DFD-6CE1-486F-998C-9FC090FCE5E2}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 64bit Prerequisites (x64) - ENU (HKLM\...\{75F299F3-8234-47CD-BB40-2994C1B1105E}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio 2005 Premier Partner Edition - ENU (HKLM-x32\...\{C25EF637-BE7A-4761-9B45-9069989C319F}) (Version: 8.0.50728 - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601) (HKLM-x32\...\KB926601.T2_29ToU260_29) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 SharePoint Power Tools (HKLM-x32\...\{FD84580C-12DC-3BA4-ABE8-1E337F776F1D}) (Version: 10.0.30604 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
MoSync (HKLM-x32\...\MoSync) (Version:  - Mobile Sorcery)
MotoHelper 2.1.32 Driver 5.2.0 (HKLM-x32\...\MotoHelper) (Version: 2.1.32 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 5.2.0 (Version: 5.2.0 - Motorola Inc.) Hidden
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSDN Library for Visual Studio 2005 (HKLM-x32\...\MSDN Library for Visual Studio 2005) (Version: 8.0.50727.42 - Microsoft)
MSDN Library for Visual Studio 2005 (x32 Version: 8.0.50727.42 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyLifeOrganized v. 4.3.1 (HKLM-x32\...\MyLife Organized) (Version: 4.3.1 - MyLifeOrganized.net)
MySQL Connector/ODBC 5.3 (HKLM\...\{43E572BC-B21F-4BEC-94CA-2D4AA6F53246}) (Version: 5.3.2 - Oracle Corporation)
MySQL Tools for 5.0 (HKLM-x32\...\{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}) (Version: 5.0.17 - MySQL AB, Sun Microsystems, Inc.)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Node.js (HKLM\...\{FC4E166C-598C-48CC-BFAC-A709121D3B2C}) (Version: 0.10.22 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.6.2 - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5951 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.5951 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OutlookTools 2 (HKLM-x32\...\{E69BB189-4B20-46AE-93CF-59099F05FC3F}) (Version: 2.3.0 - HowTo-Outlook)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 Design-Time - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Pandora (HKLM-x32\...\com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1) (Version: 2.0.5 - Pandora Media, Inc.)
Pandora (x32 Version: 2.0.5 - Pandora Media, Inc.) Hidden
Paprika Recipe Manager (HKLM-x32\...\{E9AC2A1E-F693-43D0-BBF4-C57A4D9BDFCF}) (Version: 1.0.4 - Hindsight Labs LLC)
ParetoLogic Data Recovery (HKLM-x32\...\{B1C2398C-6FAB-46D1-806C-5942F0829994}) (Version: 1.1.0 - ParetoLogic)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFill PDF Editor with FREE PDF Writer and Tools (HKLM-x32\...\{D12EBB4E-CF21-496D-979F-89D9DE58C5B8}) (Version: 5.0 - PlotSoft LLC)
PDFill PDF Writer (HKLM-x32\...\PDFill PDF Writer) (Version:  - )
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
PlayLater (HKLM-x32\...\{B9050F2D-0F98-4530-A494-FCA63931FBE5}) (Version: 1.6.42 - MediaMall Technologies, Inc.)
PlayOn (HKLM-x32\...\{8D437274-5816-474B-B57C-C28D62433F8F}) (Version: 3.10.42 - MediaMall Technologies, Inc.)
Plex (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Plex) (Version: 0.9.502 - Plex, Inc)
Polipo 1.0.4.1 (HKLM-x32\...\Polipo) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python 2.6 pycrypto-2.3 (HKLM-x32\...\{D6242566-9EF5-426E-8F75-F4FBCC010186}) (Version: 2.3.0 - Dwayne C. Litzenberger)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Qdabra Rules Library (HKLM\...\{50F764E1-0DB5-4252-8AE9-780BB3A3B16C}) (Version: 2.3.0005 - Qdabra Software)
Qdabra Rules Library (HKLM-x32\...\{0643AB4D-8502-47FF-AB27-FCF3649CC3C3}) (Version: 6.1.0001 - Qdabra Software)
Qdabra Rules Library (HKLM-x32\...\{2CEB2CBB-6939-48B7-989A-AB01FBB6B14E}) (Version: 5.1.0000 - Qdabra Software)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAMDisk (HKLM-x32\...\{01D5FF1F-BB19-4387-8EF1-C6319037EC12}) (Version: 3.5.130 - Dataram, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
Recover My Files (HKLM-x32\...\Recover My Files_is1) (Version: 4.9.2.1240 - GetData Pty Ltd)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Reflector (HKLM\...\{77342B24-A2A9-4420-8C9C-C109EE201CBC}) (Version: 1.3.3.1 - Squirrels)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.92 (HKLM-x32\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Revo Uninstaller Pro 2.4.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.4.3 - VS Revo Group, Ltd.)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
RoboForm 7-9-14-4 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-14-4 - Siber Systems)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.66.00(10/30/2014) - Samsung Electronics Co., Ltd.)
Samsung M2020 Series (HKLM-x32\...\Samsung M2020 Series) (Version: 1.23 (12/24/2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Saver2 (HKLM-x32\...\Saver2) (Version: 1.3.2 - ZZJ)
ScanSoft PDF Create! 4 (HKLM\...\{33307810-2945-4F3F-8FEA-0BF522AEFCA7}) (Version: 4.01.0069 - Nuance Communications, Inc.)
Scrum Solution Starter for Microsoft Project 2010 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CC7790844E65D3F0F0686CF43FEDFB17AA666F95) (Version: 1.0.0.71 - Microsoft)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
Send to OneNote 2007 (HKLM-x32\...\{D0180909-85ED-4F97-B12C-C9E3129F78DC}) (Version: 1.0.0 - Microsoft Office OneNote 2007 PowerToys)
SendToOneNote for Chrome (HKLM-x32\...\{62A77CC8-B17A-49C0-9BE6-E77216E86BD3}) (Version: 1.2.0 - Aspark Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0017-0000-0000-0000000FF1CE}_Office14.SharePointDesigner_{8B883A57-E4BC-4745-8E6C-68168850F9DD}) (Version:  - Microsoft)
SharePoint Client Components (HKLM\...\{95150003-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4641.1002 - Microsoft Corporation)
SharePoint Client Components (HKLM\...\{95160002-1163-0409-1000-0000000FF1CE}) (Version: 16.0.3104.1200 - Microsoft Corporation)
Sharpener Pro 3.0 (HKLM-x32\...\Sharpener Pro 3.0 Stand-Alone) (Version: 3.0.0.5 - Nik Software, Inc.)
Sigil 0.4.2 (HKLM\...\Sigil_is1) (Version:  - John Schember)
SiSoftware Sandra Business 2015 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.10.2015.1 - SiSoftware)
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
SketchUp 2015 (HKLM\...\{90A6F70E-96AD-4054-AB8F-42BCFA75F8EC}) (Version: 15.0.9350 - Trimble Navigation Limited)
Skype Toolbars (HKLM-x32\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4137 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sparkol VideoScribe (HKLM-x32\...\Sparkol VideoScribe 2.0) (Version: 2.0 - Sparkol)
Sparkol VideoScribe (x32 Version: 2.0 - Sparkol) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2012 Client Tools (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQLXML4 (HKLM\...\{DEA9F247-F832-4E36-90BF-D8EDA206521A}) (Version: 9.00.5000.00 - Microsoft Corporation)
Stardock WindowBlinds (HKLM-x32\...\Stardock WindowBlinds) (Version: 8.12 - Stardock Software, Inc.)
Stickies 7.1e (HKLM-x32\...\ZhornStickies) (Version:  - Zhorn Software)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
Synergy (64-bit) (HKLM\...\{77865914-4067-41D2-8DE0-ACFA9C83351D}) (Version: 1.7.6 - The Synergy Project)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.62308 - TeamViewer)
TeraCopy 2.12 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector Inc.)
TopStyle (Version 3) (HKLM-x32\...\TopStyle (Version 3)) (Version: 3.1.0 - Bradbury Software, LLC)
Tor 0.2.1.30 (HKLM-x32\...\Tor) (Version:  - )
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84.4 - Transmission)
TreeSize Free V2.6 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.6 - JAM Software)
TreeSize Professional 5.3.4 (HKLM-x32\...\TreeSize Professional_is1) (Version: 5.3.4 - JAM Software)
TuneUp 2.5.0.0 (HKLM-x32\...\TuneUpMedia) (Version: 2.5.0.0 - TuneUp Media, Inc.)
TuneWiki (HKLM-x32\...\TuneWiki) (Version: 1.0.165.0 - TuneWiki)
U2 PCAM (HKLM-x32\...\{F89DC420-FF15-485D-8254-67A27ED1313B}) (Version: 1.2.3.4 - Genesys Logic)
Unlocker 1.9.1 (HKLM-x32\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version:  - Microsoft)
Update or Uninstall SENukeX (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\2ce4fd5e017fe1d3) (Version: 3.0.0.56 - SENukeX)
Update or Uninstall SENukeX (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\2ce4fd5e017fe1d3) (Version: 3.0.0.56 - SENukeX)
Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
Velvia Vision (HKLM-x32\...\{F02DBC56-E5AB-4F74-B995-4586F91D4BDC}) (Version: 1.0 - Fred Miranda)
Vertus Fluid Mask 3 2.100.2-RC2 (HKLM-x32\...\VertusFluidMask3) (Version: 2.100.2-RC2 - )
Vidalia 0.2.12 (HKLM-x32\...\Vidalia) (Version:  - )
Video Enhancer 1.9.6 (HKLM-x32\...\Video Enhancer_is1) (Version:  - Infognition Co. Ltd.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 9.0.0 - VMware, Inc)
VMware Workstation (Version: 9.0.0 - VMware, Inc.) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WebTablet FB Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.1 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinDirStat 1.1.2 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WinDirStat) (Version:  - )
WinDjView 2.0.2 (HKLM\...\WinDjView) (Version: 2.0.2 - Andrew Zhezherun)
WindowFX (x32 Version: 5.01 - Stardock Corporation) Hidden
Windows Driver Package - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (09/17/2009 3.0.0.5) (HKLM\...\929413420CDE2F0C2C08C06E73FF16D9CB6C9807) (Version: 09/17/2009 3.0.0.5 - Apple Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Resource Kit Tools (HKLM-x32\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation)
WinISO (HKLM-x32\...\WinISO) (Version: 6.3.0.4829 - WinISO Computing Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 4.3.5 (HKLM-x32\...\winscp3_is1) (Version: 4.3.5 - Martin Prikryl)
WinSnap (HKLM-x32\...\WinSnap) (Version: 4.0.8 - NTWind Software)
WinX DVD Author 5.8 (HKLM-x32\...\WinX DVD Author_is1) (Version:  - FreetimeSoft, Inc.)
Workflow Manager Client 1.0 (HKLM\...\{A5ABAF5F-B5B6-44B3-B69F-2E13DC60FC9F}) (Version: 2.0.40131.0 - Microsoft Corporation)
Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{A79F6653-6AF1-4AF2-BC15-F5D6C05E1E6A}) (Version: 2.0.40326.0 - Microsoft Corporation)
Workrave 1.10 (HKLM-x32\...\Workrave_is1) (Version:  - Rob Caelers & Raymond Penners)
WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)
xplorer² professional 64 bit (HKLM\...\xplorer2p64) (Version: 2.5.0.2 - Zabkat)
yEd Graph Editor 3.9.2 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.9.2 - yWorks GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для среды разработки набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\grevolorio\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\2185\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\grevolorio\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01948B03-BD45-4976-8D31-7855925672EC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => F:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {05C8BCBA-5173-4FD5-AB52-1671D7DC2D35} - System32\Tasks\{6D5E1E37-7B03-499C-9F90-D7F8A3F44FD4} => pcalua.exe -a "F:\Adobe CS4\Master Collection\Adobe CS4\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files (x86)\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02" -c -silent
Task: {0DA826DA-C315-408E-A81B-346FA731E686} - System32\Tasks\{4BD142E9-8A9E-4CF1-8E08-D7B5ABC463F4} => pcalua.exe -a "F:\kodiRelated\FTV v0.52\FTV\Amazon FireTV Utility App.exe"
Task: {13009AEA-3E20-4C03-98ED-1DDAA2CBE59A} - System32\Tasks\{1E1D40DD-B7F0-437F-919E-7299C2A201C8} => pcalua.exe -a C:\Users\grevolorio\Desktop\vpnclient-win-msi-5.0.01.0600-k9.exe -d C:\Users\grevolorio\Desktop
Task: {1CA54BD7-F8FE-43D7-A568-902BD730F451} - System32\Tasks\{C9D0DEFF-43BC-4715-854F-00A22264221D} => pcalua.exe -a F:\Downloads\Drawing\Pencil-Portrait-Tutorial--How-Beginners-Learn-To-Draw-Pencil-Portraits-Quickly-And-Easily.exe -d F:\Downloads\Drawing
Task: {1D334B1E-CF07-488F-9133-6C6018482BF0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {220D5B9C-CC4B-43A8-BE1B-5AA45467AF92} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {2541E100-9850-45B0-8A0C-D00427497A49} - System32\Tasks\{2662DE15-9BFB-4C94-ABE1-B60C1CDBE28D} => pcalua.exe -a "C:\Users\grevolorio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H3XG5VDK\lastpass_x64[1].exe" -d C:\Users\grevolorio\Desktop
Task: {2A46E8FA-0109-4EB2-8581-D8E1CC3F8D47} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {2AC1D17C-EA09-4710-85F9-66D640AA0BF3} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {2C2A0C7C-A15F-473C-9A03-A80299CEEC13} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation)
Task: {3100B96D-BB14-4990-BD3D-54ABC9D6445D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
Task: {327B3BA7-B8A2-4705-A7D4-9A7536F0D564} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {379F9252-C770-44AA-AF2C-037D7FDACF84} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-06-19] (Siber Systems)
Task: {384B22B0-4F48-47CA-A1B8-7D998C13032C} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {4D0D22B8-4C7A-44F5-B04F-96AB41E171EF} - System32\Tasks\ParetoLogic Update Version2 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2008-02-22] ()
Task: {58289E57-EE9B-437E-9BF3-CCB6ABF1E425} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {59479587-6ECE-4E1C-9E21-55309D69125C} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJMKMGMNJLJIMKJJJCNOMMJOJKMCNLMJMIMJMCNGMLJIMPMCNLMJMPMMMMJKMLMOJKJKJPMIMJNJICMIMCNGMCNOMLMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMEKMICNJJCKFMLMLMPMJNHICMEKMICNJJCKJNBJCMJNKJCMJNNICMJNDJCMKJBJJNMJCMOMFMKMKMFMPMJN (the data entry has 33 more characters).
Task: {5B725530-FFAB-4A23-8563-A928DF68D79B} - System32\Tasks\G2MUpdateTask-S-1-5-21-1085031214-796845957-725345543-2108 => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupdate.exe [2015-07-02] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {5D3FF025-C318-46AB-A7A4-5A8F209A70F7} - \SidebarExecute -> No File <==== ATTENTION
Task: {6184FBBE-4AA1-42ED-A3A1-E6838CA95637} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {65EDF042-6E5E-4A9C-BCE8-01793ED9162F} - System32\Tasks\{DEDC4BB3-71C0-40D4-9A13-E7BEA775B519} => pcalua.exe -a F:\Downloads\AppleWirelessMouse64.exe
Task: {6E0AF919-E2BB-4343-80BD-9DB7B1320AC0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {729AE2CB-D745-4FDE-AD60-D0A8A4636D78} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => F:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-08-04] (AVG Technologies)
Task: {7CFEC956-1854-4D03-AC69-5FCACF3ED978} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {83A73D3C-C015-43F6-ABAB-27E7FC5C6590} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns
Task: {88FD29A9-84EF-4B5D-B6F4-945733D892B5} - System32\Tasks\{A2F28A60-837B-4A08-93CF-C81107A19128} => pcalua.exe -a "F:\Downloads\Stardock Object Desktop Suite\Stardock Object Desktop Suite\WindowBlinds 5 [Enhanced] - With Crack\WindowBlinds 5 [Enhanced].exe" -d "F:\Downloads\Stardock Object Desktop Suite\Stardock Object Desktop Suite\WindowBlinds 5 [Enhanced] - With Crack"
Task: {8B9FD64D-EE19-4346-AB88-F4084AA5EF60} - System32\Tasks\{E725F200-DE8A-4285-85FF-D7DA2DFE1545} => pcalua.exe -a F:\Downloads\solutoinstaller.exe
Task: {90FFDBF2-C8F2-4A2B-99C2-BD4B2BA8849B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {92FC9152-3CF6-4DC4-A1FF-8B31A85EC68D} - System32\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB} => F:\Program Files\Allway Sync\Bin\syncappw.exe [2010-05-31] ()
Task: {93F228DA-AB4B-4BD9-B6D4-456EB46BA16D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {97F9187F-9225-4089-8965-5A446FE551E5} - System32\Tasks\{6C938882-44FC-4762-8288-22AC4957F8AB} => pcalua.exe -a "C:\Users\grevolorio\Desktop\MsiZap (1).exe" -d C:\Users\grevolorio\Desktop
Task: {9D8F7C35-05F3-4098-A58A-CFDCE2571B56} - System32\Tasks\{A90FC29D-33BB-491B-AED4-86D69213CF61} => pcalua.exe -a "F:\Downloads\Microsoft Office 2010 Professional (No Key Required)\setup.exe" -d "F:\Downloads\Microsoft Office 2010 Professional (No Key Required)"
Task: {A10AE438-01D3-48A2-B1F9-9CFCF67E0B22} - System32\Tasks\{E00AD51B-21C4-4D8F-A4AB-7CC5931C85E2} => pcalua.exe -a "C:\FTV\Amazon FireTV Utility App.exe"
Task: {A2C753BE-80E2-4C1E-A35B-C6B17C5DE41F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {AD4D132B-F589-4AB7-9AC7-8E881E3CA6BA} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {AD684464-6AA5-4425-9D51-8804B6F5C03B} - System32\Tasks\{B40ADBCF-29B3-4A89-B5F3-2C6807F2DECB} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall INFOPATHR /dll OSETUP.DLL
Task: {AD9C8945-6414-46A1-B1CB-9348EE400E4F} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2013-03-21] ()
Task: {AFDFFF62-8D44-4454-8431-F540107AFF83} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJMGMJJLJJMMMLJNJCNMMPMPMHMCNLMGMKMOJCNHMMMNJHMCNNMKJKJOMLMLMKMKJOMPMMJJJJNJICMIMCNOMCNPMFMHMCNPMCNIMJMPMPMFMJMCNOMCNIMJMPMPMCNNMJNPICMLMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMIJNIKJJIAJDJAJNIGJAJJNKJCMJNNICMJNDJCMKJBJ"
Task: {B421371D-E6A0-44B4-B84E-BEB704B7D919} - System32\Tasks\{DBF89E59-98BD-464C-821B-C714ACBF7D00} => pcalua.exe -a "C:\Users\grevolorio\AppData\Local\Temp\Temp1_Drivers for apple majic mouse.zip\Drivers for apple majic mouse\64bit driver.exe"
Task: {B42859F1-52BE-4C0B-87A0-089A8A9525FE} - System32\Tasks\{A86051CA-CB2D-4CFC-AA2E-F97F003E332E} => pcalua.exe -a C:\Users\grevolorio.trmdu2\Downloads\VirtualBox-5.0.4-102546-Win.exe
Task: {B6124405-83CA-4BD7-9DFD-1176D9CFEA66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {B7D682DD-52E1-43BE-BBF8-FDC6840A7669} - System32\Tasks\{AEC957EE-1707-435F-9324-C5329BCEB8F2} => pcalua.exe -a F:\Downloads\AppleWirelessMouse64UNEASY.exe
Task: {BA7A7309-376A-49C5-8980-876C5ACE8DDE} - System32\Tasks\DocumentsBackupToNetworkDrive => C:\Program Files\SyncToy 2.1\SyncToyCmd.exe [2009-10-19] (Microsoft Corporation)
Task: {BFAECEBD-7839-4DE8-825D-A11D11B4ABE5} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-06-29] (@ByELDI)
Task: {C3513C86-0619-4FBC-B521-2594460A8AB7} - System32\Tasks\{5EF141E4-698E-4751-AFC4-21FB5FB4CCC4} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {C7E44BE0-CBC9-4833-85C7-DCDE3709A73A} - System32\Tasks\{3EE8355E-6EFE-4231-BA1C-0027510C8764} => pcalua.exe -a F:\Downloads\OfficeExcel2003XMLToolsAddin.exe -d F:\Downloads
Task: {D6847D8E-3585-4794-AD85-56EB9F05F9FA} - System32\Tasks\G2MUploadTask-S-1-5-21-1085031214-796845957-725345543-2108 => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupload.exe [2015-07-02] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {DDBE4BC3-4239-45EA-85A5-E4557D3F2AD6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {DE2F2154-92E1-40E2-8EB6-A80435CCCFB7} - System32\Tasks\{9AA97C05-331D-48E7-B2B6-393DA5DB59E3} => pcalua.exe -a F:\Downloads\Vertus_Fluid_Mask_3.2.1_MegaRapidshare.com\fluid_mask_3_setup_2.100.2-RC2.exe
Task: {E121D49B-E0A6-45BA-9FBA-E6A579E8DCAE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {E62AE87E-4B4E-4A62-A2A5-C62E351425B8} - System32\Tasks\{FB5637CE-774D-41E9-8A18-A66C6F08DE12} => pcalua.exe -a "F:\Downloads\windirstat1_1_2_setup (1).exe" -d F:\Downloads
Task: {E86215D1-331F-46EA-B5D2-DD63481E1867} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
Task: {E8FC4795-B64E-463C-96A9-BE0B8DBF960D} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {E96AA20C-5A24-4099-8877-9D626337E24D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F0F929D8-853A-41D7-BF97-78FBA3A7E8E9} - System32\Tasks\{5F894392-522C-4E66-80C8-E72C3D3AD54E} => pcalua.exe -a F:\Downloads\applewirelessmouse.exe
Task: {F379DF3B-1EC4-4330-84B3-57537B17F6CE} - System32\Tasks\CopyMyDocsToU_Drive => 
Task: {F787EACE-34DC-43A0-9DA4-440D0A487857} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {FC31E385-F59B-4071-A73F-53FC0F691907} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => F:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {FCAEA3E8-B27E-4792-96C7-DE1B513D73A6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {FE0A6D57-BA94-4854-A4CF-ED585B3BB4B5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job => F:\Program Files\Allway Sync\Bin\syncappw.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1085031214-796845957-725345543-2108.job => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1085031214-796845957-725345543-2108.job => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration.job => rundll32.exe  C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version2.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\grevolorio.trmdu2\Desktop\Gus - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk
ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9cc420c2be074d9\Identity API Scope Approval UI.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ahjaciijnoiaklcomgnblndopackapon

