TechSpot

Unwanted Ads by lu Everywhere on Google Chrome

By Daniel Morelli
Jun 5, 2015
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
    Ran by Daniel (administrator) on MORELLI-PC on 05-06-2015 23:37:08
    Running from C:\Users\Daniel\Downloads
    Loaded Profiles: Daniel (Available Profiles: Daniel & Guest)
    Platform: Windows 7[​IMG] Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer[​IMG]Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    Failed to access process -> csrss.exe
    Failed to access process -> csrss.exe
    Microsoft[​IMG] Corporation) C:\Program Files Microsoft Security[​IMG] Client\MsMpEng.exe
    Apple[​IMG] Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
    Failed to access process -> remoting_host.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
    (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    (Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    (WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
    () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
    () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    (Intel Corporation) C: Windows[​IMG]\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    Microsoft[​IMG] Corporation) C:\Program Files Windows[​IMG] Sidebar\sidebar.exe
    () C:\Program Files (x86)\RocketDock\RocketDock.exe
    Failed to access process -> WmiPrvSE.exe
    Apple[​IMG] Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
    Microsoft[​IMG] Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Pushbullet Inc) C:\Users\Daniel\AppData\Local\Pushbullet\bin\pushbullet_client.exe
    (Microsoft Corporation) C:\Windows\System32\wisptis.exe
    (Microsoft Corporation) C:\Windows\System32\wisptis.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (BitTorrent Inc.) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
    (PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Apple Inc.) C:\Program Files\iTunes\iTunes.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MDCrashReportTool.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Failed to access process -> WmiPrvSE.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Dropbox, Inc.) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
    HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
    HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-05-05] (DivX, LLC)
    HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
    HKLM-x32\...\Run: [ConnectionManager] => C:\Program Files (x86)\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
    HKLM-x32\...\Run: [Registry Helper] => "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
    HKLM-x32\...\Run: [fst_ca_145] => [X]
    HKLM-x32\...\Run: [t4pc_en_6] => [X]
    HKLM-x32\...\Run: [fst_ca_142] => [X]
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3207680 2015-05-20] (GoPro)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
    HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [2D7856E7538B13D026A66639D73BA27D30F728D9._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [Facebook Update] => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [Google Update] => "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe"
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [GoogleChromeAutoLaunch_50A9215009AE0931A8FCDF5026E9246D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1079592 2015-04-26] (Apple Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Daniel\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [64000 2014-12-21] (Pushbullet inc)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [Dropbox Update] => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-18] (Dropbox, Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [GoogleChromeAutoLaunch_9CB2B8404301F8169D10E27C4B481A41] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {256ad01e-12e3-11e0-8da0-1c75081453d8} - "F:\WD SmartWare.exe" autoplay=true
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {51dfcb89-3a8d-11e4-8073-560f6e4d57ac} - E:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {587b6c70-a01b-11e4-928a-1c75081453d8} - G:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {918e673d-93e3-11e4-806d-1c75081453d8} - G:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {941fc4af-12c2-11e0-b8cb-1c75081453d8} - "E:\WD SmartWare.exe" autoplay=true
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {9c07bf98-9bcb-11e4-84e1-1c75081453d8} - F:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {a2460ab6-9bc8-11e4-9fd1-1c75081453d8} - F:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {d5af6515-bfd8-11e4-be2b-1c75081453d8} - F:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
    HKU\S-1-5-18\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe
    HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
    AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File not found
    AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File not found
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Continue installation.lnk [2012-10-30]
    ShortcutTarget: Continue installation.lnk -> C:\Users\Daniel\AppData\Local\Temp\ktr_bbr_12_06_10_ashlynn_brooke_eva_angelina_and_jayden_jaymes_the_afro_****_downloader.exe (No File)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2010-12-28]
    ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)
    Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-02-09]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2012-04-10]
    ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Daniel\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File)
    Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2013-05-04]
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
    ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
    ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
    ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
    ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?type=hp&ts=14035...2A0RT0_WD-WXF1A80J7465J7465&I=psd&t=34498f3b9
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?type=hp&ts=14035...2A0RT0_WD-WXF1A80J7465J7465&I=psd&t=34498f3b9
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms}
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms}
    URLSearchHook: HKLM-x32 - KeyBar 1.13 Toolbar - {02edb56b-9b33-435b-b7df-b2843273a694} - C:\Users\Daniel\AppData\LocalLow\KeyBar_1.13\prxtbKey0.dll (ClientConnect Ltd.)
    URLSearchHook: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 - KeyBar 1.13 Toolbar - {02edb56b-9b33-435b-b7df-b2843273a694} - C:\Users\Daniel\AppData\LocalLow\KeyBar_1.13\prxtbKey0.dll (ClientConnect Ltd.)
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope value is missing
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} URL = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> DefaultScope {2D282815-167C-487E-8752-98A4DE24CB53} URL = http://search.conduit.com/ResultsEx...=SPE16FC33D-C9E5-45A4-8682-469D0466382B&SSPV=
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/ResultsEx...=SPE63BAACB-1575-4638-BA45-C61DC2DBE714&SSPV=
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {0503E931-5DD8-4169-9139-B89F933578A5} URL = http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {106D07B9-3498-4918-823E-AB4B6EE2B927} URL = http://search.conduit.com/ResultsEx...4&ctid=CT3291326&CUI=UN18611491911748417&UM=2
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {2D282815-167C-487E-8752-98A4DE24CB53} URL = http://search.conduit.com/ResultsEx...=SPE16FC33D-C9E5-45A4-8682-469D0466382B&SSPV=
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} URL = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
    BHO-x32: KeyBar 1.13 Toolbar -> {02edb56b-9b33-435b-b7df-b2843273a694} -> C:\Users\Daniel\AppData\LocalLow\KeyBar_1.13\prxtbKey0.dll [2014-03-26] (ClientConnect Ltd.)
    BHO-x32: MediaBar -> {28387537-e3f9-4ed7-860c-11e69af4a8a0} -> C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll No File
    BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> No File
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-14] (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: BitAccelerator -> {CAC42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\BitAccelerator\BitAccelerator.dll [2012-09-16] (WebPass LLC)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-14] (Oracle Corporation)
    Toolbar: HKLM-x32 - MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll No File
    Toolbar: HKLM-x32 - KeyBar 1.13 Toolbar - {02edb56b-9b33-435b-b7df-b2843273a694} - C:\Users\Daniel\AppData\LocalLow\KeyBar_1.13\prxtbKey0.dll [2014-03-26] (ClientConnect Ltd.)
    Toolbar: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    Toolbar: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> No Name - {02EDB56B-9B33-435B-B7DF-B2843273A694} - No File
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 24.226.10.193 24.226.10.194 24.226.1.94