==================== Loaded Modules (Whitelisted) ==============

2012-05-15 13:12 - 2012-05-15 13:12 - 00385680 _____ () F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\WFX32.exe
2011-01-11 10:52 - 2009-11-05 08:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2015-08-28 15:35 - 2014-10-30 08:18 - 00029184 ____C () C:\Windows\System32\ssj2mlm.dll
2014-11-12 05:20 - 2014-11-12 05:20 - 00524800 _____ () f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
2015-08-04 08:26 - 2015-08-04 08:26 - 00718040 _____ () F:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2016-03-18 14:52 - 2016-03-18 14:52 - 00018600 _____ () C:\Program Files\Synergy\synwinhk.DLL
2016-03-16 06:17 - 2016-03-16 06:17 - 00052912 _____ () F:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2010-07-15 00:44 - 2010-07-15 00:44 - 00020032 _____ () F:\Program Files (x86)\Unlocker\UnlockerCOM.dll
2011-02-14 17:55 - 2009-06-21 08:52 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-08-04 08:26 - 2015-08-04 08:26 - 00861912 _____ () F:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:38 - 2014-09-08 13:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2016-03-18 14:52 - 2016-03-18 14:52 - 00312488 _____ () C:\Program Files\Synergy\synergyd.exe
2015-07-08 16:59 - 2016-04-19 19:26 - 00114888 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2010-11-08 11:15 - 2010-11-08 11:15 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2015-06-30 08:24 - 2015-06-30 08:24 - 00408576 _____ () F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll
2014-05-01 10:13 - 2014-05-01 10:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2016-07-01 08:50 - 2016-07-01 08:50 - 00171520 ____R () C:\Program Files (x86)\Calibre2\calibre.exe
2016-07-01 08:50 - 2016-07-01 08:50 - 00024576 ____R () C:\Program Files (x86)\Calibre2\calibre-parallel.exe
2016-06-17 17:07 - 2016-06-15 04:26 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 17:07 - 2016-06-15 04:26 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-03-18 14:52 - 2016-03-18 14:52 - 01881256 _____ () C:\Program Files\Synergy\synergy.exe
2016-03-18 14:52 - 2016-03-18 14:52 - 00979112 _____ () C:\Program Files\Synergy\synergys.exe
2014-08-20 09:47 - 2014-05-13 12:04 - 00109400 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-20 09:47 - 2014-05-13 12:04 - 00416600 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-20 09:47 - 2014-05-13 12:04 - 00167768 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-20 09:47 - 2012-08-23 10:38 - 00574840 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-20 09:47 - 2012-04-03 17:06 - 00565640 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-08-15 14:11 - 2012-08-15 14:11 - 01222656 _____ () F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\libxml2.dll
2016-07-01 08:47 - 2016-07-01 08:47 - 00037376 ____R () C:\Program Files (x86)\Calibre2\calibre-launcher.dll
2014-05-03 23:25 - 2014-05-03 23:25 - 00110080 ____R () C:\Program Files (x86)\Calibre2\DLLs\pywintypes27.dll
2016-07-01 08:47 - 2016-07-01 08:47 - 00057344 ____R () C:\Program Files (x86)\Calibre2\plugins2\progress_indicator.pyd
2016-07-01 08:47 - 2016-07-01 08:47 - 00069632 ____R () C:\Program Files (x86)\Calibre2\plugins2\imageops.pyd
2016-07-01 08:50 - 2016-07-01 08:50 - 00176128 ____R () C:\Program Files (x86)\Calibre2\DLLs\libxslt.dll
2016-07-01 08:50 - 2016-07-01 08:50 - 01069568 ____R () C:\Program Files (x86)\Calibre2\DLLs\libxml2.dll
2016-07-01 08:50 - 2016-07-01 08:50 - 00064000 ____R () C:\Program Files (x86)\Calibre2\DLLs\libexslt.dll
2014-12-10 12:23 - 2014-12-10 12:23 - 00426496 ____R () C:\Program Files (x86)\Calibre2\DLLs\sqlite3.dll
2016-07-01 08:47 - 2016-07-01 08:47 - 00035840 ____R () C:\Program Files (x86)\Calibre2\plugins2\wpd.pyd
2014-05-03 23:29 - 2014-05-03 23:29 - 00396800 ____R () C:\Program Files (x86)\Calibre2\DLLs\pythoncom27.dll
2016-07-01 08:46 - 2016-07-01 08:46 - 00262144 ____R () C:\Program Files (x86)\Calibre2\plugins2\hunspell.pyd
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-30 05:53 - 2015-09-01 08:25 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2016-05-12 19:57 - 2016-06-06 21:58 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-07-11 14:07 - 2016-06-06 21:58 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-07-11 14:07 - 2016-06-06 21:59 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-07-11 14:07 - 2016-06-06 21:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-05-12 19:57 - 2016-06-06 21:58 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-05-12 19:57 - 2016-06-06 21:58 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-07-11 14:07 - 2016-06-06 21:58 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-05-12 19:57 - 2016-07-05 14:00 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-05-12 19:57 - 2016-06-06 21:58 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-07-11 14:07 - 2016-07-05 13:59 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-05-12 19:57 - 2016-06-06 21:59 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-07-11 14:07 - 2016-07-05 13:59 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-07-11 14:07 - 2016-07-05 13:59 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-07-11 14:07 - 2016-06-06 22:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-07-11 14:07 - 2016-07-05 13:59 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-05-12 19:57 - 2016-06-06 21:58 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-07-11 14:07 - 2016-06-06 21:59 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-07-11 14:07 - 2016-07-05 13:59 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-07-11 14:07 - 2016-06-06 22:01 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-07-11 14:07 - 2016-07-05 14:00 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-11 14:07 - 2016-07-05 14:00 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-05-12 19:57 - 2016-06-06 21:59 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2014-08-20 09:47 - 2014-04-25 14:11 - 02972112 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\NotificationSpreader.dll
2016-03-08 09:04 - 2016-03-08 09:04 - 02415104 _____ () C:\Program Files\Synergy\QtCore4.dll
2009-01-10 10:32 - 2009-01-10 10:32 - 00011362 _____ () C:\Program Files\Synergy\mingwm10.dll
2009-06-22 18:42 - 2009-06-22 18:42 - 00043008 _____ () C:\Program Files\Synergy\libgcc_s_dw2-1.dll
2010-02-10 14:43 - 2010-02-10 14:43 - 09515520 _____ () C:\Program Files\Synergy\QtGui4.dll
2010-02-10 14:10 - 2010-02-10 14:10 - 01148416 _____ () C:\Program Files\Synergy\QtNetwork4.dll
2013-12-17 04:42 - 2013-12-17 04:42 - 00335872 _____ () C:\Program Files (x86)\MediaMall\lua51a.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows: [108]
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [125]
AlternateDataStreams: C:\Users\grevolorio.trmdu2\.DS_Store:AFP_AfpInfo [122]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7867 more sites.

IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\bunker -> hxxps://bunker
IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\calshr01 -> hxxp://calshr01
IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\calshr02 -> hxxp://calshr02
IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\emmarx.com -> hxxp://reports.emmarx.com
IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\inrangesystems.com -> hxxp://intranet.inrangesystems.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-se.com -> 1-se.com

There are 11773 more sites.

IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

There are 7867 more sites.

IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123simsen.com -> www.123simsen.com

There are 7867 more sites.

IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

There are 7867 more sites.

IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\greenskybrands.com -> hxxp://intranet.greenskybrands.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\greenskybrands.com -> hxxp://intranet.greenskybrands.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

There are 7867 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2011-10-28 15:03 - 2016-07-16 08:38 - 00450173 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1    localhost127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    www.10sek.com
127.0.0.1    10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    www.123fporn.info
127.0.0.1    123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123moviedownload.com
127.0.0.1    www.123moviedownload.com

There are 15466 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\grevolorio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\sharepointadmin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 75.75.75.75 - 192.168.0.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: CronService => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: sdAuxService => 3
MSCONFIG\Services: sdCoreService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^monitorpad.lnk => C:\Windows\pss\monitorpad.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Tor.lnk => C:\Windows\pss\Tor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^grevolorio.trmdu2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^grevolorio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MLO.lnk => C:\Windows\pss\MLO.lnk.Startup
MSCONFIG\startupfolder: C:^Users^grevolorio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyLife Organized.lnk => C:\Windows\pss\MyLife Organized.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files (x86)\Common Files\Acronis\Timounter\TimounterMonitor.exe
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApplePhotoStreams => 
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: AttendeeCommunicator => "C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe" /fromrunkey
MSCONFIG\startupreg: BackupAndRecoveryMonitor.exe => C:\Program Files (x86)\Acronis\BackupAndRecovery\BackupAndRecoveryMonitor.exe
MSCONFIG\startupreg: Box Edit => C:\Users\grevolorio.trmdu2\AppData\Local\Box\Box Edit\Box Edit.exe
MSCONFIG\startupreg: Box Local Com Server => C:\ProgramData\Box\ComServer\Box Local Com Service.exe
MSCONFIG\startupreg: ccApp => "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
MSCONFIG\startupreg: ClipToOneNote => 
MSCONFIG\startupreg: EEDSpeedLauncher => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: Google Desktop Search => 
MSCONFIG\startupreg: iCloudServices => 
MSCONFIG\startupreg: itype => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
MSCONFIG\startupreg: MobileDocuments => 
MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
MSCONFIG\startupreg: PlayOn => C:\Program Files (x86)\MediaMall\PlayOn.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: SDTray => "F:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Spybot-S&D Cleaning => "F:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Vidalia => "C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe"
MSCONFIG\startupreg: vmware-tray => 
MSCONFIG\startupreg: vmware-tray.exe => "F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-tray.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{2C84D7A8-185F-48F0-997F-3A814FEB1212}C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe] => (Allow) C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe
FirewallRules: [UDP Query User{76BCF8C2-EC1E-47FD-A852-CE49592796D5}C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe] => (Allow) C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe
FirewallRules: [{E4DAC48E-0F06-4425-87B9-7BD5994267BF}] => (Allow) F:\Downloads\solutoinstaller-Lc51Pys8GM.exe
FirewallRules: [{DE5F8045-275F-4630-8682-8236CFC1A9FA}] => (Allow) F:\Downloads\solutoinstaller-Lc51Pys8GM.exe
FirewallRules: [{3CAF5393-735B-4381-9C98-BE52D398D458}] => (Allow) C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe
FirewallRules: [{D093949F-C20C-4810-B36E-6B28E571CC81}] => (Allow) C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe
FirewallRules: [{C6F07D1B-04C4-4F10-BDA4-374E78C5EF19}] => (Allow) C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe
FirewallRules: [{24C77659-9DEF-4ABA-B4B9-64F8BC15A943}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B5BA6578-03EA-4F19-B6A2-C924C6C8E14F}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe
FirewallRules: [{758E4422-978B-47A4-86E4-B8F589FB2F26}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe
FirewallRules: [{051D6AFF-140B-4251-A785-C60079EDB7FD}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-hostd.exe
FirewallRules: [{7AC51C86-1E31-4E96-A1FF-7A9E9D7CE9C1}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-hostd.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [{E82D2D2F-BFBD-41F4-A369-818C95FE2B09}] => (Allow) C:\Users\grevolorio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B9EB0C5C-06D4-405B-BFEF-E1240AFC3A92}] => (Allow) C:\Users\grevolorio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4FE7CDC6-7A33-4C99-ABED-B4C4EA2F2743}] => (Allow) C:\Program Files (x86)\Fiddler2\Fiddler.exe
FirewallRules: [{46A01AAE-281A-4A88-9B9E-D5E9DD8EF2B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA765390-3C76-4719-96A5-CFF7997FFC8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{51707004-99BF-4B82-866C-6DBD656522DB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6EE70C80-E842-4BB8-8FB2-4183E0A2B6CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B261E1BA-7CCA-4BDA-A864-90AD5F09B541}] => (Allow) C:\Users\grevolorio\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{B05ABD30-952F-4977-88FB-0BF6B0D8486C}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [{0E804373-A724-4174-95E8-11BF1A486C38}] => (Allow) F:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{482C2904-B9EB-460A-B24A-CDE0111F39B6}] => (Allow) F:\Program Files (x86)\BitTorrent Sync\BTSync.exe
FirewallRules: [{30113CC9-EA36-40C1-ACE3-9C07A0D32065}] => (Allow) F:\Program Files (x86)\BitTorrent Sync\BTSync.exe
FirewallRules: [{455BC505-116E-4778-9C47-D0039C5ABD3F}] => (Allow) LPort=12292
FirewallRules: [{48E75E71-2CBD-4890-8FDF-D76036F2069D}] => (Allow) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
FirewallRules: [{B80C427A-4A78-4C8F-8C5A-F9137515E7DA}] => (Allow) C:\Program Files (x86)\MediaMall\SettingsManager.exe
FirewallRules: [{97D36CA4-D871-4663-BF1F-D7D27925F9D4}] => (Allow) C:\Program Files (x86)\MediaMall\PlayMark.exe
FirewallRules: [{53162F45-0E3E-441F-AD2A-795DD8EBAB2D}] => (Allow) C:\Program Files (x86)\MediaMall\Surfer.exe
FirewallRules: [{CB2F542C-B0A8-44DC-87F1-457206EFAC68}] => (Allow) C:\Program Files (x86)\MediaMall\PlayLater.exe
FirewallRules: [{69B9AE74-7660-4131-A026-481F146680CA}] => (Allow) f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\RpcAgentSrv.exe
FirewallRules: [{8A1F8345-6A95-49F8-A078-63007A1228A3}] => (Allow) f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{C974CD50-7415-43E1-9081-9640AB51C81D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CE7E25B2-F63F-4E9B-8373-0A23074C71B1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{EBC71303-5F45-4EDC-8E05-A3C6405AF3E8}C:\program files (x86)\calibre2\calibre.exe] => (Allow) C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [UDP Query User{49A87548-8B14-4D3A-BA89-3E30CBD64639}C:\program files (x86)\calibre2\calibre.exe] => (Allow) C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [{8A45DF66-77B3-47F5-9E5B-6E67E8CD3672}] => (Block) C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [{2358E7EC-EE95-49BE-8DE1-26AF8F97ADAD}] => (Block) C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [TCP Query User{011516DF-6F3F-479A-8621-1D0D84A0991F}F:\program files\transmission\transmission-qt.exe] => (Allow) F:\program files\transmission\transmission-qt.exe
FirewallRules: [UDP Query User{ABA9851F-F69F-4C9D-A24E-A115D08E0AB4}F:\program files\transmission\transmission-qt.exe] => (Allow) F:\program files\transmission\transmission-qt.exe
FirewallRules: [{4095281A-CA21-41D6-BA24-5FE980C904D0}] => (Block) F:\program files\transmission\transmission-qt.exe
FirewallRules: [{24B34338-DD29-4CA9-AD70-42F3924DD47F}] => (Block) F:\program files\transmission\transmission-qt.exe
FirewallRules: [{AED27814-FFA9-4899-B195-BE194AA6F13A}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A0DE4516-2BD6-4D21-AE2B-124A3B182B0C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E0D62CAE-785A-402E-A297-8B4033C9B7A7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{932729FC-8CEF-4D87-B35B-8778A82696D8}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1706A022-0050-4667-91AA-26B728B5ADD8}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1EBA2EAC-E1BE-48CE-A61E-C0BEF9EC4047}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{583FE798-093F-4AFC-87FB-6E46B63294A7}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EA173698-EF6B-4459-A147-42C9EDA2520C}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F3E80BF7-DA3F-42AB-84EB-C25F52B2AF47}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{71CA5F73-AFD7-40C6-BDAF-10CC1A9579E5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{4D1F3054-3DA7-46C6-BF81-7F064302A7E6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{29A5A62E-BA87-4660-B3AA-624A5051E5F2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{6369152E-C858-4EDF-BB52-6895496F3D74}] => (Allow) f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
FirewallRules: [{E78D9C97-08D7-434F-8123-13261C4D9C6A}] => (Allow) f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
FirewallRules: [{3792C9C6-450E-426B-986C-5824239E896A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F3E4F551-C952-46A2-9CD8-2A5715867AC2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{02F4B432-CBA2-4E39-B3FF-F55F89EC7B68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8A0142B3-4C3B-4255-ABA5-96A1B1BD07D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F598C328-3FB4-42B6-899B-A8D1E5B2EC43}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7F10E473-1BCA-4539-B818-F0EF53397B0F}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{CBD9A108-FE5D-4C30-A810-642437C8E1F8}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{6DD6D3DB-85B6-4E8A-B606-85CA460F802A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{20FAFEED-FBD1-44C6-8EFB-994DC36F082C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{EB4B33CD-E952-4BFC-B5DE-B6D3A09356AF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{EC02FE5E-F982-4195-96AA-CE84BEECCF6A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{21DD25A7-A8D1-4916-A603-11C1BC9AD862}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{14B43CDE-088B-4241-AE08-1E53015DBD6D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{1FBAD7D8-6F46-41E4-961C-0EAB6CA8B4BE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{B7D324F3-4B17-46E4-9913-152127D321A5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{422A2506-3182-4452-B20C-5EC8186315FD}] => (Allow) C:\Program Files\Synergy\synergys.exe
FirewallRules: [{C86D90D8-8EFA-49AF-93C1-3293B433ED7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6E079AAB-5654-4264-8491-85AF7E253C08}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{98CBFD6B-3FB9-488B-A3C8-3C054460A2B1}] => (Allow) C:\Windows\system32\rundll32.exe
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Name: Intel(R) Centrino(R) Advanced-N 6200 AGN
Description: Intel(R) Centrino(R) Advanced-N 6200 AGN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETw5s64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Loopback Adapter
Description: Microsoft Loopback Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: msloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2016 09:05:53 AM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

Error: (07/18/2016 04:05:57 AM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

Error: (07/17/2016 11:05:25 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

Error: (07/17/2016 10:59:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoPico.exe, version: 12.3.0.0, time stamp: 0x53b06ef5
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
Exception code: 0xe0434352
Fault offset: 0x000000000001a06d
Faulting process id: 0x18438
Faulting application start time: 0xAutoPico.exe0
Faulting application path: AutoPico.exe1
Faulting module path: AutoPico.exe2
Report Id: AutoPico.exe3

Error: (07/17/2016 10:59:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoPico.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
   at System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
   at AutoPico.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
   at System.Net.LazyAsyncResult.Complete(IntPtr)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Net.ContextAwareResult.Complete(IntPtr)
   at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (07/17/2016 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location I:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (07/17/2016 06:05:33 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

Error: (07/17/2016 05:29:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoPico.exe, version: 12.3.0.0, time stamp: 0x53b06ef5
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
Exception code: 0xe0434352
Fault offset: 0x000000000001a06d
Faulting process id: 0x184bc
Faulting application start time: 0xAutoPico.exe0
Faulting application path: AutoPico.exe1
Faulting module path: AutoPico.exe2
Report Id: AutoPico.exe3

Error: (07/17/2016 05:29:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoPico.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
   at System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
   at AutoPico.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
   at System.Net.LazyAsyncResult.Complete(IntPtr)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Net.ContextAwareResult.Complete(IntPtr)
   at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (07/17/2016 01:05:09 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.


System errors:
=============
Error: (07/09/2016 08:46:16 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (06/17/2016 03:52:14 PM) (Source: VDS Dynamic Provider) (EventID: 40) (User: )
Description: The remove plex operation failed to complete. status=C038003B

Error: (06/17/2016 03:48:38 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (06/17/2016 03:40:15 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (06/13/2016 06:09:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version: 

    Previous Signature Version: 1.223.1357.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.9.0218.00

    Source Path: 4.9.0218.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (06/13/2016 06:09:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version: 

    Previous Signature Version: 1.223.1357.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.9.0218.00

    Source Path: 4.9.0218.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (06/13/2016 06:09:09 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version: 

    Previous Signature Version: 1.223.1357.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.9.0218.00

    Source Path: 4.9.0218.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (06/13/2016 05:47:28 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Run the configured recovery program) after the unexpected termination of the VMware Workstation Server service, but this action failed with the following error: 
%%193

Error: (06/13/2016 05:46:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly.  It has done this 3 time(s).  The following corrective action will be taken in 60000 milliseconds: Run the configured recovery program.

Error: (06/13/2016 05:45:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


CodeIntegrity:
===================================
  Date: 2016-07-17 04:56:59.348
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-17 04:56:59.258
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-17 04:56:59.099
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-16 03:52:04.984
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-16 03:52:04.894
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-16 03:52:04.509
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-15 04:55:34.023
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-15 04:55:33.925
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-15 04:55:33.538
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-14 03:10:30.776
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 93%
Total physical RAM: 16316.38 MB
Available physical RAM: 1045.3 MB
Total Virtual: 16826.56 MB
Available Virtual: 528.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:22.36 GB) NTFS
Drive d: (WD SmartWare) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF
Drive f: (SoftRaid) (Fixed) (Total:731.32 GB) (Free:32.08 GB) NTFS
Drive g: (Virtual) (Fixed) (Total:465.76 GB) (Free:412.86 GB) NTFS
Drive i: (My Passport) (Fixed) (Total:930.86 GB) (Free:710.41 GB) NTFS
Drive m: () (Fixed) (Total:465.75 GB) (Free:268.39 GB) NTFS
Drive n: () (Fixed) (Total:465.75 GB) (Free:432.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D040DF6)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=100 MB) - (Type=42)
Partition 3: (Not Active) - (Size=100 GB) - (Type=42)
Partition 4: (Not Active) - (Size=831.4 GB) - (Type=42)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 08C4D7E9)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=100 MB) - (Type=42)
Partition 3: (Not Active) - (Size=100 GB) - (Type=42)
Partition 4: (Not Active) - (Size=831.4 GB) - (Type=42)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 930.9 GB) (Disk ID: 00052F35)
Partition 1: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Edited by Maurice Naggar
Link to post
Share on other sites

Hello guys,

I'm using a laptop computer running Windows 7 SP1 64bit.  I use Chrome as a browser.  Lately, most of the time a try to access a link from a search result, it takes me to a page displaying a gray screen with some cryptic message saying that my computer is infected and advising me to call a number to have it fixed, all this while making a horrendous loud beep.  The screens vary but most say SYSTEM SHUTDOWN  CALL SUPPORT...  It takes several clicks to make it go away.  Next time I try the same link it works just fine.  I ran MalwareBytes free and Spybot Search & Destroy and had a few things removed but the problem persists.  I have not noted any other problem.  Thanks in advance for your help.

The FRST.txt file is this:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2016 03
Ran by grevolorio (administrator) on TRMDU2 (18-07-2016 11:05:54)
Running from C:\Users\grevolorio.trmdu2\Desktop
Loaded Profiles: grevolorio &  (Available Profiles: grevolorio & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\WindowBlinds\WBSrv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\WindowBlinds\WBCore.exe
(Stardock Corporation) F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\WindowFXSRV.exe
() F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\wfx32.exe
(Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(hMailServer) F:\Program Files (x86)\hMailServer\Bin\hMailServer.exe
() F:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Technologies) F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(AVG Technologies) F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\Program Files\Synergy\synergyd.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ZabKat) C:\Program Files\zabkat\xplorer2\xplorer2_64.exe
() C:\Program Files (x86)\Calibre2\calibre.exe
() C:\Program Files (x86)\Calibre2\calibre-parallel.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Malwarebytes) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) F:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Safer-Networking Ltd.) F:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
() C:\Program Files\Synergy\synergy.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Synergy\synergys.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24204648 2016-07-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AttendeeCommunicator] => C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe [12007776 2016-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [164152 2016-06-01] (Apple Inc.)
Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X]
Winlogon\Notify\MCPClient: C:\Program Files (x86)\Common Files\stardock\MCPStub.dll [2005-01-31] (Stardock)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_ActiveX.exe -update activex
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b93f89d9-224a-11e0-afff-f04da264333e} - E:\setup.exe
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WinSnap] => C:\Program Files\WinSnap\WinSnap64.exe [3874432 2013-06-18] (NTWind Software)
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BitTorrent Sync] => F:\Program Files (x86)\BitTorrent Sync\BTSync.exe [5514592 2015-06-30] (BitTorrent, Inc.)
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Workrave] => F:\Program Files (x86)\Workrave\lib\workrave.exe [4480000 2013-01-13] (The Workrave development team)
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [HideLogonScripts] 1
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\MountPoints2: {6e07364a-5ca0-11e5-8a8f-0002761ce121} - E:\Setup.exe
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\MountPoints2: {bcc773c2-50b0-11e0-b28d-b7985eaf7599} - "D:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-19] (Siber Systems)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6e07364a-5ca0-11e5-8a8f-0002761ce121} - E:\Setup.exe
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {bcc773c2-50b0-11e0-b28d-b7985eaf7599} - "D:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_ActiveX.exe -update activex
HKU\S-1-5-18\...\MountPoints2: {b93f89d9-224a-11e0-afff-f04da264333e} - E:\setup.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files (x86)\Common Files\stardock\MCPCore.dll (Stardock)
SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %SystemRoot%\system32\stobject.dll (Microsoft Corporation)
SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
ShellExecuteHooks-x32:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!BTSync2.0.128Done] -> {581FFA04-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll [2015-06-30] ()
ShellIconOverlayIdentifiers: [!BTSync2.0.128RO] -> {581FFA03-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll [2015-06-30] ()
ShellIconOverlayIdentifiers: [!BTSync2.0.128RW] -> {581FFA02-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll [2015-06-30] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} =>  No File
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [!BTSync2.0.128Done] -> {581FFA04-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension86_33554560.dll [2015-06-30] ()
ShellIconOverlayIdentifiers-x32: [!BTSync2.0.128RO] -> {581FFA03-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension86_33554560.dll [2015-06-30] ()
ShellIconOverlayIdentifiers-x32: [!BTSync2.0.128RW] -> {581FFA02-FC33-0080-0002-95003A5CDE89} => F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension86_33554560.dll [2015-06-30] ()
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DC-2-DB.lnk [2015-09-27]
ShortcutTarget: DC-2-DB.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DC-3-SP.lnk [2015-09-27]
ShortcutTarget: DC-3-SP.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DC_1.lnk [2015-09-27]
ShortcutTarget: DC_1.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Synergy.lnk [2016-03-22]
ShortcutTarget: Synergy.lnk -> C:\Windows\Installer\{68C1AA13-4370-4761-B53F-1862C2CE26CB}\synergy.ico (No File)
Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BHODemon 2.0.lnk [2016-07-11]
ShortcutTarget: BHODemon 2.0.lnk -> C:\Program Files (x86)\BHODemon 2\BHODemon.exe (Definitive Solutions, Inc.)
Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\calibre - E-book management.lnk [2015-06-19]
ShortcutTarget: calibre - E-book management.lnk -> C:\Program Files (x86)\Calibre2\calibre.exe ()
Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-10-02]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BHODemon 2.0.lnk [2016-07-11]
ShortcutTarget: BHODemon 2.0.lnk -> C:\Program Files (x86)\BHODemon 2\BHODemon.exe (Definitive Solutions, Inc.)
Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\calibre - E-book management.lnk [2015-06-19]
ShortcutTarget: calibre - E-book management.lnk -> C:\Program Files (x86)\Calibre2\calibre.exe ()
Startup: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-10-02]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{1CC5E133-5EFA-45B6-95E6-3BEBD35BCB03}: [NameServer] 75.75.75.75
Tcpip\..\Interfaces\{2E7C3C01-490F-4425-84AD-AFDD0E4D2B58}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{5AFE6685-1C35-46C8-A029-662B58E9021D}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{64CC2F48-277C-4B3F-B096-F134D5C26275}: [NameServer] 192.168.0.1,75.75.76.76
Tcpip\..\Interfaces\{75F23FE3-1277-4A15-B393-F09B6F2535B6}: [NameServer] 192.168.0.100

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1085031214-796845957-725345543-2791\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {15261C5A-E2D7-42B4-AE84-D92AE430C800} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {15261C5A-E2D7-42B4-AE84-D92AE430C800} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {91607fa7-3c2f-4f90-93e3-d5337a6b0ac2} URL = Playbryte-fa-outbrowse/search/redirect/?type=default&user_id=f4948b29-18ba-4e54-80f2-876cde2854e2&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2791 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
SearchScopes: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-19] (Siber Systems Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> F:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-06-11] (LastPass)
BHO: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll [2015-04-17] (MediaMall Technologies, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> F:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-06-19] (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-06-11] (LastPass)
BHO-x32: PlayOn -> {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} -> C:\Program Files (x86)\MediaMall\toolbar\pobho.dll [2015-04-17] (MediaMall Technologies, Inc.)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-19] (Siber Systems Inc.)
Toolbar: HKLM - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho64.dll [2015-04-17] (MediaMall Technologies, Inc.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-06-11] (LastPass)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-06-19] (Siber Systems Inc.)
Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} -  No File
Toolbar: HKLM-x32 - PlayOn - {9A87E478-A2BD-44C4-9F8C-D3989A5271B1} - C:\Program Files (x86)\MediaMall\toolbar\pobho.dll [2015-04-17] (MediaMall Technologies, Inc.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-06-11] (LastPass)
Toolbar: HKU\.DEFAULT -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-19] (Siber Systems Inc.)
IE Session Restore: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> is enabled.
IE Session Restore: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009 -> is enabled.
IE Session Restore: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> is enabled.
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T28L10NSP12_CP1-16851/webex/ieatgpc1.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)

FireFox:
========
FF ProfilePath: C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default
FF DefaultSearchEngine.US: Google
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> F:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> F:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-06-11] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-06-11] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2010-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2010-08-25] (NVIDIA Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll [2015-08-13] (MediaMall Technologies, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-30] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\grevolorio\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-08-11] (Citrix Online)
FF Plugin HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: LWAPlugin15.8 -> C:\Users\grevolorio\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-09-18] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-30] (Wacom)
FF user.js: detected! => C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\user.js [2015-06-16]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll [2014-11-19] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginAOC.dll [2016-03-14] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-02-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Disconnect - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\2.0@disconnect.me.xpi [2015-06-16]
FF Extension: Flashblock - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-05-06]
FF Extension: Turn Off the Lights - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\stefanvandamme@stefanvd.net.xpi [2016-05-06]
FF Extension: LastPass - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\support@lastpass.com [2016-05-06]
FF Extension: Amazon Price Tracker - Keepa.com - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\extensions\amptra@keepa.com.xpi [2016-05-06]
FF Extension: PriceZombie, Price Tracker & Price Comparison - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\jid1-a36dFT994VgKDA@jetpack.xpi [2015-10-08]
FF Extension: PlayOn - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\playonplugin@playon.tv [2015-06-24] [not signed]
FF Extension: Video DownloadHelper - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\grevolorio.trmdu2\AppData\Roaming\Mozilla\Firefox\Profiles\8i1tulnd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-22]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\extensions\afproxy@anchorfree.com [2015-09-23] [not signed]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-09-23] [not signed]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2015-09-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-12-06] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2015-06-19] [not signed]
FF HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR DefaultSearchKeyword: Default -> lp
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-11]
CHR Extension: (Entanglement Web App) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-06-11]
CHR Extension: (SearchReportRecordResult Class) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-09-16] [UpdateUrl: hxxps://clients2.google/service/cnhpbmgmfaaapmaoibgdmapbjfofolig] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-11]
CHR Extension: (Send to OneNote) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aokbjibjnekbfdjilfpoknnokaffoinp [2015-07-01]
CHR Extension: (Google Drive) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (Turn Off the Lights) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-06-24]
CHR Extension: (YouTube) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Honey) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-07-15]
CHR Extension: (Adblock Plus) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-01]
CHR Extension: (Incognito-Filter) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik [2015-06-11]
CHR Extension: (Google Search) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Tampermonkey) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-07-16]
CHR Extension: (Unlimited Hotspot Tethering) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\diddhabdhahhfajjfgepdlanilmdnogk [2015-06-24]
CHR Extension: (Facebook Disconnect) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2015-06-11]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2015-06-11]
CHR Extension: (Google Sheets) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-11]
CHR Extension: (Chrome Remote Desktop) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-13]
CHR Extension: (Google Docs Offline) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-22]
CHR Extension: (Close all Tabs) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghcmiphoepcihlmphakgmpapfpldlleg [2015-06-11]
CHR Extension: (AdBlock) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-11]
CHR Extension: (Pin It Button) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-09-26]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2015-06-11]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-07-15]
CHR Extension: (SuperSorter) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij [2015-06-11]
CHR Extension: (Google Keep - notes and lists) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-07-13]
CHR Extension: (Google Theme) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\imoaoigekmpoalkbfohhjgkcocjdapne [2015-06-11]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-22]
CHR Extension: (Cisco WebEx Extension) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-06-11]
CHR Extension: (Speed Dial 2) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-06-01]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-22]
CHR Extension: (The Great Suspender) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-11-02]
CHR Extension: (Roomy Bookmarks Toolbar) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmfbpoigddhdibjcilijiejaidggonfc [2015-08-28]
CHR Extension: (Evernote Web) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-06-11]
CHR Extension: (Instapaper) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh [2016-03-04]
CHR Extension: (Facebook Ads Hider) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\leeebdddeggoocipdjiokmjcpidnmoah [2015-06-11]
CHR Extension: (Unicorn Smasher) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmmeekapjbfjachdkgabdaoccfclpaa [2016-06-17]
CHR Extension: (PlayOn) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2015-09-15]
CHR Extension: (Poppit!) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-06-11]
CHR Extension: (Ghostery) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-03-04]
CHR Extension: (SharePoint Fix) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbkoobmboaainhbkbdojincpeoldlfc [2015-11-02]
CHR Extension: (deviantART muro) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\namljbfbglehfnlonjmebceimaalofei [2015-06-11]
CHR Extension: (Save to Pocket) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-07-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-28]
CHR Extension: (Hover Zoom) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2016-06-01]
CHR Extension: (Evernote Web Clipper) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2016-07-01]
CHR Extension: (Gmail) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-11]
CHR Extension: (Privacy Badger) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2016-06-01]
CHR Extension: (RSS Feed Reader) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2016-07-11]
CHR Extension: (RoboForm Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-03-22]
CHR Profile: C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-01]
CHR Extension: (Google Docs) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-01]
CHR Extension: (Google Drive) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-01]
CHR Extension: (YouTube) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-01]
CHR Extension: (Google Sheets) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-01]
CHR Extension: (Chrome Remote Desktop) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-06-01]
CHR Extension: (20 Cubed) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\geghmabifcdlkmpnkapfefbbfaonhcef [2016-06-01]
CHR Extension: (Google Docs Offline) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-01]
CHR Extension: (AdBlock) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-10]
CHR Extension: (Slinky Wood) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hcaidncenfklbfikefeppfgehcbmmecn [2016-06-01]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-06-24]
CHR Extension: (Invite All Friends on Facebook) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2016-06-24]
CHR Extension: (Speed Dial 2) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-06-01]
CHR Extension: (The Great Suspender) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2016-06-01]
CHR Extension: (PlayOn) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2016-06-01]
CHR Extension: (Pocket) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-06-01]
CHR Extension: (SharePoint Fix) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmbkoobmboaainhbkbdojincpeoldlfc [2016-06-01]
CHR Extension: (Save to Pocket) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-06-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-01]
CHR Extension: (Context Menu Search) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2016-06-01]
CHR Extension: (Gmail) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-01]
CHR Extension: (RSS Feed Reader) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2016-06-25]
CHR Extension: (RoboForm Password Manager) - C:\Users\grevolorio.trmdu2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-06-01]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-10]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2014-09-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-11-22]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-10]
StartMenuInternet: Google Chrome.HA3GT6LIC6CKERU66IYIZVETX4 - C:\Users\grevolorio\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
S4 CronService; C:\Prey\platform\windows\cronsvc.exe [19968 2011-02-15] (Fork Ltd.) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 hMailServer; F:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [4512768 2015-07-09] (hMailServer) [File not signed]
R2 KinoniSvc; f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [524800 2014-11-12] () [File not signed]
R2 MBAMScheduler; f:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; f:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5933872 2015-09-18] (MediaMall Technologies, Inc.)
S4 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
S4 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [17920 2011-09-19] (Microsoft) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4476096 2005-09-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 SandraAgentSrv; f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\RpcAgentSrv.exe [73200 2014-11-05] (SiSoftware) [File not signed]
R2 SDScannerService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [997568 2014-06-29] (@ByELDI) [File not signed]
R2 Synergy; C:\Program Files\Synergy\synergyd.exe [312488 2016-03-18] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7184144 2016-07-06] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
R2 VMAuthdService; F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [File not signed]
S2 VMwareHostd; F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-hostd.exe [15680000 2012-08-15] () [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowBlinds; C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe [89600 2013-05-16] (Stardock Corporation) [File not signed]
R2 WindowFX; F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\WindowFXSRV.exe [181904 2012-03-08] (Stardock Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-16] (AnchorFree Inc.)
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel  Corporation)
S3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2014-11-12] (Windows (R) Win 7 DDK provider)
S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2014-11-12] (Windows (R) Win 7 DDK provider)
S4 LMIRfsClientNP; no ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-18] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 SANDRA; f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; F:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
U5 UnlockerDriver5; F:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70256 2012-07-06] (VMware, Inc.)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-03-22] (WinISO.com)
S1 bbstlqcp; \??\C:\Windows\system32\drivers\bbstlqcp.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S1 ekgpaanc; \??\C:\Windows\system32\drivers\ekgpaanc.sys [X]
S1 emzyrjza; \??\C:\Windows\system32\drivers\emzyrjza.sys [X]
S1 fzqrwich; \??\C:\Windows\system32\drivers\fzqrwich.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S1 mttwbomv; \??\C:\Windows\system32\drivers\mttwbomv.sys [X]
S1 ouqyzldm; \??\C:\Windows\system32\drivers\ouqyzldm.sys [X]
S1 sesugyny; \??\C:\Windows\system32\drivers\sesugyny.sys [X]
S3 SliceDisk5; \??\C:\Users\grevolorio\AppData\Local\Temp\HBCD\PartitionFindAndMount\slicedisk-x64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S1 vixxdple; \??\C:\Windows\system32\drivers\vixxdple.sys [X]
S2 WGX; System32\Drivers\WGX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-18 11:05 - 2016-07-18 11:07 - 00067984 _____ C:\Users\grevolorio.trmdu2\Desktop\FRST.txt
2016-07-18 11:03 - 2016-07-18 11:03 - 02391040 _____ (Farbar) C:\Users\grevolorio.trmdu2\Desktop\FRST64.exe
2016-07-18 10:07 - 2016-07-18 10:07 - 00000000 ____D C:\Program Files\Common Files\AV
2016-07-18 10:07 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-07-16 08:38 - 2016-05-09 16:48 - 00450051 _____ C:\Windows\system32\Drivers\etc\hosts.20160716-083854.backup
2016-07-13 09:49 - 2016-07-13 09:50 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Roaming\vlc
2016-07-13 09:22 - 2016-07-13 09:22 - 00000000 ____D C:\Users\grevolorio.trmdu2\Projects Series
2016-07-13 09:22 - 2016-07-13 09:22 - 00000000 ____D C:\Users\grevolorio.trmdu2\HDR Projects 4 Pro
2016-07-13 09:20 - 2016-07-13 09:20 - 00001162 _____ C:\Users\Public\Desktop\HDR projects 4 professional (64-Bit).lnk
2016-07-13 09:20 - 2016-07-13 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2016-07-13 09:20 - 2016-07-13 09:20 - 00000000 ____D C:\Program Files\Franzis
2016-07-11 14:07 - 2016-07-11 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-11 10:48 - 2016-07-11 10:48 - 00000957 _____ C:\Users\grevolorio.trmdu2\Desktop\BHODemon 2.0.lnk
2016-07-11 10:48 - 2016-07-11 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BHODemon 2.0
2016-07-11 10:48 - 2016-07-11 10:48 - 00000000 ____D C:\Program Files (x86)\BHODemon 2
2016-07-09 08:49 - 2016-07-09 08:49 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-07-09 08:49 - 2016-07-09 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-07-09 08:49 - 2016-07-09 08:49 - 00000000 ____D C:\Program Files\iTunes
2016-07-09 08:49 - 2016-07-09 08:49 - 00000000 ____D C:\Program Files\iPod
2016-06-24 09:43 - 2016-07-08 21:18 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-18 11:05 - 2014-01-30 12:00 - 00000548 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1085031214-796845957-725345543-2108.job
2016-07-18 11:05 - 2012-05-23 18:15 - 00000000 ____D C:\FRST
2016-07-18 11:05 - 2011-08-04 09:50 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-18 11:01 - 2014-11-04 15:34 - 00000382 _____ C:\Windows\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job
2016-07-18 10:55 - 2015-09-16 12:08 - 00192216 ____C (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-18 10:32 - 2015-07-02 10:19 - 00000644 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1085031214-796845957-725345543-2108.job
2016-07-18 10:21 - 2012-07-27 08:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-18 10:08 - 2015-06-30 08:58 - 00000916 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-07-18 10:07 - 2014-08-20 09:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-07-18 06:15 - 2009-07-14 00:45 - 00033392 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-18 06:15 - 2009-07-14 00:45 - 00033392 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-18 02:07 - 2015-06-11 15:15 - 00000000 ____D C:\ProgramData\MediaMall
2016-07-18 01:19 - 2015-06-30 08:58 - 00000912 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-07-17 22:59 - 2015-09-30 10:32 - 00000000 ____D C:\Program Files\KMSpico
2016-07-17 20:05 - 2011-08-04 09:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-17 09:28 - 2009-07-14 01:13 - 00845984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-17 09:28 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-07-14 20:21 - 2012-07-27 08:46 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 20:21 - 2012-04-13 10:28 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 20:21 - 2011-05-20 16:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-13 15:39 - 2015-06-11 20:52 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Local\CrashDumps
2016-07-13 13:18 - 2011-01-21 14:14 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-13 12:43 - 2015-07-07 13:19 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent
2016-07-13 09:22 - 2015-06-11 14:53 - 00000000 ____D C:\Users\grevolorio.trmdu2
2016-07-12 16:21 - 2012-01-26 17:19 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-12 16:21 - 2011-01-21 11:27 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-11 14:08 - 2015-06-30 08:57 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-07-11 10:59 - 2012-06-11 10:02 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-09 08:49 - 2015-07-07 11:43 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-07-09 08:49 - 2014-02-28 10:55 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-07-07 09:58 - 2015-06-17 13:26 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Local\calibre-cache
2016-07-07 09:22 - 2015-06-17 13:25 - 00000000 ____D C:\Users\grevolorio.trmdu2\AppData\Roaming\calibre
2016-07-01 13:31 - 2015-11-02 15:45 - 00000960 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2016-07-01 13:31 - 2011-06-09 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2016-07-01 13:31 - 2011-06-09 14:01 - 00000000 ____D C:\Program Files (x86)\Calibre2
2016-06-27 11:21 - 2015-09-23 03:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-27 11:21 - 2012-10-10 13:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-27 10:24 - 2015-06-11 20:51 - 00000000 ____D C:\Users\grevolorio.trmdu2\.VirtualBox
2016-06-24 17:46 - 2015-06-17 09:21 - 00143848 _____ C:\Users\grevolorio.trmdu2\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-21 05:42 - 2013-11-12 12:46 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-21 05:41 - 2014-03-18 09:15 - 00000000 ____D C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories =======