    FireFox:
    ========
    FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138
    FF DefaultSearchEngine: v9
    FF DefaultSearchEngine.US: Google
    FF SelectedSearchEngine: v9
    FF Homepage: hxxp://www.v9.com/?type=hppp&ts=1423593396&from=tugs&uid=WDCXWD6400BEVT-22A0RT0_WD-WXF1A80J7465J7465&I=psd&t=350871d0d
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
    FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-05-14] (DivX, LLC)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-14] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-14] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3324318861-2648927535-1656674588-1001: @client.dropbox.com/Dropbox Update;version=3 -> C:\Users\Daniel\AppData\Local\Dropbox\Update\1.3.27.15\npDropboxUpdate3.dll [2015-05-18] (Dropbox, Inc.)
    FF Plugin HKU\S-1-5-21-3324318861-2648927535-1656674588-1001: @client.dropbox.com/Dropbox Update;version=9 -> C:\Users\Daniel\AppData\Local\Dropbox\Update\1.3.27.15\npDropboxUpdate3.dll [2015-05-18] (Dropbox, Inc.)
    FF Plugin HKU\S-1-5-21-3324318861-2648927535-1656674588-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Daniel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
    FF Plugin HKU\S-1-5-21-3324318861-2648927535-1656674588-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin HKU\S-1-5-21-3324318861-2648927535-1656674588-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin HKU\S-1-5-21-3324318861-2648927535-1656674588-1001: samsung.com/AllSharePlayPCPlugin -> C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll No File
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-26] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-26] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-26] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-26] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-26] (Apple Inc.)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\v9.xml [2015-03-11]
    FF Extension: Webmail Ad Blocker - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\gmailnoads@mywebber.com.xpi [2014-12-15]
    FF Extension: Pushbullet - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\jid1-BYcQOfYfmBMd9A@jetpack.xpi [2015-03-01]
    FF Extension: Facebook Ads Block - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\jid1-CGxMej0nDJTjwQ@jetpack.xpi [2014-12-15]
    FF Extension: AdBlock Lite - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\jid1-dwtFBkQjb3SIQp@jetpack.xpi [2014-12-15]
    FF Extension: Smart Ads Blocker - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\jid1-LYopfl0r00ZV5k@jetpack.xpi [2014-12-15]
    FF Extension: Ads no more - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a2}.xpi [2014-12-15]
    FF Extension: FirefoxAdKiller - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi [2014-12-15]
    FF HKLM-x32\...\Firefox\Extensions: [zulagames@ZulaGames.com] - C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
    FF HKLM-x32\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
    FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\2zzie9l6.default\extensions\faststartff@gmail.com
    FF HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Firefox\Extensions: [zulagames@ZulaGames.com] - C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
    FF HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
    StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.v9.com/?type=sc&ts=14319...2A0RT0_WD-WXF1A80J7465J7465&I=psd&t=355852089
     
  2. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    FRST.txt (continued - 1)