2012-01-30 09:55 - 2015-06-11 15:56 - 16258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-06-12 19:46 - 2015-06-12 19:46 - 0000064 _____ () C:\Users\grevolorio.trmdu2\AppData\Roaming\Sandra.ldb
2015-06-12 19:46 - 2015-06-12 21:14 - 14417920 _____ () C:\Users\grevolorio.trmdu2\AppData\Roaming\Sandra.mdb
2015-08-28 17:23 - 2015-08-28 17:23 - 0000020 ___SH () C:\Users\grevolorio.trmdu2\AppData\Roaming\Sys11965 DataCollection.dat
2015-08-28 17:23 - 2015-08-28 17:23 - 0000020 ___SH () C:\Users\grevolorio.trmdu2\AppData\Roaming\System413_DataDB.ind
2015-07-04 08:40 - 2015-07-09 19:01 - 0000600 _____ () C:\Users\grevolorio.trmdu2\AppData\Roaming\winscp.rnd
2015-09-28 09:21 - 2015-09-28 09:21 - 0000038 ___SH () C:\Users\grevolorio.trmdu2\AppData\Local\5678c43253f8bbb5ed82a9.59421958
2015-07-04 08:47 - 2015-07-13 11:07 - 0000600 _____ () C:\Users\grevolorio.trmdu2\AppData\Local\PUTTY.RND
2015-09-16 12:03 - 2015-09-16 12:03 - 0045957 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-09-16 12:03 - 2015-09-16 12:03 - 0000296 _____ () C:\ProgramData\HELP_DECRYPT.URL
2012-08-20 10:22 - 2012-08-28 15:25 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-12-18 12:06 - 2014-12-18 12:06 - 0000202 _____ () C:\ProgramData\nbinst.ini
2013-11-25 17:35 - 2013-11-25 17:35 - 0000018 _____ () C:\ProgramData\ruby-uuid

Files to move or delete:
====================
C:\Users\grevolorio\SyncToy_6f9d1157-50ab-4e8a-b246-c8013fe8d91a.dat
C:\Users\grevolorio\SyncToy_eb83ad46-2f1d-44ad-8333-991854e5ef51.dat


Some files in TEMP:
====================
C:\Users\grevolorio\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_kz8ag.dll
C:\Users\grevolorio\AppData\Local\Temp\RoboForm-Setup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-07 10:41

==================== End of FRST.txt ============================

 

 

And the Addition.txt is:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2016 03
Ran by grevolorio (2016-07-18 11:08:11)
Running from C:\Users\grevolorio.trmdu2\Desktop
Windows 7 Professional Service Pack 1 (X64) (2012-06-05 17:59:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3578782807-1016812498-1856270605-500 - Administrator - Disabled)
grevolorio (S-1-5-21-3578782807-1016812498-1856270605-1009 - Administrator - Enabled) => C:\Users\grevolorio.trmdu2
Guest (S-1-5-21-3578782807-1016812498-1856270605-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Out of date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Out of date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\uTorrent) (Version: 3.4.3.40466 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.3.40466 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.15 - STMicroelectronics)
Acute Email IDs Production Engine (HKLM-x32\...\{CB72E17B-1BCA-441F-A8A0-64C6FDF09425}) (Version: 10.3.5 - SAGAWEBS.COM)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe LiveCycle Designer 7.1 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\InstallShield_{B8420E42-9664-43AF-BD01-F7B12EBA92CF}) (Version: 7.1.0000 - Adobe)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader 64-bit fixes (HKLM\...\{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1) (Version:  - Leo Davidson / Pretentious Name)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Allway Sync version 10.3.25 (HKLM\...\Allway Sync_is1) (Version:  - Botkind Inc)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6F085FCD-4B6A-4F63-AF23-B74629C40797}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-5 - Wacom Technology Corp.)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.0 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.0.0 - Wacom Europe GmbH) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
BHODemon 2.0.0.23 (HKLM-x32\...\BHODemon_is1) (Version:  - Definitive Solutions, Inc.)
BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 2.0.128 - BitTorrent Inc.)
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Box Edit (HKLM-x32\...\{8887D190-E3EC-45D9-A62D-DF423B53CBEE}) (Version: 3.0.25.511 - Box)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
calibre (HKLM-x32\...\{BA623AFD-BE42-4B5F-9B8E-01FAB9BB2B51}) (Version: 2.61.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{95EB2FCC-AE0B-40E9-B804-347C6358923B}) (Version: 51.0.2704.7 - Google Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{AFB80939-4486-49D8-A04E-2B05C0F2DE39}) (Version: 1.0.252 - Citrix)
ClipX (HKLM-x32\...\ClipX) (Version:  - )
Color Cop 5.4.3 (HKLM-x32\...\Color Cop_is1) (Version:  - Jay Prall)
Color Picker (HKLM-x32\...\ST6UNST #1) (Version:  - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CutePDF Professional 3.3 (HKLM-x32\...\{F10D1D8F-C20C-4F0D-B243-688C0C6873F6}) (Version: 3.30.1001 - Acro Software Inc.)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
eReader (HKLM-x32\...\{453C9E55-80DF-4BD2-9885-52A1FB0D9382}) (Version: 3.0.3 - Palm Digital Media)
Evernote v. 5.2 (HKLM-x32\...\{090931D6-A2F4-11E3-AD9C-00163E98E7D0}) (Version: 5.2.0.2946 - Evernote Corp.)
ExtraPutty 0.22 (HKLM-x32\...\{14C76057-E495-47E1-BDF0-1A1CC1752ADF}) (Version: 0.22 - )
Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.5.6 - Telerik)
FileMenu Tools (HKLM\...\FileMenu Tools_is1) (Version:  - LopeSoft - Rubén López Hernández)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Fine Woodworking Archive (HKLM-x32\...\{84D74E02-0F71-4107-B92F-48848C06ABB0}) (Version: 2.0.1 - Taunton)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Git version 1.7.6-preview20110708 (HKLM-x32\...\Git_is1) (Version: 1.7.6-preview20110708 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GoToMeeting 7.2.0.2759 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.2.0.2759 - CitrixOnline)
Gtk# for .Net 2.12.25 (HKLM-x32\...\{889E7D77-2A98-4020-83B1-0296FA1BDE8A}) (Version: 2.12.25 - Xamarin, Inc.)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
HDR projects 4 professional (64-Bit) (HKLM\...\HDR_PROJECTS_4_3_3BF7CE82_is1) (Version: 4.41 - Franzis Verlag GmbH)
hMailServer 5.6.4-B2283 (HKLM-x32\...\hMailServer_is1) (Version:  - )
huey 1.0.5 (HKLM-x32\...\huey_is1) (Version:  - Pantone & GretagMacbeth)
IdeaRoom (HKLM-x32\...\{9D3E0103-F902-4368-8CAE-21EE46F2DE9E}) (Version: 1.36.0070 - Sawtooth Ideas)
IETester v0.4.10 (remove only) (HKLM-x32\...\IETester) (Version: 0.4.10 - Core Services)
iExplorer 3.2.2.6 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
IMG to ISO (HKLM-x32\...\{F10528D1-6478-4F67-A393-CCAC1DB958C1}_is1) (Version:  - imgtoiso.com)
Inkscape 0.48.1  (HKLM-x32\...\Inkscape) (Version: 0.48.1 - )
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
IsoBuster 3.4 (HKLM-x32\...\IsoBuster_is1) (Version: 3.4 - Smart Projects)
iTunes (HKLM\...\{709990D1-03DA-4302-B364-E4D9F17E2198}) (Version: 12.4.1.6 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.1 (HKLM-x32\...\{CD0159C9-17FB-11D6-A76A-00B0D079AF64}) (Version:  - )
Java 2 Runtime Environment, SE v1.4.1_07 (HKLM-x32\...\{CA532E73-1BB7-11D8-9D6A-00010240CE95}) (Version:  - )
Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
Java Web Start (HKLM-x32\...\Java Web Start) (Version:  - )
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 29 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416029FF}) (Version: 6.0.290 - Oracle)
Java(TM) 6 Update 39 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216039FF}) (Version: 6.0.390 - Oracle)
Java(TM) SE Development Kit 6 Update 39 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160390}) (Version: 1.6.0.390 - Oracle)
Java(TM) SE Development Kit 7 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
join.me (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\JoinMe) (Version: 1.17.0.156 - LogMeIn, Inc.)
Keywords Studio Pro (HKLM-x32\...\Keywords Studio Pro 1.0.0) (Version: 1.0.0 - intraSEO)
Keywords Studio Pro (x32 Version: 1.0.0 - intraSEO) Hidden
KinoniDrivers 2.8.1 (HKLM-x32\...\KinoniDrivers) (Version: 2.8.1 - Kinoni)
K-Lite Codec Pack 8.6.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.6.0 - )
KMSpico v9.3.1 (HKLM\...\KMSpico_is1) (Version: 9.3.1 - )
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LAN-Fax Utilities (HKLM\...\LAN-Fax Utilities) (Version:  - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Launchy 2.5 (HKLM-x32\...\Launchy_21344213_is1) (Version:  - Code Jelly)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.71 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.71 - Alliance Software Pty Ltd) Hidden
Maxwell for SketchUp 2014 (HKLM-x32\...\{E3FA7086-A065-4FAF-B819-400927194F80}) (Version: 3.0.11 - Next Limit Technologies)
MDF to ISO version 1.0 (HKLM-x32\...\{79DDA36F-B19E-4293-A4F2-FA3EC1C06E6E}_is1) (Version: 1.0 - mdftoiso.com)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Metalogix Content Matrix Console - File Share Edition (HKLM-x32\...\{99641A98-EE9B-4521-916C-DF09AC9DD4A3}) (Version: 6.2.0302 - Metalogix Software Corp.)
Metalogix Content Matrix Console - Public Folder Edition (HKLM-x32\...\{E18CB092-505F-4FE1-B4C7-C53DBBBBA938}) (Version: 6.2.0302 - Metalogix Software Corp.)
Metalogix Content Matrix Console - SharePoint Edition (HKLM-x32\...\{A4E8B4B5-C6D6-414B-A513-EDDB70F58959}) (Version: 6.2.0302 - Metalogix Software Corp.)
Micro-Measure (HKLM-x32\...\{75E1D518-6772-4073-A71C-354B71181391}) (Version: 1.0.0 - Brightwell)
Microsoft .NET Compact Framework 1.0 SP3 Developer (HKLM-x32\...\{6C531060-84FB-4F96-8F33-29DF020632EB}) (Version: 1.0.4292 - Microsoft Corporation)
Microsoft .NET Compact Framework 2.0 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5238 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Device Emulator version 1.0 - ENU (HKLM-x32\...\{78B75C6D-E53C-424C-BF83-4B63BD4A6682}) (Version: 1.0.50727.42 - Microsoft Corporation)
Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version:  - Microsoft Corporation)
Microsoft Exchange Web Services Managed API 2.1 (HKLM-x32\...\{24CA683D-8174-4EBF-AD4D-3F2DD7814716}) (Version: 15.0.847.30 - Microsoft Corporation)
Microsoft Expression Blend 3 SDK (HKLM-x32\...\{256E7DAC-9BE8-494E-8DE7-7857BF96B774}) (Version: 1.0.1343.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.20525.0) (Version: 4.0.20525.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{9B3A1C97-A361-463E-8817-444F9F88CDFE}) (Version: 2.0.20525.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}) (Version: 2.0.20525.0 - Microsoft Corporation)
Microsoft Expression Design 4 (HKLM-x32\...\Design_7.0.20516.0) (Version: 7.0.20516.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1639.0) (Version: 4.0.1639.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{BF127B80-CFD5-4379-9752-E8AF1A5D0141}) (Version: 4.0.1639.0 - Microsoft Corporation)
Microsoft Expression Studio 4 (HKLM-x32\...\ExpressionStudio_4.0.20525.0) (Version: 4.0.20525.0 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1303.0) (Version: 4.0.1303.0 - Microsoft Corporation)
Microsoft Expression Web 4 Service Pack 2 (HKLM-x32\...\{F5993FCC-DF5D-4879-B70D-AA1F379C5C6B}) (Version:  - Microsoft Corporation)
Microsoft Filter Pack 1.0 (HKLM\...\{95120000-2000-0409-1000-0000000FF1CE}) (Version: 12.0.4518.1104 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Lync 2010 Attendee (HKLM-x32\...\{09335E49-1C8F-4973-9929-941BE9C6EF33}) (Version: 4.0.7577.4498 - Microsoft Corporation)
Microsoft Lync Web App Plug-in (HKLM\...\{52CAD0B7-8759-4CE5-94D7-8825BBFD7445}) (Version: 15.8.8653.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4833.1001 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Developer Tools for Visual Studio 2013 - November 2014 Update (HKLM-x32\...\{ac415136-ae46-4301-b23e-6559062bfa7b}) (Version: 12.0.31105.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version:  - Microsoft)
Microsoft Office Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesignerR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version:  - Microsoft)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version:  - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Robocopy GUI (HKLM-x32\...\{107C666F-63C5-4263-8D40-8B9CFB5FED08}) (Version: 1.0.0 - Microsoft)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM-x32\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{62D2F823-0EAA-496D-B0F9-A869BFC51550}) (Version: 8.05.2312 - Microsoft Corporation)
Microsoft SQL Server 2005 Books Online (English) (September 2007) (HKLM-x32\...\{6FDD4688-E063-401D-B6BE-7234E20B9173}) (Version: 9.00.3104 - Microsoft Corporation)
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools (HKLM-x32\...\{1389C6A4-4965-4AEC-9175-08B54A10FA48}) (Version: 3.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies  (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{88CB5DFD-6CE1-486F-998C-9FC090FCE5E2}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 64bit Prerequisites (x64) - ENU (HKLM\...\{75F299F3-8234-47CD-BB40-2994C1B1105E}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio 2005 Premier Partner Edition - ENU (HKLM-x32\...\{C25EF637-BE7A-4761-9B45-9069989C319F}) (Version: 8.0.50728 - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601) (HKLM-x32\...\KB926601.T2_29ToU260_29) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 SharePoint Power Tools (HKLM-x32\...\{FD84580C-12DC-3BA4-ABE8-1E337F776F1D}) (Version: 10.0.30604 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
MoSync (HKLM-x32\...\MoSync) (Version:  - Mobile Sorcery)
MotoHelper 2.1.32 Driver 5.2.0 (HKLM-x32\...\MotoHelper) (Version: 2.1.32 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 5.2.0 (Version: 5.2.0 - Motorola Inc.) Hidden
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSDN Library for Visual Studio 2005 (HKLM-x32\...\MSDN Library for Visual Studio 2005) (Version: 8.0.50727.42 - Microsoft)
MSDN Library for Visual Studio 2005 (x32 Version: 8.0.50727.42 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyLifeOrganized v. 4.3.1 (HKLM-x32\...\MyLife Organized) (Version: 4.3.1 - MyLifeOrganized.net)
MySQL Connector/ODBC 5.3 (HKLM\...\{43E572BC-B21F-4BEC-94CA-2D4AA6F53246}) (Version: 5.3.2 - Oracle Corporation)
MySQL Tools for 5.0 (HKLM-x32\...\{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}) (Version: 5.0.17 - MySQL AB, Sun Microsystems, Inc.)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Node.js (HKLM\...\{FC4E166C-598C-48CC-BFAC-A709121D3B2C}) (Version: 0.10.22 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.6.2 - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5951 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.5951 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OutlookTools 2 (HKLM-x32\...\{E69BB189-4B20-46AE-93CF-59099F05FC3F}) (Version: 2.3.0 - HowTo-Outlook)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 Design-Time - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Pandora (HKLM-x32\...\com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1) (Version: 2.0.5 - Pandora Media, Inc.)
Pandora (x32 Version: 2.0.5 - Pandora Media, Inc.) Hidden
Paprika Recipe Manager (HKLM-x32\...\{E9AC2A1E-F693-43D0-BBF4-C57A4D9BDFCF}) (Version: 1.0.4 - Hindsight Labs LLC)
ParetoLogic Data Recovery (HKLM-x32\...\{B1C2398C-6FAB-46D1-806C-5942F0829994}) (Version: 1.1.0 - ParetoLogic)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFill PDF Editor with FREE PDF Writer and Tools (HKLM-x32\...\{D12EBB4E-CF21-496D-979F-89D9DE58C5B8}) (Version: 5.0 - PlotSoft LLC)
PDFill PDF Writer (HKLM-x32\...\PDFill PDF Writer) (Version:  - )
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
PlayLater (HKLM-x32\...\{B9050F2D-0F98-4530-A494-FCA63931FBE5}) (Version: 1.6.42 - MediaMall Technologies, Inc.)
PlayOn (HKLM-x32\...\{8D437274-5816-474B-B57C-C28D62433F8F}) (Version: 3.10.42 - MediaMall Technologies, Inc.)
Plex (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Plex) (Version: 0.9.502 - Plex, Inc)
Polipo 1.0.4.1 (HKLM-x32\...\Polipo) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python 2.6 pycrypto-2.3 (HKLM-x32\...\{D6242566-9EF5-426E-8F75-F4FBCC010186}) (Version: 2.3.0 - Dwayne C. Litzenberger)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Qdabra Rules Library (HKLM\...\{50F764E1-0DB5-4252-8AE9-780BB3A3B16C}) (Version: 2.3.0005 - Qdabra Software)
Qdabra Rules Library (HKLM-x32\...\{0643AB4D-8502-47FF-AB27-FCF3649CC3C3}) (Version: 6.1.0001 - Qdabra Software)
Qdabra Rules Library (HKLM-x32\...\{2CEB2CBB-6939-48B7-989A-AB01FBB6B14E}) (Version: 5.1.0000 - Qdabra Software)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAMDisk (HKLM-x32\...\{01D5FF1F-BB19-4387-8EF1-C6319037EC12}) (Version: 3.5.130 - Dataram, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
Recover My Files (HKLM-x32\...\Recover My Files_is1) (Version: 4.9.2.1240 - GetData Pty Ltd)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Reflector (HKLM\...\{77342B24-A2A9-4420-8C9C-C109EE201CBC}) (Version: 1.3.3.1 - Squirrels)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.92 (HKLM-x32\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Revo Uninstaller Pro 2.4.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.4.3 - VS Revo Group, Ltd.)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
RoboForm 7-9-14-4 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-14-4 - Siber Systems)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.66.00(10/30/2014) - Samsung Electronics Co., Ltd.)
Samsung M2020 Series (HKLM-x32\...\Samsung M2020 Series) (Version: 1.23 (12/24/2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Saver2 (HKLM-x32\...\Saver2) (Version: 1.3.2 - ZZJ)
ScanSoft PDF Create! 4 (HKLM\...\{33307810-2945-4F3F-8FEA-0BF522AEFCA7}) (Version: 4.01.0069 - Nuance Communications, Inc.)
Scrum Solution Starter for Microsoft Project 2010 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CC7790844E65D3F0F0686CF43FEDFB17AA666F95) (Version: 1.0.0.71 - Microsoft)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
Send to OneNote 2007 (HKLM-x32\...\{D0180909-85ED-4F97-B12C-C9E3129F78DC}) (Version: 1.0.0 - Microsoft Office OneNote 2007 PowerToys)
SendToOneNote for Chrome (HKLM-x32\...\{62A77CC8-B17A-49C0-9BE6-E77216E86BD3}) (Version: 1.2.0 - Aspark Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0017-0000-0000-0000000FF1CE}_Office14.SharePointDesigner_{8B883A57-E4BC-4745-8E6C-68168850F9DD}) (Version:  - Microsoft)
SharePoint Client Components (HKLM\...\{95150003-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4641.1002 - Microsoft Corporation)
SharePoint Client Components (HKLM\...\{95160002-1163-0409-1000-0000000FF1CE}) (Version: 16.0.3104.1200 - Microsoft Corporation)
Sharpener Pro 3.0 (HKLM-x32\...\Sharpener Pro 3.0 Stand-Alone) (Version: 3.0.0.5 - Nik Software, Inc.)
Sigil 0.4.2 (HKLM\...\Sigil_is1) (Version:  - John Schember)
SiSoftware Sandra Business 2015 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.10.2015.1 - SiSoftware)
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
SketchUp 2015 (HKLM\...\{90A6F70E-96AD-4054-AB8F-42BCFA75F8EC}) (Version: 15.0.9350 - Trimble Navigation Limited)
Skype Toolbars (HKLM-x32\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4137 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sparkol VideoScribe (HKLM-x32\...\Sparkol VideoScribe 2.0) (Version: 2.0 - Sparkol)
Sparkol VideoScribe (x32 Version: 2.0 - Sparkol) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2012 Client Tools (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQLXML4 (HKLM\...\{DEA9F247-F832-4E36-90BF-D8EDA206521A}) (Version: 9.00.5000.00 - Microsoft Corporation)
Stardock WindowBlinds (HKLM-x32\...\Stardock WindowBlinds) (Version: 8.12 - Stardock Software, Inc.)
Stickies 7.1e (HKLM-x32\...\ZhornStickies) (Version:  - Zhorn Software)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
Synergy (64-bit) (HKLM\...\{77865914-4067-41D2-8DE0-ACFA9C83351D}) (Version: 1.7.6 - The Synergy Project)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.62308 - TeamViewer)
TeraCopy 2.12 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector Inc.)
TopStyle (Version 3) (HKLM-x32\...\TopStyle (Version 3)) (Version: 3.1.0 - Bradbury Software, LLC)
Tor 0.2.1.30 (HKLM-x32\...\Tor) (Version:  - )
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84.4 - Transmission)
TreeSize Free V2.6 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.6 - JAM Software)
TreeSize Professional 5.3.4 (HKLM-x32\...\TreeSize Professional_is1) (Version: 5.3.4 - JAM Software)
TuneUp 2.5.0.0 (HKLM-x32\...\TuneUpMedia) (Version: 2.5.0.0 - TuneUp Media, Inc.)
TuneWiki (HKLM-x32\...\TuneWiki) (Version: 1.0.165.0 - TuneWiki)
U2 PCAM (HKLM-x32\...\{F89DC420-FF15-485D-8254-67A27ED1313B}) (Version: 1.2.3.4 - Genesys Logic)
Unlocker 1.9.1 (HKLM-x32\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version:  - Microsoft)
Update or Uninstall SENukeX (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\2ce4fd5e017fe1d3) (Version: 3.0.0.56 - SENukeX)
Update or Uninstall SENukeX (HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\2ce4fd5e017fe1d3) (Version: 3.0.0.56 - SENukeX)
Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
Velvia Vision (HKLM-x32\...\{F02DBC56-E5AB-4F74-B995-4586F91D4BDC}) (Version: 1.0 - Fred Miranda)
Vertus Fluid Mask 3 2.100.2-RC2 (HKLM-x32\...\VertusFluidMask3) (Version: 2.100.2-RC2 - )
Vidalia 0.2.12 (HKLM-x32\...\Vidalia) (Version:  - )
Video Enhancer 1.9.6 (HKLM-x32\...\Video Enhancer_is1) (Version:  - Infognition Co. Ltd.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 9.0.0 - VMware, Inc)
VMware Workstation (Version: 9.0.0 - VMware, Inc.) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WebTablet FB Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.1 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinDirStat 1.1.2 (HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\WinDirStat) (Version:  - )
WinDjView 2.0.2 (HKLM\...\WinDjView) (Version: 2.0.2 - Andrew Zhezherun)
WindowFX (x32 Version: 5.01 - Stardock Corporation) Hidden
Windows Driver Package - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (09/17/2009 3.0.0.5) (HKLM\...\929413420CDE2F0C2C08C06E73FF16D9CB6C9807) (Version: 09/17/2009 3.0.0.5 - Apple Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Resource Kit Tools (HKLM-x32\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation)
WinISO (HKLM-x32\...\WinISO) (Version: 6.3.0.4829 - WinISO Computing Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 4.3.5 (HKLM-x32\...\winscp3_is1) (Version: 4.3.5 - Martin Prikryl)
WinSnap (HKLM-x32\...\WinSnap) (Version: 4.0.8 - NTWind Software)
WinX DVD Author 5.8 (HKLM-x32\...\WinX DVD Author_is1) (Version:  - FreetimeSoft, Inc.)
Workflow Manager Client 1.0 (HKLM\...\{A5ABAF5F-B5B6-44B3-B69F-2E13DC60FC9F}) (Version: 2.0.40131.0 - Microsoft Corporation)
Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{A79F6653-6AF1-4AF2-BC15-F5D6C05E1E6A}) (Version: 2.0.40326.0 - Microsoft Corporation)
Workrave 1.10 (HKLM-x32\...\Workrave_is1) (Version:  - Rob Caelers & Raymond Penners)
WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)
xplorer² professional 64 bit (HKLM\...\xplorer2p64) (Version: 2.5.0.2 - Zabkat)
yEd Graph Editor 3.9.2 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.9.2 - yWorks GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для среды разработки набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\grevolorio\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\2185\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\grevolorio\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01948B03-BD45-4976-8D31-7855925672EC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => F:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {05C8BCBA-5173-4FD5-AB52-1671D7DC2D35} - System32\Tasks\{6D5E1E37-7B03-499C-9F90-D7F8A3F44FD4} => pcalua.exe -a "F:\Adobe CS4\Master Collection\Adobe CS4\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files (x86)\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02" -c -silent
Task: {0DA826DA-C315-408E-A81B-346FA731E686} - System32\Tasks\{4BD142E9-8A9E-4CF1-8E08-D7B5ABC463F4} => pcalua.exe -a "F:\kodiRelated\FTV v0.52\FTV\Amazon FireTV Utility App.exe"
Task: {13009AEA-3E20-4C03-98ED-1DDAA2CBE59A} - System32\Tasks\{1E1D40DD-B7F0-437F-919E-7299C2A201C8} => pcalua.exe -a C:\Users\grevolorio\Desktop\vpnclient-win-msi-5.0.01.0600-k9.exe -d C:\Users\grevolorio\Desktop
Task: {1CA54BD7-F8FE-43D7-A568-902BD730F451} - System32\Tasks\{C9D0DEFF-43BC-4715-854F-00A22264221D} => pcalua.exe -a F:\Downloads\Drawing\Pencil-Portrait-Tutorial--How-Beginners-Learn-To-Draw-Pencil-Portraits-Quickly-And-Easily.exe -d F:\Downloads\Drawing
Task: {1D334B1E-CF07-488F-9133-6C6018482BF0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {220D5B9C-CC4B-43A8-BE1B-5AA45467AF92} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {2541E100-9850-45B0-8A0C-D00427497A49} - System32\Tasks\{2662DE15-9BFB-4C94-ABE1-B60C1CDBE28D} => pcalua.exe -a "C:\Users\grevolorio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H3XG5VDK\lastpass_x64[1].exe" -d C:\Users\grevolorio\Desktop
Task: {2A46E8FA-0109-4EB2-8581-D8E1CC3F8D47} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {2AC1D17C-EA09-4710-85F9-66D640AA0BF3} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {2C2A0C7C-A15F-473C-9A03-A80299CEEC13} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation)
Task: {3100B96D-BB14-4990-BD3D-54ABC9D6445D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
Task: {327B3BA7-B8A2-4705-A7D4-9A7536F0D564} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {379F9252-C770-44AA-AF2C-037D7FDACF84} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-06-19] (Siber Systems)
Task: {384B22B0-4F48-47CA-A1B8-7D998C13032C} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {4D0D22B8-4C7A-44F5-B04F-96AB41E171EF} - System32\Tasks\ParetoLogic Update Version2 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2008-02-22] ()
Task: {58289E57-EE9B-437E-9BF3-CCB6ABF1E425} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {59479587-6ECE-4E1C-9E21-55309D69125C} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJMKMGMNJLJIMKJJJCNOMMJOJKMCNLMJMIMJMCNGMLJIMPMCNLMJMPMMMMJKMLMOJKJKJPMIMJNJICMIMCNGMCNOMLMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMEKMICNJJCKFMLMLMPMJNHICMEKMICNJJCKJNBJCMJNKJCMJNNICMJNDJCMKJBJJNMJCMOMFMKMKMFMPMJN (the data entry has 33 more characters).
Task: {5B725530-FFAB-4A23-8563-A928DF68D79B} - System32\Tasks\G2MUpdateTask-S-1-5-21-1085031214-796845957-725345543-2108 => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupdate.exe [2015-07-02] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {5D3FF025-C318-46AB-A7A4-5A8F209A70F7} - \SidebarExecute -> No File <==== ATTENTION
Task: {6184FBBE-4AA1-42ED-A3A1-E6838CA95637} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {65EDF042-6E5E-4A9C-BCE8-01793ED9162F} - System32\Tasks\{DEDC4BB3-71C0-40D4-9A13-E7BEA775B519} => pcalua.exe -a F:\Downloads\AppleWirelessMouse64.exe
Task: {6E0AF919-E2BB-4343-80BD-9DB7B1320AC0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {729AE2CB-D745-4FDE-AD60-D0A8A4636D78} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => F:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-08-04] (AVG Technologies)
Task: {7CFEC956-1854-4D03-AC69-5FCACF3ED978} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {83A73D3C-C015-43F6-ABAB-27E7FC5C6590} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns
Task: {88FD29A9-84EF-4B5D-B6F4-945733D892B5} - System32\Tasks\{A2F28A60-837B-4A08-93CF-C81107A19128} => pcalua.exe -a "F:\Downloads\Stardock Object Desktop Suite\Stardock Object Desktop Suite\WindowBlinds 5 [Enhanced] - With Crack\WindowBlinds 5 [Enhanced].exe" -d "F:\Downloads\Stardock Object Desktop Suite\Stardock Object Desktop Suite\WindowBlinds 5 [Enhanced] - With Crack"
Task: {8B9FD64D-EE19-4346-AB88-F4084AA5EF60} - System32\Tasks\{E725F200-DE8A-4285-85FF-D7DA2DFE1545} => pcalua.exe -a F:\Downloads\solutoinstaller.exe
Task: {90FFDBF2-C8F2-4A2B-99C2-BD4B2BA8849B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {92FC9152-3CF6-4DC4-A1FF-8B31A85EC68D} - System32\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB} => F:\Program Files\Allway Sync\Bin\syncappw.exe [2010-05-31] ()
Task: {93F228DA-AB4B-4BD9-B6D4-456EB46BA16D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {97F9187F-9225-4089-8965-5A446FE551E5} - System32\Tasks\{6C938882-44FC-4762-8288-22AC4957F8AB} => pcalua.exe -a "C:\Users\grevolorio\Desktop\MsiZap (1).exe" -d C:\Users\grevolorio\Desktop
Task: {9D8F7C35-05F3-4098-A58A-CFDCE2571B56} - System32\Tasks\{A90FC29D-33BB-491B-AED4-86D69213CF61} => pcalua.exe -a "F:\Downloads\Microsoft Office 2010 Professional (No Key Required)\setup.exe" -d "F:\Downloads\Microsoft Office 2010 Professional (No Key Required)"
Task: {A10AE438-01D3-48A2-B1F9-9CFCF67E0B22} - System32\Tasks\{E00AD51B-21C4-4D8F-A4AB-7CC5931C85E2} => pcalua.exe -a "C:\FTV\Amazon FireTV Utility App.exe"
Task: {A2C753BE-80E2-4C1E-A35B-C6B17C5DE41F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {AD4D132B-F589-4AB7-9AC7-8E881E3CA6BA} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {AD684464-6AA5-4425-9D51-8804B6F5C03B} - System32\Tasks\{B40ADBCF-29B3-4A89-B5F3-2C6807F2DECB} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall INFOPATHR /dll OSETUP.DLL
Task: {AD9C8945-6414-46A1-B1CB-9348EE400E4F} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2013-03-21] ()
Task: {AFDFFF62-8D44-4454-8431-F540107AFF83} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJMGMJJLJJMMMLJNJCNMMPMPMHMCNLMGMKMOJCNHMMMNJHMCNNMKJKJOMLMLMKMKJOMPMMJJJJNJICMIMCNOMCNPMFMHMCNPMCNIMJMPMPMFMJMCNOMCNIMJMPMPMCNNMJNPICMLMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMIJNIKJJIAJDJAJNIGJAJJNKJCMJNNICMJNDJCMKJBJ"
Task: {B421371D-E6A0-44B4-B84E-BEB704B7D919} - System32\Tasks\{DBF89E59-98BD-464C-821B-C714ACBF7D00} => pcalua.exe -a "C:\Users\grevolorio\AppData\Local\Temp\Temp1_Drivers for apple majic mouse.zip\Drivers for apple majic mouse\64bit driver.exe"
Task: {B42859F1-52BE-4C0B-87A0-089A8A9525FE} - System32\Tasks\{A86051CA-CB2D-4CFC-AA2E-F97F003E332E} => pcalua.exe -a C:\Users\grevolorio.trmdu2\Downloads\VirtualBox-5.0.4-102546-Win.exe
Task: {B6124405-83CA-4BD7-9DFD-1176D9CFEA66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {B7D682DD-52E1-43BE-BBF8-FDC6840A7669} - System32\Tasks\{AEC957EE-1707-435F-9324-C5329BCEB8F2} => pcalua.exe -a F:\Downloads\AppleWirelessMouse64UNEASY.exe
Task: {BA7A7309-376A-49C5-8980-876C5ACE8DDE} - System32\Tasks\DocumentsBackupToNetworkDrive => C:\Program Files\SyncToy 2.1\SyncToyCmd.exe [2009-10-19] (Microsoft Corporation)
Task: {BFAECEBD-7839-4DE8-825D-A11D11B4ABE5} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-06-29] (@ByELDI)
Task: {C3513C86-0619-4FBC-B521-2594460A8AB7} - System32\Tasks\{5EF141E4-698E-4751-AFC4-21FB5FB4CCC4} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {C7E44BE0-CBC9-4833-85C7-DCDE3709A73A} - System32\Tasks\{3EE8355E-6EFE-4231-BA1C-0027510C8764} => pcalua.exe -a F:\Downloads\OfficeExcel2003XMLToolsAddin.exe -d F:\Downloads
Task: {D6847D8E-3585-4794-AD85-56EB9F05F9FA} - System32\Tasks\G2MUploadTask-S-1-5-21-1085031214-796845957-725345543-2108 => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupload.exe [2015-07-02] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {DDBE4BC3-4239-45EA-85A5-E4557D3F2AD6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {DE2F2154-92E1-40E2-8EB6-A80435CCCFB7} - System32\Tasks\{9AA97C05-331D-48E7-B2B6-393DA5DB59E3} => pcalua.exe -a F:\Downloads\Vertus_Fluid_Mask_3.2.1_MegaRapidshare.com\fluid_mask_3_setup_2.100.2-RC2.exe
Task: {E121D49B-E0A6-45BA-9FBA-E6A579E8DCAE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {E62AE87E-4B4E-4A62-A2A5-C62E351425B8} - System32\Tasks\{FB5637CE-774D-41E9-8A18-A66C6F08DE12} => pcalua.exe -a "F:\Downloads\windirstat1_1_2_setup (1).exe" -d F:\Downloads
Task: {E86215D1-331F-46EA-B5D2-DD63481E1867} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
Task: {E8FC4795-B64E-463C-96A9-BE0B8DBF960D} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {E96AA20C-5A24-4099-8877-9D626337E24D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F0F929D8-853A-41D7-BF97-78FBA3A7E8E9} - System32\Tasks\{5F894392-522C-4E66-80C8-E72C3D3AD54E} => pcalua.exe -a F:\Downloads\applewirelessmouse.exe
Task: {F379DF3B-1EC4-4330-84B3-57537B17F6CE} - System32\Tasks\CopyMyDocsToU_Drive => 
Task: {F787EACE-34DC-43A0-9DA4-440D0A487857} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {FC31E385-F59B-4071-A73F-53FC0F691907} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => F:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {FCAEA3E8-B27E-4792-96C7-DE1B513D73A6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {FE0A6D57-BA94-4854-A4CF-ED585B3BB4B5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job => F:\Program Files\Allway Sync\Bin\syncappw.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1085031214-796845957-725345543-2108.job => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1085031214-796845957-725345543-2108.job => C:\Program Files (x86)\Citrix\GoToMeeting\2759\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration.job => rundll32.exe  C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version2.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\grevolorio.trmdu2\Desktop\Gus - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk
ShortcutWithArgument: C:\Users\grevolorio.trmdu2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9cc420c2be074d9\Identity API Scope Approval UI.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ahjaciijnoiaklcomgnblndopackapon