    Chrome:
    =======
    CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Translate) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-02-08]
    CHR Extension: (Google Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2013-04-09]
    CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2013-04-09]
    CHR Extension: (Angry Birds) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-04-09]
    CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-09]
    CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-09]
    CHR Extension: (TV) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2013-04-09]
    CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-09]
    CHR Extension: (Google Cast) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-05-30]
    CHR Extension: (Add to Amazon Wish List) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2015-03-14]
    CHR Extension: (Adblock for Youtube™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2013-07-27]
    CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2014-05-30]
    CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-29]
    CHR Extension: (Search by Image (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2013-04-09]
    CHR Extension: (Google News) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-07-26]
    CHR Extension: (Google+) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-07-26]
    CHR Extension: (Google Tasks (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmglolhoplikcoamfgjgammjbgchgjdd [2015-02-08]
    CHR Extension: (NYTimes) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmphppfkcfflgglcokcbdkofpfegoel [2013-09-24]
    CHR Extension: (Google Calendar) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-04-09]
    CHR Extension: (Google Apps Script) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoieeedlomnegifmaghhjnghhmcldobl [2013-07-26]
    CHR Extension: (Google Finance) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp [2013-09-24]
    CHR Extension: (Google Sheets) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2013-04-09]
    CHR Extension: (Print Using Google Cloud Print™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffaifmgpcdjedlffbhenaloimajbdkfg [2013-04-09]
    CHR Extension: (Google Play Movies) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fppdphmgcddhjeddoeghpjefkdlccljb [2013-09-24]
    CHR Extension: (Chrome Remote Desktop) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-09-29]
    CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2015-02-08]
    CHR Extension: (Google Play Movies & TV) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2014-09-29]
    CHR Extension: (AdBlock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-04-09]
    CHR Extension: (Dictionary by Dictionary.com) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gikhgcaliglmioibbockkmjknfnepbdh [2013-09-24]
    CHR Extension: (Cut the Rope) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2013-04-09]
    CHR Extension: (Bookmark Manager) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2014-11-01]
    CHR Extension: (Drive Notepad) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpgjomejfimnbmobcocilppikhncegaj [2013-04-09]
    CHR Extension: (feedly) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-09-24]
    CHR Extension: (Google Keep - notes and lists) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-09-24]
    CHR Extension: (Music Player for Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfeekfpnjbdmelcapngdgkjnhgijjkh [2014-09-29]
    CHR Extension: (Clock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoihofapbdnldlhecnhefifbcddgdkhm [2013-09-24]
    CHR Extension: (Pixlr Express) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2013-04-09]
    CHR Extension: (Google Play Music) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2013-04-09]
    CHR Extension: (Chrome to Mobile) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-05-30]
    CHR Extension: (Voice Recognition) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn [2013-07-26]
    CHR Extension: (Dropbox) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-07-26]
    CHR Extension: (Flash Player) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdpbajmogfhlafbipjjklkdhloplicgc [2014-09-29]
    CHR Extension: (Cut the Rope) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbadlndcminbkfojhlimnkgaackjmdo [2013-09-24]
    CHR Extension: (Downloads) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2014-05-30]
    CHR Extension: (Google Forms) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2013-04-09]
    CHR Extension: (Chromebook Recovery Utility) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2015-02-08]
    CHR Extension: (Hangouts call) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbpgddbgniojgndnhlkjbkpknjhppkbk [2013-07-26]
    CHR Extension: (eBay Extension for Google Chrome™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2013-04-09]
    CHR Extension: (Hangouts) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2014-11-22]
    CHR Extension: (Auto HD For YouTube™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2013-07-27]
    CHR Extension: (Google Play) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2013-07-26]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
    CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-15]
    CHR Extension: (Google Maps) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-04-09]
    CHR Extension: (Google Cast API) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafeflapfdfljijmlienjedomfjfmhpd [2014-09-29]
    CHR Extension: (Google Dictionary (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-05-30]
    CHR Extension: (Quick Note) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2013-04-09]
    CHR Extension: (Pocket) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2013-09-24]
    CHR Extension: (Google Drawings) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2013-04-09]
    CHR Extension: (Google Play Books) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2013-04-09]
    CHR Extension: (Need for Speed World) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [2013-04-09]
    CHR Extension: (Hangouts) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-03-03]
    CHR Extension: (OneDrive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2013-07-26]
    CHR Extension: (Save to Pocket) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2013-04-09]
    CHR Extension: (Facebook Notifications) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo [2013-04-09]
    CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
    CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2013-04-09]
    CHR Extension: (My Chrome Theme) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-09-24]
    CHR Extension: (WeVideo - Video Editor and Maker) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb [2013-04-09]
    CHR Extension: (Picasa) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2013-04-09]
    CHR Extension: (Outlook.com) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2013-07-26]
    CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-09]
    CHR HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [njljkdinboobkmkihgcohanchjnjpgjk] - C:\Users\Daniel\AppData\Local\CRE\njljkdinboobkmkihgcohanchjnjpgjk.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [bgnnidmnbdkmhfkjgdnngciimpdgohok] - C:\Program Files (x86)\FirstRowSportApp.com\stv12.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Windows\system32\config\systemprofile\AppData\Roaming\zulagames\zulagames.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [kngjfmklipimnkegmcilmbhchklgjgfl] - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl.crx [2012-10-30]
    CHR HKLM-x32\...\Chrome\Extension: [njljkdinboobkmkihgcohanchjnjpgjk] - C:\Users\Daniel\AppData\Local\CRE\njljkdinboobkmkihgcohanchjnjpgjk.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-23]
    CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31]
    CHR HKLM-x32\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files (x86)\1ClickDownload\oneclickdownloader10.crx [Not Found]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
    R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [56648 2015-03-08] (Google Inc.)
    R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-04-15] (Freemake) [File not signed]
    R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
    R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
    R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288256 2010-11-08] (WDC) [File not signed]
    R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1060352 2010-11-08] () [File not signed]
    R2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [485376 2010-11-08] () [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
    S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
    R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
    S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
    S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
    S3 motandroidusb; System32\Drivers\motoandroid.sys [X]
    S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-05 23:37 - 2015-06-05 23:39 - 00055157 _____ C:\Users\Daniel\Downloads\FRST.txt
    2015-06-05 23:36 - 2015-06-05 23:37 - 00000000 ____D C:\FRST
    2015-06-05 23:36 - 2015-06-05 23:36 - 02108928 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
    2015-06-05 21:28 - 2015-06-05 21:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-06-05 18:57 - 2015-06-05 23:05 - 00000168 _____ C:\Windows\setupact.log
    2015-06-05 18:57 - 2015-06-05 18:57 - 00000000 _____ C:\Windows\setuperr.log
    2015-06-04 18:19 - 2015-06-04 19:31 - 3854055729 _____ C:\Users\Daniel\Downloads\Fast and Furious 7 2015 1080p HDRip x264 AC3-JYK.mkv
    2015-06-04 18:19 - 2015-06-04 19:31 - 00911671 _____ C:\Users\Daniel\Downloads\~uTorrentPartFile_E7824B2B.dat
    2015-06-04 01:46 - 2015-06-04 02:36 - 1613518033 _____ C:\Users\Daniel\Downloads\Jessica Robbin.wmv
    2015-06-02 21:47 - 2015-06-02 21:47 - 00000000 ____D C:\Users\Daniel\Downloads\Ep 71 Lilly Banks - Ride The Bride HD 1080p
    2015-06-02 21:21 - 2015-06-03 12:44 - 2275745812 ____R C:\Users\Daniel\Downloads\girl_power_big-1080.mp4
    2015-06-02 20:49 - 2015-06-02 20:55 - 2206009234 _____ C:\Users\Daniel\Downloads\Lilly Banks - Team Skeet Extras (I Was Looking For Your Sister).mp4
    2015-06-02 18:05 - 2015-06-02 18:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\GoPro
    2015-06-02 18:03 - 2015-06-02 18:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\GoPro
    2015-06-02 18:02 - 2015-06-02 18:03 - 00000000 ____D C:\Users\Public\CineForm
    2015-06-02 17:59 - 2015-06-02 17:59 - 00000810 _____ C:\Users\Public\Desktop\GoPro Studio.lnk
    2015-06-02 17:59 - 2015-06-02 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
    2015-06-02 17:58 - 2015-06-02 18:03 - 00000000 ____D C:\ProgramData\Package Cache
    2015-06-02 17:58 - 2015-06-02 17:58 - 00000000 ____D C:\Program Files (x86)\GoPro
    2015-06-02 17:58 - 2015-06-02 17:58 - 00000000 ____D C:\Program Files (x86)\CineForm
    2015-06-02 17:41 - 2015-06-02 17:57 - 121651128 _____ (GoPro, Inc.) C:\Users\Daniel\Downloads\GoProStudioPC-2.5.5.443.exe
    2015-06-01 18:04 - 2015-06-03 06:11 - 2446670338 ____R C:\Users\Daniel\Downloads\18yo.14.08.15.lilly.banks.dirty.selfies.mp4
    2015-06-01 17:12 - 2015-06-04 07:41 - 2149012305 _____ C:\Users\Daniel\Downloads\104_lily_banks_full-hd_1080p.mp4
    2015-06-01 17:06 - 2015-06-03 09:33 - 1638428587 _____ C:\Users\Daniel\Downloads\[MrPOV] Lilly Banks (1080p) (08.01.2014).mp4
    2015-06-01 17:03 - 2015-06-04 04:15 - 1287870908 _____ C:\Users\Daniel\Downloads\ktr.tds.13.01.21.lilly.banks.blondies.blowjob.mp4
    2015-06-01 03:14 - 2015-06-01 03:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\GWX
    2015-05-25 01:24 - 2015-05-25 01:24 - 00001295 _____ C:\Windows\system32\invisibleSHIELD-Original-For-Samsung-Galaxy-Tab-8.9-Inch-with-sim-card-ZAGG-InvisibleSHIELD-ZAGG-Electronics-Full-Body-protector-invisibleSHIELD-Original-For-Samsung-Galaxy-Tab-8.9-Inch-with-sim-.jpg.lnk
    2015-05-21 20:00 - 2015-05-23 21:13 - 3432974962 _____ C:\Users\Daniel\Downloads\ham.13.10.29.abby.cross.mia.malkova.kiera.winters.and.lola.foxx.yer.under.arrest.missy.mp4
    2015-05-21 19:52 - 2015-05-21 21:40 - 589405271 _____ C:\Users\Daniel\Downloads\reg.13.03.30.kiera.winters.sexual.interactions.wmv
    2015-05-21 19:48 - 2015-05-21 21:41 - 2037812315 _____ C:\Users\Daniel\Downloads\Kiera Winters - She's A Freak (***** Workouts!).mp4
    2015-05-21 19:46 - 2015-05-21 21:13 - 1517014224 _____ C:\Users\Daniel\Downloads\mts.14.06.20.brandi.love.and.kiera.winters.caught.with.your.pants.down.mp4
    2015-05-21 19:45 - 2015-05-21 23:02 - 3078230812 _____ C:\Users\Daniel\Downloads\tlhc.13.10.05.kiera.winters.naughty.needs.mp4
    2015-05-20 11:40 - 2015-05-20 12:54 - 1321352348 _____ C:\Users\Daniel\Downloads\cum_bum_720p.mp4
    2015-05-20 09:59 - 2015-05-20 09:59 - 01490944 _____ (CineForm Inc.) C:\Windows\SysWOW64\CFHD.dll
    2015-05-20 09:59 - 2015-05-20 09:59 - 01462272 _____ (CineForm Inc.) C:\Windows\system32\CFHD.dll
    2015-05-20 02:46 - 2015-05-20 04:15 - 1177470825 _____ C:\Users\Daniel\Downloads\bbw6421_3000.mp4
    2015-05-20 01:52 - 2015-05-20 02:20 - 727197567 _____ C:\Users\Daniel\Downloads\in_position_big.wmv
    2015-05-18 13:21 - 2015-06-05 23:26 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job
    2015-05-18 13:21 - 2015-06-05 13:31 - 00000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job
    2015-05-18 13:21 - 2015-05-18 13:21 - 00003898 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA
    2015-05-18 13:21 - 2015-05-18 13:21 - 00003502 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core
    2015-05-18 13:21 - 2015-05-18 13:21 - 00000000 ____D C:\Users\Daniel\AppData\Local\Dropbox
    2015-05-18 13:21 - 2015-05-18 13:21 - 00000000 ____D C:\ProgramData\Dropbox
    2015-05-14 23:33 - 2015-05-01 09:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-14 23:33 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-05-14 19:51 - 2015-04-21 22:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-05-14 19:51 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-05-14 19:51 - 2015-04-21 13:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-05-14 19:51 - 2015-04-21 13:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-05-14 19:51 - 2015-04-21 12:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-05-14 19:51 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-05-14 19:51 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-05-14 19:51 - 2015-04-21 12:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-05-14 19:51 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-05-14 19:51 - 2015-04-21 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-05-14 19:51 - 2015-04-21 12:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-05-14 19:51 - 2015-04-21 12:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-05-14 19:51 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-05-14 19:51 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-05-14 19:51 - 2015-04-21 12:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-05-14 19:51 - 2015-04-21 12:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-05-14 19:51 - 2015-04-21 12:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-05-14 19:51 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-05-14 19:51 - 2015-04-21 12:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-05-14 19:51 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-05-14 19:51 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-05-14 19:51 - 2015-04-21 12:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-05-14 19:51 - 2015-04-21 12:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-05-14 19:51 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-05-14 19:51 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-05-14 19:51 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-05-14 19:51 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-05-14 19:51 - 2015-04-21 12:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-05-14 19:51 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-05-14 19:51 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-05-14 19:51 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-05-14 19:51 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-05-14 19:51 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-05-14 19:51 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-05-14 19:51 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-05-14 19:51 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-05-14 19:51 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-05-14 19:51 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-05-14 19:51 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-05-14 19:51 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-05-14 19:51 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-05-14 19:51 - 2015-04-21 11:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-05-14 19:51 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-05-14 19:51 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-05-14 19:51 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-05-14 19:51 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-05-14 19:51 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-05-14 19:51 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-05-14 19:51 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-05-14 19:51 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-05-14 19:51 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-05-14 19:51 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-05-14 19:51 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-05-14 19:51 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-05-14 19:51 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-05-14 19:51 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-05-14 19:51 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-05-14 19:51 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-05-14 19:51 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-05-14 19:50 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-05-14 19:46 - 2015-05-04 21:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-05-14 19:46 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-05-14 19:46 - 2015-04-17 23:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-05-14 19:46 - 2015-03-04 00:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-05-14 19:46 - 2015-03-04 00:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-05-14 19:46 - 2015-03-04 00:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-05-14 19:46 - 2015-03-04 00:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-05-14 19:46 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
    2015-05-14 19:46 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2015-05-14 19:46 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2015-05-14 19:45 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2015-05-14 19:41 - 2015-04-27 15:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-05-14 19:41 - 2015-04-27 15:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-05-14 19:41 - 2015-04-27 15:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-05-14 19:41 - 2015-04-27 15:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00362496 _____ Microsoft[​IMG] Corporation) C: Windows[​IMG]\system32\wow64win.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00314880 _____ Microsoft[​IMG] Corporation) C:\Windows\system32\msv1_0.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-05-14 19:41 - 2015-04-27 15:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00047104 _____ Microsoft[​IMG] Corporation) C: Windows[​IMG]\system32\typeperf.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00043008 _____ Microsoft[​IMG] Corporation) C:\Windows\system32\relog.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
    2015-05-14 19:41 - 2015-04-27 15:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-05-14 19:41 - 2015-04-27 15:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H Microsoft[​IMG] Corporation) C: Windows[​IMG]\system32\api-ms-win-core-profile-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H Microsoft[​IMG] Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-05-14 19:41 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-05-14 19:41 - 2015-04-27 15:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2015-05-14 19:41 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2015-05-14 19:41 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-05-14 19:41 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
    2015-05-14 19:41 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
    2015-05-14 19:41 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
    2015-05-14 19:41 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
    2015-05-14 19:41 - 2015-04-27 15:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2015-05-14 19:41 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-05-14 19:41 - 2015-04-27 15:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2015-05-14 19:41 - 2015-04-27 15:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2015-05-14 19:41 - 2015-04-27 15:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-05-14 19:41 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-05-14 19:41 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
    2015-05-14 19:41 - 2015-04-27 15:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-14 19:41 - 2015-04-27 13:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2015-05-14 19:41 - 2015-04-27 13:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2015-05-14 19:40 - 2015-04-27 15:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-05-14 19:40 - 2015-04-27 15:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-05-14 19:40 - 2015-04-27 15:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-05-14 19:40 - 2015-04-27 15:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-05-14 19:40 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2015-05-14 19:40 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2015-05-14 19:40 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-05-14 19:40 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-05-14 19:40 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-05-14 19:40 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2015-05-14 19:40 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2015-05-14 19:40 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2015-05-14 19:40 - 2015-04-27 13:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2015-05-14 19:18 - 2015-05-14 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    2015-05-14 19:15 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2015-05-14 19:15 - 2015-02-18 03:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2015-05-14 19:13 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-05-14 19:11 - 2015-04-19 23:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-05-14 19:11 - 2015-04-19 23:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-05-14 19:11 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2015-05-14 19:11 - 2015-04-19 22:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-05-14 19:07 - 2015-04-07 23:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-05-14 19:07 - 2015-04-07 23:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-05-14 19:07 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
     