==================== Loaded Modules (Whitelisted) ==============

2012-05-15 13:12 - 2012-05-15 13:12 - 00385680 _____ () F:\Program Files (x86)\Stardock\Object Desktop\WindowFX\WFX32.exe
2011-01-11 10:52 - 2009-11-05 08:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2015-08-28 15:35 - 2014-10-30 08:18 - 00029184 ____C () C:\Windows\System32\ssj2mlm.dll
2014-11-12 05:20 - 2014-11-12 05:20 - 00524800 _____ () f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
2015-08-04 08:26 - 2015-08-04 08:26 - 00718040 _____ () F:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2016-03-18 14:52 - 2016-03-18 14:52 - 00018600 _____ () C:\Program Files\Synergy\synwinhk.DLL
2016-03-16 06:17 - 2016-03-16 06:17 - 00052912 _____ () F:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2010-07-15 00:44 - 2010-07-15 00:44 - 00020032 _____ () F:\Program Files (x86)\Unlocker\UnlockerCOM.dll
2011-02-14 17:55 - 2009-06-21 08:52 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-08-04 08:26 - 2015-08-04 08:26 - 00861912 _____ () F:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:38 - 2014-09-08 13:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2016-03-18 14:52 - 2016-03-18 14:52 - 00312488 _____ () C:\Program Files\Synergy\synergyd.exe
2015-07-08 16:59 - 2016-04-19 19:26 - 00114888 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2010-11-08 11:15 - 2010-11-08 11:15 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2015-06-30 08:24 - 2015-06-30 08:24 - 00408576 _____ () F:\Program Files (x86)\BitTorrent Sync\SyncShellExtension64_33554560.dll
2014-05-01 10:13 - 2014-05-01 10:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2016-07-01 08:50 - 2016-07-01 08:50 - 00171520 ____R () C:\Program Files (x86)\Calibre2\calibre.exe
2016-07-01 08:50 - 2016-07-01 08:50 - 00024576 ____R () C:\Program Files (x86)\Calibre2\calibre-parallel.exe
2016-06-17 17:07 - 2016-06-15 04:26 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 17:07 - 2016-06-15 04:26 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-03-18 14:52 - 2016-03-18 14:52 - 01881256 _____ () C:\Program Files\Synergy\synergy.exe
2016-03-18 14:52 - 2016-03-18 14:52 - 00979112 _____ () C:\Program Files\Synergy\synergys.exe
2014-08-20 09:47 - 2014-05-13 12:04 - 00109400 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-20 09:47 - 2014-05-13 12:04 - 00416600 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-20 09:47 - 2014-05-13 12:04 - 00167768 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-20 09:47 - 2012-08-23 10:38 - 00574840 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-20 09:47 - 2012-04-03 17:06 - 00565640 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-08-15 14:11 - 2012-08-15 14:11 - 01222656 _____ () F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\libxml2.dll
2016-07-01 08:47 - 2016-07-01 08:47 - 00037376 ____R () C:\Program Files (x86)\Calibre2\calibre-launcher.dll
2014-05-03 23:25 - 2014-05-03 23:25 - 00110080 ____R () C:\Program Files (x86)\Calibre2\DLLs\pywintypes27.dll
2016-07-01 08:47 - 2016-07-01 08:47 - 00057344 ____R () C:\Program Files (x86)\Calibre2\plugins2\progress_indicator.pyd
2016-07-01 08:47 - 2016-07-01 08:47 - 00069632 ____R () C:\Program Files (x86)\Calibre2\plugins2\imageops.pyd
2016-07-01 08:50 - 2016-07-01 08:50 - 00176128 ____R () C:\Program Files (x86)\Calibre2\DLLs\libxslt.dll
2016-07-01 08:50 - 2016-07-01 08:50 - 01069568 ____R () C:\Program Files (x86)\Calibre2\DLLs\libxml2.dll
2016-07-01 08:50 - 2016-07-01 08:50 - 00064000 ____R () C:\Program Files (x86)\Calibre2\DLLs\libexslt.dll
2014-12-10 12:23 - 2014-12-10 12:23 - 00426496 ____R () C:\Program Files (x86)\Calibre2\DLLs\sqlite3.dll
2016-07-01 08:47 - 2016-07-01 08:47 - 00035840 ____R () C:\Program Files (x86)\Calibre2\plugins2\wpd.pyd
2014-05-03 23:29 - 2014-05-03 23:29 - 00396800 ____R () C:\Program Files (x86)\Calibre2\DLLs\pythoncom27.dll
2016-07-01 08:46 - 2016-07-01 08:46 - 00262144 ____R () C:\Program Files (x86)\Calibre2\plugins2\hunspell.pyd
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-30 05:53 - 2015-09-01 08:25 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2016-05-12 19:57 - 2016-06-06 21:58 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-07-11 14:07 - 2016-06-06 21:58 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-07-11 14:07 - 2016-06-06 21:59 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-07-11 14:07 - 2016-06-06 21:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-05-12 19:57 - 2016-06-06 21:58 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-05-12 19:57 - 2016-06-06 21:58 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-07-11 14:07 - 2016-06-06 21:58 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-05-12 19:57 - 2016-07-05 14:00 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-05-12 19:57 - 2016-06-06 21:58 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-07-11 14:07 - 2016-07-05 13:59 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-05-12 19:57 - 2016-06-06 21:59 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-07-11 14:07 - 2016-07-05 13:59 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-07-11 14:07 - 2016-07-05 13:59 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-07-11 14:07 - 2016-06-06 22:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-07-11 14:07 - 2016-07-05 13:59 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-05-12 19:57 - 2016-06-06 21:58 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-07-11 14:07 - 2016-06-06 21:59 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-07-11 14:07 - 2016-07-05 13:59 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-07-11 14:07 - 2016-06-06 22:01 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-07-11 14:07 - 2016-07-05 14:00 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-11 14:07 - 2016-07-05 14:00 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-05-12 19:57 - 2016-06-06 21:59 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-05-12 19:57 - 2016-06-06 22:00 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-05-12 19:57 - 2016-07-05 14:00 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-07-11 14:07 - 2016-07-05 14:00 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2014-08-20 09:47 - 2014-04-25 14:11 - 02972112 _____ () F:\Program Files (x86)\Spybot - Search & Destroy 2\NotificationSpreader.dll
2016-03-08 09:04 - 2016-03-08 09:04 - 02415104 _____ () C:\Program Files\Synergy\QtCore4.dll
2009-01-10 10:32 - 2009-01-10 10:32 - 00011362 _____ () C:\Program Files\Synergy\mingwm10.dll
2009-06-22 18:42 - 2009-06-22 18:42 - 00043008 _____ () C:\Program Files\Synergy\libgcc_s_dw2-1.dll
2010-02-10 14:43 - 2010-02-10 14:43 - 09515520 _____ () C:\Program Files\Synergy\QtGui4.dll
2010-02-10 14:10 - 2010-02-10 14:10 - 01148416 _____ () C:\Program Files\Synergy\QtNetwork4.dll
2013-12-17 04:42 - 2013-12-17 04:42 - 00335872 _____ () C:\Program Files (x86)\MediaMall\lua51a.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows: [108]
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [125]
AlternateDataStreams: C:\Users\grevolorio.trmdu2\.DS_Store:AFP_AfpInfo [122]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7867 more sites.

IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\bunker -> hxxps://bunker
IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\calshr01 -> hxxp://calshr01
IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\calshr02 -> hxxp://calshr02
IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\emmarx.com -> hxxp://reports.emmarx.com
IE trusted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\inrangesystems.com -> hxxp://intranet.inrangesystems.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-se.com -> 1-se.com

There are 11773 more sites.

IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

There are 7867 more sites.

IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791\...\123simsen.com -> www.123simsen.com

There are 7867 more sites.

IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-2791-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

There are 7867 more sites.

IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1915297274-1003847613-3419053400-1105-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\greenskybrands.com -> hxxp://intranet.greenskybrands.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\greenskybrands.com -> hxxp://intranet.greenskybrands.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

There are 7867 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2011-10-28 15:03 - 2016-07-16 08:38 - 00450173 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1    localhost127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    www.10sek.com
127.0.0.1    10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    www.123fporn.info
127.0.0.1    123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123moviedownload.com
127.0.0.1    www.123moviedownload.com

There are 15466 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1085031214-796845957-725345543-2108-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\grevolorio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1085031214-796845957-725345543-2109-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\sharepointadmin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1085031214-796845957-725345543-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3578782807-1016812498-1856270605-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 75.75.75.75 - 192.168.0.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: CronService => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: sdAuxService => 3
MSCONFIG\Services: sdCoreService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^monitorpad.lnk => C:\Windows\pss\monitorpad.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Tor.lnk => C:\Windows\pss\Tor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^grevolorio.trmdu2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^grevolorio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MLO.lnk => C:\Windows\pss\MLO.lnk.Startup
MSCONFIG\startupfolder: C:^Users^grevolorio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyLife Organized.lnk => C:\Windows\pss\MyLife Organized.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files (x86)\Common Files\Acronis\Timounter\TimounterMonitor.exe
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApplePhotoStreams => 
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: AttendeeCommunicator => "C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe" /fromrunkey
MSCONFIG\startupreg: BackupAndRecoveryMonitor.exe => C:\Program Files (x86)\Acronis\BackupAndRecovery\BackupAndRecoveryMonitor.exe
MSCONFIG\startupreg: Box Edit => C:\Users\grevolorio.trmdu2\AppData\Local\Box\Box Edit\Box Edit.exe
MSCONFIG\startupreg: Box Local Com Server => C:\ProgramData\Box\ComServer\Box Local Com Service.exe
MSCONFIG\startupreg: ccApp => "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
MSCONFIG\startupreg: ClipToOneNote => 
MSCONFIG\startupreg: EEDSpeedLauncher => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MSCONFIG\startupreg: Google Desktop Search => 
MSCONFIG\startupreg: iCloudServices => 
MSCONFIG\startupreg: itype => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
MSCONFIG\startupreg: MobileDocuments => 
MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
MSCONFIG\startupreg: PlayOn => C:\Program Files (x86)\MediaMall\PlayOn.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: SDTray => "F:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Spybot-S&D Cleaning => "F:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Vidalia => "C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe"
MSCONFIG\startupreg: vmware-tray => 
MSCONFIG\startupreg: vmware-tray.exe => "F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-tray.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{2C84D7A8-185F-48F0-997F-3A814FEB1212}C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe] => (Allow) C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe
FirewallRules: [UDP Query User{76BCF8C2-EC1E-47FD-A852-CE49592796D5}C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe] => (Allow) C:\program files (x86)\mylifeorganized.net\mlo\mlo.exe
FirewallRules: [{E4DAC48E-0F06-4425-87B9-7BD5994267BF}] => (Allow) F:\Downloads\solutoinstaller-Lc51Pys8GM.exe
FirewallRules: [{DE5F8045-275F-4630-8682-8236CFC1A9FA}] => (Allow) F:\Downloads\solutoinstaller-Lc51Pys8GM.exe
FirewallRules: [{3CAF5393-735B-4381-9C98-BE52D398D458}] => (Allow) C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe
FirewallRules: [{D093949F-C20C-4810-B36E-6B28E571CC81}] => (Allow) C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe
FirewallRules: [{C6F07D1B-04C4-4F10-BDA4-374E78C5EF19}] => (Allow) C:\Program Files (x86)\Microsoft Lync Attendee\AttendeeCommunicator.exe
FirewallRules: [{24C77659-9DEF-4ABA-B4B9-64F8BC15A943}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B5BA6578-03EA-4F19-B6A2-C924C6C8E14F}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe
FirewallRules: [{758E4422-978B-47A4-86E4-B8F589FB2F26}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-authd.exe
FirewallRules: [{051D6AFF-140B-4251-A785-C60079EDB7FD}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-hostd.exe
FirewallRules: [{7AC51C86-1E31-4E96-A1FF-7A9E9D7CE9C1}] => (Allow) F:\Program Files (x86)\VMware\VMware VIX\VMWare Workstation\vmware-hostd.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [{E82D2D2F-BFBD-41F4-A369-818C95FE2B09}] => (Allow) C:\Users\grevolorio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B9EB0C5C-06D4-405B-BFEF-E1240AFC3A92}] => (Allow) C:\Users\grevolorio\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4FE7CDC6-7A33-4C99-ABED-B4C4EA2F2743}] => (Allow) C:\Program Files (x86)\Fiddler2\Fiddler.exe
FirewallRules: [{46A01AAE-281A-4A88-9B9E-D5E9DD8EF2B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AA765390-3C76-4719-96A5-CFF7997FFC8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{51707004-99BF-4B82-866C-6DBD656522DB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6EE70C80-E842-4BB8-8FB2-4183E0A2B6CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B261E1BA-7CCA-4BDA-A864-90AD5F09B541}] => (Allow) C:\Users\grevolorio\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{B05ABD30-952F-4977-88FB-0BF6B0D8486C}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [{0E804373-A724-4174-95E8-11BF1A486C38}] => (Allow) F:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{482C2904-B9EB-460A-B24A-CDE0111F39B6}] => (Allow) F:\Program Files (x86)\BitTorrent Sync\BTSync.exe
FirewallRules: [{30113CC9-EA36-40C1-ACE3-9C07A0D32065}] => (Allow) F:\Program Files (x86)\BitTorrent Sync\BTSync.exe
FirewallRules: [{455BC505-116E-4778-9C47-D0039C5ABD3F}] => (Allow) LPort=12292
FirewallRules: [{48E75E71-2CBD-4890-8FDF-D76036F2069D}] => (Allow) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
FirewallRules: [{B80C427A-4A78-4C8F-8C5A-F9137515E7DA}] => (Allow) C:\Program Files (x86)\MediaMall\SettingsManager.exe
FirewallRules: [{97D36CA4-D871-4663-BF1F-D7D27925F9D4}] => (Allow) C:\Program Files (x86)\MediaMall\PlayMark.exe
FirewallRules: [{53162F45-0E3E-441F-AD2A-795DD8EBAB2D}] => (Allow) C:\Program Files (x86)\MediaMall\Surfer.exe
FirewallRules: [{CB2F542C-B0A8-44DC-87F1-457206EFAC68}] => (Allow) C:\Program Files (x86)\MediaMall\PlayLater.exe
FirewallRules: [{69B9AE74-7660-4131-A026-481F146680CA}] => (Allow) f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\RpcAgentSrv.exe
FirewallRules: [{8A1F8345-6A95-49F8-A078-63007A1228A3}] => (Allow) f:\Program Files\SiSoftware\SiSoftware Sandra Business 2015\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{C974CD50-7415-43E1-9081-9640AB51C81D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CE7E25B2-F63F-4E9B-8373-0A23074C71B1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{EBC71303-5F45-4EDC-8E05-A3C6405AF3E8}C:\program files (x86)\calibre2\calibre.exe] => (Allow) C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [UDP Query User{49A87548-8B14-4D3A-BA89-3E30CBD64639}C:\program files (x86)\calibre2\calibre.exe] => (Allow) C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [{8A45DF66-77B3-47F5-9E5B-6E67E8CD3672}] => (Block) C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [{2358E7EC-EE95-49BE-8DE1-26AF8F97ADAD}] => (Block) C:\program files (x86)\calibre2\calibre.exe
FirewallRules: [TCP Query User{011516DF-6F3F-479A-8621-1D0D84A0991F}F:\program files\transmission\transmission-qt.exe] => (Allow) F:\program files\transmission\transmission-qt.exe
FirewallRules: [UDP Query User{ABA9851F-F69F-4C9D-A24E-A115D08E0AB4}F:\program files\transmission\transmission-qt.exe] => (Allow) F:\program files\transmission\transmission-qt.exe
FirewallRules: [{4095281A-CA21-41D6-BA24-5FE980C904D0}] => (Block) F:\program files\transmission\transmission-qt.exe
FirewallRules: [{24B34338-DD29-4CA9-AD70-42F3924DD47F}] => (Block) F:\program files\transmission\transmission-qt.exe
FirewallRules: [{AED27814-FFA9-4899-B195-BE194AA6F13A}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A0DE4516-2BD6-4D21-AE2B-124A3B182B0C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E0D62CAE-785A-402E-A297-8B4033C9B7A7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{932729FC-8CEF-4D87-B35B-8778A82696D8}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1706A022-0050-4667-91AA-26B728B5ADD8}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1EBA2EAC-E1BE-48CE-A61E-C0BEF9EC4047}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{583FE798-093F-4AFC-87FB-6E46B63294A7}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EA173698-EF6B-4459-A147-42C9EDA2520C}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F3E80BF7-DA3F-42AB-84EB-C25F52B2AF47}] => (Allow) C:\Users\grevolorio.trmdu2\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{71CA5F73-AFD7-40C6-BDAF-10CC1A9579E5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{4D1F3054-3DA7-46C6-BF81-7F064302A7E6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{29A5A62E-BA87-4660-B3AA-624A5051E5F2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{6369152E-C858-4EDF-BB52-6895496F3D74}] => (Allow) f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
FirewallRules: [{E78D9C97-08D7-434F-8123-13261C4D9C6A}] => (Allow) f:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
FirewallRules: [{3792C9C6-450E-426B-986C-5824239E896A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F3E4F551-C952-46A2-9CD8-2A5715867AC2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{02F4B432-CBA2-4E39-B3FF-F55F89EC7B68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8A0142B3-4C3B-4255-ABA5-96A1B1BD07D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F598C328-3FB4-42B6-899B-A8D1E5B2EC43}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7F10E473-1BCA-4539-B818-F0EF53397B0F}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{CBD9A108-FE5D-4C30-A810-642437C8E1F8}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{6DD6D3DB-85B6-4E8A-B606-85CA460F802A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{20FAFEED-FBD1-44C6-8EFB-994DC36F082C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{EB4B33CD-E952-4BFC-B5DE-B6D3A09356AF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{EC02FE5E-F982-4195-96AA-CE84BEECCF6A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{21DD25A7-A8D1-4916-A603-11C1BC9AD862}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{14B43CDE-088B-4241-AE08-1E53015DBD6D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{1FBAD7D8-6F46-41E4-961C-0EAB6CA8B4BE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{B7D324F3-4B17-46E4-9913-152127D321A5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{422A2506-3182-4452-B20C-5EC8186315FD}] => (Allow) C:\Program Files\Synergy\synergys.exe
FirewallRules: [{C86D90D8-8EFA-49AF-93C1-3293B433ED7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6E079AAB-5654-4264-8491-85AF7E253C08}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{98CBFD6B-3FB9-488B-A3C8-3C054460A2B1}] => (Allow) C:\Windows\system32\rundll32.exe
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Name: Intel(R) Centrino(R) Advanced-N 6200 AGN
Description: Intel(R) Centrino(R) Advanced-N 6200 AGN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETw5s64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Loopback Adapter
Description: Microsoft Loopback Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: msloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2016 09:05:53 AM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

Error: (07/18/2016 04:05:57 AM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

Error: (07/17/2016 11:05:25 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

Error: (07/17/2016 10:59:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoPico.exe, version: 12.3.0.0, time stamp: 0x53b06ef5
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
Exception code: 0xe0434352
Fault offset: 0x000000000001a06d
Faulting process id: 0x18438
Faulting application start time: 0xAutoPico.exe0
Faulting application path: AutoPico.exe1
Faulting module path: AutoPico.exe2
Report Id: AutoPico.exe3

Error: (07/17/2016 10:59:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoPico.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
   at System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
   at AutoPico.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
   at System.Net.LazyAsyncResult.Complete(IntPtr)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Net.ContextAwareResult.Complete(IntPtr)
   at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (07/17/2016 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location I:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (07/17/2016 06:05:33 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.

Error: (07/17/2016 05:29:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoPico.exe, version: 12.3.0.0, time stamp: 0x53b06ef5
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
Exception code: 0xe0434352
Fault offset: 0x000000000001a06d
Faulting process id: 0x184bc
Faulting application start time: 0xAutoPico.exe0
Faulting application path: AutoPico.exe1
Faulting module path: AutoPico.exe2
Report Id: AutoPico.exe3

Error: (07/17/2016 05:29:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoPico.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
   at System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
   at AutoPico.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
   at System.Net.LazyAsyncResult.Complete(IntPtr)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Net.ContextAwareResult.Complete(IntPtr)
   at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (07/17/2016 01:05:09 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: Chrome Remote Desktop Host -- Error 1714. The older version of Chrome Remote Desktop Host cannot be removed. Contact your technical support group. System Error 1612.


System errors:
=============
Error: (07/09/2016 08:46:16 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (06/17/2016 03:52:14 PM) (Source: VDS Dynamic Provider) (EventID: 40) (User: )
Description: The remove plex operation failed to complete. status=C038003B

Error: (06/17/2016 03:48:38 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (06/17/2016 03:40:15 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (06/13/2016 06:09:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version: 

    Previous Signature Version: 1.223.1357.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.9.0218.00

    Source Path: 4.9.0218.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (06/13/2016 06:09:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version: 

    Previous Signature Version: 1.223.1357.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.9.0218.00

    Source Path: 4.9.0218.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (06/13/2016 06:09:09 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version: 

    Previous Signature Version: 1.223.1357.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.9.0218.00

    Source Path: 4.9.0218.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (06/13/2016 05:47:28 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Run the configured recovery program) after the unexpected termination of the VMware Workstation Server service, but this action failed with the following error: 
%%193

Error: (06/13/2016 05:46:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly.  It has done this 3 time(s).  The following corrective action will be taken in 60000 milliseconds: Run the configured recovery program.

Error: (06/13/2016 05:45:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


CodeIntegrity:
===================================
  Date: 2016-07-17 04:56:59.348
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-17 04:56:59.258
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-17 04:56:59.099
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-16 03:52:04.984
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-16 03:52:04.894
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-16 03:52:04.509
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-15 04:55:34.023
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-15 04:55:33.925
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-15 04:55:33.538
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-14 03:10:30.776
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 93%
Total physical RAM: 16316.38 MB
Available physical RAM: 1045.3 MB
Total Virtual: 16826.56 MB
Available Virtual: 528.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:22.36 GB) NTFS
Drive d: (WD SmartWare) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF
Drive f: (SoftRaid) (Fixed) (Total:731.32 GB) (Free:32.08 GB) NTFS
Drive g: (Virtual) (Fixed) (Total:465.76 GB) (Free:412.86 GB) NTFS
Drive i: (My Passport) (Fixed) (Total:930.86 GB) (Free:710.41 GB) NTFS
Drive m: () (Fixed) (Total:465.75 GB) (Free:268.39 GB) NTFS
Drive n: () (Fixed) (Total:465.75 GB) (Free:432.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D040DF6)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=100 MB) - (Type=42)
Partition 3: (Not Active) - (Size=100 GB) - (Type=42)
Partition 4: (Not Active) - (Size=831.4 GB) - (Type=42)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 08C4D7E9)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=100 MB) - (Type=42)
Partition 3: (Not Active) - (Size=100 GB) - (Type=42)
Partition 4: (Not Active) - (Size=831.4 GB) - (Type=42)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 930.9 GB) (Disk ID: 00052F35)
Partition 1: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

bho.png

Edited by cestmoi1337
Add a sample screen.
Link to post
Share on other sites

  • Root Admin

While awaiting assistance can you please remove the following pirated content from the system.

 

S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [997568 2014-06-29] (@ByELDI) [File not signed]
2016-07-17 22:59 - 2015-09-30 10:32 - 00000000 ____D C:\Program Files\KMSpico
KMSpico v9.3.1 (HKLM\...\KMSpico_is1) (Version: 9.3.1 - )
Task: {BFAECEBD-7839-4DE8-825D-A11D11B4ABE5} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-06-29] (@ByELDI)

Task: {88FD29A9-84EF-4B5D-B6F4-945733D892B5} - System32\Tasks\{A2F28A60-837B-4A08-93CF-C81107A19128} => pcalua.exe -a "F:\Downloads\Stardock Object Desktop Suite\Stardock Object Desktop Suite\WindowBlinds 5 [Enhanced] - With Crack\WindowBlinds 5 [Enhanced].exe" -d "F:\Downloads\Stardock Object Desktop Suite\Stardock Object Desktop Suite\WindowBlinds 5 [Enhanced] - With Crack"

Task: {9D8F7C35-05F3-4098-A58A-CFDCE2571B56} - System32\Tasks\{A90FC29D-33BB-491B-AED4-86D69213CF61} => pcalua.exe -a "F:\Downloads\Microsoft Office 2010 Professional (No Key Required)\setup.exe" -d "F:\Downloads\Microsoft Office 2010 Professional (No Key Required)"

Piracy Policy


Thank you

 

 

 

Link to post
Share on other sites

Hello Cestmoi.

I will be guiding you and helping you going forward.  As we go along, please only just attach any reports I may request.

Looking at your initial write-up at the start of the case, it seems like your web browser just happened to get ( somehow) a scam web page.  The rogue audio will go away once you close the tab-window on the browser and Restart Windows.

Thanks for the screen image by the way.  That does confirm that this is a total scam.  You can easily get rid of it by just using a few simple keyboard presses.   ( that is, if the page is still there).  It looks like the fake page is on the Chrome browser.  The same principals apply regardless of what browser is in use that has this same type display.

There are lots and lots of different versions of these scams.  It is important to always have situational awareness.

Please apply the tips I relayed just very recently to another person on this board.  The same tips apply to this case.

see this link

 

Link to post
Share on other sites

That's good.   Let me suggest that you do this next check to see if other software is up to date.

Download Security Check by screen317 from >>here<<.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Link to post
Share on other sites

Check on  update issues , by getting, installing and using Secunia Personal Software Inspector (PSI) on a regular basis.
See How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector ( by Flexera)
http://www.bleepingcomputer.com/tutorials/tutorial174.html

Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

 

Sorry about the link.
 

Link to post
Share on other sites

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.