  3. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    FRST.txt (continued - 2)

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-05 23:40 - 2015-03-16 01:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\uTorrent
    2015-06-05 23:27 - 2012-07-16 23:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-06-05 23:25 - 2014-06-24 22:06 - 00000286 _____ C:\Windows\Tasks\bench-Updater removing.job
    2015-06-05 23:11 - 2012-01-27 19:01 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-06-05 23:07 - 2010-12-27 05:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
    2015-06-05 23:03 - 2011-10-25 20:15 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job
    2015-06-05 22:51 - 2010-12-26 19:11 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job
    2015-06-05 21:51 - 2010-12-26 19:11 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job
    2015-06-05 21:28 - 2012-09-16 01:41 - 00000000 ___RD C:\Users\Daniel\Dropbox
    2015-06-05 21:28 - 2012-09-16 01:37 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Dropbox
    2015-06-05 20:45 - 2014-06-23 23:03 - 00000346 _____ C:\Windows\Tasks\bench-sys.job
    2015-06-05 18:11 - 2012-01-27 19:01 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-06-05 16:54 - 2010-10-11 17:03 - 01473819 _____ C:\Windows\WindowsUpdate.log
    2015-06-05 13:57 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-06-05 13:57 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-06-05 02:35 - 2015-02-16 23:27 - 00000000 ____D C:\Users\Daniel\Downloads\Audio
    2015-06-05 02:03 - 2011-10-25 20:15 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job
    2015-06-04 20:15 - 2012-06-22 01:10 - 00000000 ___RD C:\Users\Daniel\Google Drive
    2015-06-04 20:14 - 2012-06-22 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2015-06-04 12:37 - 2013-01-29 23:55 - 00000000 ____D C:\Users\Daniel\Downloads\Random Stuff
    2015-06-03 09:55 - 2014-12-10 02:37 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
    2015-06-03 09:35 - 2015-01-23 05:29 - 00000000 ____D C:\Users\Daniel\Downloads\For Sale
    2015-06-01 16:25 - 2015-03-16 02:05 - 00000000 ____D C:\Program Files\PeerBlock
    2015-05-29 12:52 - 2010-12-26 19:00 - 00000000 ____D C:\ProgramData\EPSON
    2015-05-29 12:52 - 2010-12-26 18:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
    2015-05-25 14:59 - 2011-09-22 18:39 - 00000000 ____D C:\Program Files (x86)\DivX
    2015-05-25 14:59 - 2011-02-21 22:36 - 00000000 ____D C:\ProgramData\DivX
    2015-05-25 14:58 - 2013-09-10 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
    2015-05-25 11:59 - 2015-03-02 02:31 - 00000000 ____D C:\Users\Daniel\AppData\Local\HTC MediaHub
    2015-05-25 11:57 - 2014-09-24 18:18 - 00000000 ___RD C:\Users\Daniel\iCloudDrive
    2015-05-25 11:54 - 2014-06-23 22:41 - 00000000 ____D C:\ProgramData\IePluginServices
    2015-05-25 11:54 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-05-25 11:53 - 2013-10-06 13:26 - 00000000 ____D C:\Program Files (x86)\Conduit
    2015-05-22 20:54 - 2009-07-14 01:13 - 00786662 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-05-22 09:52 - 2010-12-27 05:18 - 00000000 ____D C:\ProgramData\Skype
    2015-05-22 00:05 - 2015-03-08 21:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-05-20 21:21 - 2015-03-18 23:02 - 00000000 ____D C:\Users\Daniel\Downloads\Video
    2015-05-20 12:02 - 2015-03-29 22:28 - 00000000 ___SD C:\Windows\SysWOW64\GWX
    2015-05-20 12:02 - 2015-03-29 22:28 - 00000000 ___SD C:\Windows\system32\GWX
    2015-05-18 13:31 - 2010-12-28 17:39 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
    2015-05-18 13:29 - 2014-10-01 00:26 - 00000000 ____D C:\Users\Daniel\AppData\Local\E602EEE4-6D14-4789-9B7E-D6F188D5E92D.aplzod
    2015-05-15 18:06 - 2012-01-27 19:01 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-05-15 18:06 - 2012-01-27 19:01 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-05-15 13:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
    2015-05-15 12:19 - 2013-03-13 17:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2015-05-15 12:19 - 2009-07-14 00:45 - 00421712 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-05-15 12:18 - 2013-03-13 17:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2015-05-15 12:15 - 2009-07-14 03:45 - 00000000 ____D C:\Program Files\Windows Journal
    2015-05-15 01:25 - 2010-12-28 17:46 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-05-15 01:17 - 2012-07-20 22:26 - 00002155 _____ C:\Windows\epplauncher.mif
    2015-05-15 01:17 - 2012-07-20 22:26 - 00002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2015-05-15 01:16 - 2012-07-20 22:26 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2015-05-15 01:15 - 2012-07-20 22:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
    2015-05-15 01:06 - 2013-08-16 06:54 - 00000000 ____D C:\Windows\system32\MRT
    2015-05-15 00:30 - 2015-03-02 02:31 - 00001995 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
    2015-05-15 00:28 - 2011-07-12 19:45 - 00000000 ____D C:\Users\Daniel\AppData\Local\Downloaded Installations
    2015-05-14 23:43 - 2010-12-27 05:35 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-05-14 23:33 - 2013-03-13 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-05-14 20:10 - 2013-11-21 15:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2015-05-14 18:24 - 2012-09-16 01:41 - 00001026 _____ C:\Users\Daniel\Desktop\Dropbox.lnk

    ==================== Files in the root of some directories =======

    2010-12-29 21:32 - 2011-11-22 18:14 - 0016846 _____ () C:\Users\Daniel\AppData\Roaming\Rim.Desktop.Exception.log
    2010-12-29 17:35 - 2012-06-06 03:39 - 0005333 _____ () C:\Users\Daniel\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
    2011-06-10 13:29 - 2011-11-22 18:14 - 0001309 _____ () C:\Users\Daniel\AppData\Roaming\Rim.DesktopHelper.Exception.log
    2010-12-30 20:16 - 2014-09-29 04:07 - 0057856 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2013-02-17 04:09 - 2013-02-17 04:09 - 0000057 _____ () C:\ProgramData\Ament.ini
    2010-12-28 17:38 - 2010-12-28 17:38 - 0000137 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

    Some files in TEMP:
    ====================
    C:\Users\Daniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpy1e1hw.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-25 12:58

    ==================== End of log ============================
     
  4. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
    Ran by Daniel at 2015-06-05 23:40:31
    Running from C:\Users\Daniel\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3324318861-2648927535-1656674588-500 - Administrator - Disabled)
    Daniel (S-1-5-21-3324318861-2648927535-1656674588-1001 - Administrator - Enabled) => C:\Users\Daniel
    Guest (S-1-5-21-3324318861-2648927535-1656674588-501 - Limited - Disabled) => C:\Users\Guest
    HomeGroupUser$ (S-1-5-21-3324318861-2648927535-1656674588-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
    Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.3 - Liteon)
    Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
    Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
    Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
    Chrome Remote Desktop Host (HKLM-x32\...\{A1A724F3-F1A6-479C-AE98-208946717E2B}) (Version: 42.0.2311.39 - Google Inc.)
    DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.70 - DivX, LLC)
    Dropbox (HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Dropbox) (Version: 3.6.6 - Dropbox, Inc.)
    erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
    Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version: - GTgroup) <==== ATTENTION
    Freemake Video Converter version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
    Freemake YouTube To MP3 Boom (HKLM-x32\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.3 - Ellora Assets Corporation)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
    Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
    GoPro App (x32 Version: 0.1.443 - GoPro, Inc.) Hidden
    GoPro Studio 2.5.5 (HKLM-x32\...\{5d43231e-c765-405a-a122-81de16acd8b4}) (Version: 2.5.5.443 - GoPro, Inc.)
    HP Officejet 6700 Basic Device Software (HKLM\...\{A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
    HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
    iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
    IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
    iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
    Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Java(TM) SE Development Kit 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
    Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: - )
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
    Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
    Pushbullet version 312 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 312 - Pushbullet Inc)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
    RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
    Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
    SOTI Pocket Controller-Pro For BlackBerry (HKLM-x32\...\{8944B5A2-A948-4BA2-9A14-B094EB23D779}) (Version: - )
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
    VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    WD SmartWare (HKLM\...\{B6FD23F0-1047-4088-94BF-B137D4D17CD8}) (Version: 1.4.3.4 - Western Digital)
    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

    ==================== Restore Points =========================

    04-06-2015 12:06:56 Windows Update
    05-06-2015 00:00:53 Windows Backup

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 22:34 - 2014-06-23 23:17 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {00C873E0-E977-4662-91BE-14383F2AD5CC} - System32\Tasks\bench-Updater removing
    Task: {0382D4B0-480C-4169-A884-E2A91286D33D} - System32\Tasks\{F2B6D04A-331E-4A29-A8D3-FD669BE21BF3} => pcalua.exe -a C:\Users\Daniel\AppData\Local\Temp\Temp1_Lan_Atheros_1.0.0.34_W7x64_A.zip\Lan_Atheros_1.0.0.34_W7x64_AS5745\setup.exe
    Task: {11366688-BAFF-49A3-8BE0-CDFB9A15BCB6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: {11B6E5D8-3FCD-4B5F-A666-EE90608A0655} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
    Task: {19F338B2-0232-4C1B-AE52-98FB26D1FB6A} - System32\Tasks\{85AA2A13-FA4A-4173-91CF-A2C9136C462F} => pcalua.exe -a D:\SETUP.EXE -d D:\
    Task: {20B9D468-9E18-4EE1-990D-89651170DA6F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
    Task: {218E47C5-CFED-42E5-A44C-3141285B4CB2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-08] (Google Inc.)
    Task: {2D46E39F-6A85-46DA-BED5-B798EA0F9AE0} - System32\Tasks\{215C85D0-7A5A-48B7-BB7D-E6B35027AFA4} => pcalua.exe -a C:\Users\Daniel\Downloads\RocketDock-v1.3.5.exe -d C:\Users\Daniel\Downloads
    Task: {318678D5-C82B-4264-A0CB-6DEBBCF4E268} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
    Task: {534CFB4F-9A02-412D-98EF-82B1A2E78376} - System32\Tasks\{75D976B3-4FD1-47DE-A198-0CB8328252C9} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=4.1.0.179.367&amp;LastError=12007
    Task: {558352AF-9DCF-4796-8F8F-164B67DD4EB7} - System32\Tasks\{8D64A52F-C543-4068-99DF-F1AD7E063ABB} => pcalua.exe -a "C:\Users\Daniel\Downloads\chromeinstall-8u25 (1).exe" -d C:\Users\Daniel\Downloads
    Task: {56D29852-F0EA-4171-B049-E9579CFC8DFE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {5869198F-1453-4144-8FA0-83681F901AEA} - System32\Tasks\{C6B61B03-1CA1-4DEC-BF6A-9BF80EA2AC64} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{3E31400D-274E-4647-916C-2CACC3741799}\ENPSETUP.exe" -c -runfromtemp -l0x0009 -EPSON -removeonly
    Task: {5CDEC803-6D46-4D33-A5F7-B0AC25346F4F} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
    Task: {86CF030A-B82D-4B5F-A960-4A1AD1623B96} - System32\Tasks\{2D965988-10B6-4B03-8D4A-79EA711985F6} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=4.1.0.179.367&amp;LastError=12007
    Task: {8D2701DB-47B6-43E5-AEA6-5397A1FCB9E1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
    Task: {95BF47A1-DDC1-4F6B-A870-CB043C50F52D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    Task: {97EEFF96-E334-43C4-850E-CA06FE14DFDC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
    Task: {99DAE890-F452-4CE8-8B22-F4A53AAB6F5F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {9C41B237-4C53-44BF-83A5-36A4FB957EA6} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-03-27] () <==== ATTENTION
    Task: {A27EB2B1-80C2-4107-A084-E2A1C1E65B8D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
    Task: {A6557631-38B3-49EA-8C25-A5BE8C81320B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
    Task: {A6A45F03-77B8-4F31-8A1F-C4E8E7B71CCE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: {A941774B-E4FF-43FB-B941-96BDBA15C0A1} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {B5713518-CBAD-4A6B-892C-A2BCF5598E89} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-27] (Microsoft Corporation)
    Task: {BD113CC3-DFD0-45F3-A7DD-B416D84DFFA5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
    Task: {CD36AC2A-3C6B-45F9-B022-7A38D4E203A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-08] (Google Inc.)
    Task: {D33CC7E4-5FCA-49CC-AC44-A863AE60D143} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {D5691901-7A2D-45A8-9F08-B22EBB733FD7} - System32\Tasks\RunAsStdUser Task => C:\Users\Daniel\AppData\Local\PlayVolcanoSA\bin\1.0.10.0\PlayVolcanoSA.exe
    Task: {D7E6B171-8562-41F4-A29F-1036FCD0BF03} - System32\Tasks\{5E9606FE-159C-4521-91C2-A08424EC16CD} => pcalua.exe -a C:\Users\Daniel\Downloads\epson13714.exe
    Task: {D95309B1-B218-4C17-8E12-9DB08A438AF6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-18] (Dropbox, Inc.)
    Task: {E8E7CA92-AC55-4D8F-95A7-4053184B268D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    Task: {EBDF3514-7FFD-4899-AE2F-1795E0F2BBD1} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-18] (Dropbox, Inc.)
    Task: {FFCD13BC-A60B-4605-8AC2-BE9600926CB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
    Task: C:\Windows\Tasks\bench-Updater removing.job => qRF /verysilent SYSTEM This will uninstall Updater <==== ATTENTION
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2011-01-17 12:43 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
    2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2015-05-25 21:15 - 2015-05-22 16:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
    2015-05-25 21:15 - 2015-05-22 16:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
    2015-05-25 21:15 - 2015-05-22 16:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll
     
  5. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    Additional.txt (continued - 1)

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:373E1720
    AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
    AlternateDataStreams: C:\Users\Daniel\Downloads\1001994_441051482665849_2071377629_n.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\10653288_901289869890004_663565123845086682_n.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\10712895_899427696735212_1833185090630122312_n.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\10926344_907340162632784_3922748838221288792_o.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\1376393_430890237012403_1881651259_n.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\1391601_430890597012367_1633048089_n.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\1395946_441138299323834_714249870_n.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2012-06-07 23.22.49.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2012-07-11 23.02.39.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2012-08-06 23.05.43.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2012-08-09 23.56.25.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2012-10-16 18.27.58.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\20120803_184509.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\20120803_200644.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\20120803_201516.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\20120913_224933.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-01-12 23.03.33.mov:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-01-12 23.10.14.mov:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-07-29 07.33.03-1.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-01 07.31.48.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-01 21.08.00.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-04 01.54.07.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-09 13.18.28.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-09 19.25.22.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-16 13.26.35.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-31 00.26.11.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-04 18.34.53.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-05 01.01.51.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-05 23.51.11.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-07 12.31.57.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-07 12.41.42.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-11 02.54.41.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-13 00.02.05.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-13 00.02.33.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-18 21.18.45.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-18 22.27.45.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-19 02.45.00.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-19 02.45.11.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-19 02.45.26.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-19 11.27.42.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-20 21.07.37.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-20 21.08.03.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-20 21.11.49.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-28 20.11.27.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-29 05.26.29.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-29 05.28.58.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-02 04.56.15.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-02 04.56.29.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-02 04.59.00.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-02 05.04.23.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-02 05.06.43.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-02 17.18.59.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-04 01.18.19.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-04 18.36.41.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-04 18.40.46.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-04 18.47.01.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-06 08.52.16.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-06 08.57.19.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-06 12.00.51.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-09 16.29.15.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-11 18.45.08.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-11 18.45.34.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-12 18.16.36.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-12 20.47.11.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-13 04.35.13.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-14 04.19.56.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-14 04.23.20.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-18 03.25.26.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-18 03.26.30.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-21 15.18.15.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-23 21.17.29.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-24 07.28.04.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-27 10.43.54.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-27 10.44.19.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-27 10.47.53.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-27 15.54.10.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-29 06.00.16.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-29 06.00.40.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-29 06.03.05.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-29 06.09.41.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-30 04.23.08.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-31 18.04.42.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-01 14.09.27.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-01 14.09.48.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-02 04.25.30.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-04 19.41.54.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-11 05.52.42.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-12 04.21.59.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-12 04.23.52.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-17 10.24.29.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-22 22.08.31.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-24 01.00.41.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-24 01.05.40.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-24 01.17.35.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-24 01.18.41.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-25 05.47.39.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-25 06.06.15.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-25 06.07.49.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-25 06.44.23.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-26 19.55.30.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-28 12.58.00.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-28 12.59.17.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-03 15.36.21.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-04 23.02.46.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-06 15.50.29.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-06 15.52.36.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-06 16.05.51.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-13 02.25.55.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-13 02.33.39.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-15 16.34.42.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-19 18.19.20.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-25 05.06.32.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-25 05.14.29.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-25 05.26.39.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-25 14.53.28.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-27 10.09.50.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-02 14.23.10.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-03 15.37.48.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-03 15.39.38.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-03 17.09.26.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-03 17.15.37.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-07 23.50.55.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-09 05.03.44.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-09 05.07.26.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-09 05.13.29.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-10 14.40.26.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-11 02.46.54.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-11 07.01.41.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-11 07.03.14.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-11 07.05.44.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-11 07.07.40.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-12 15.58.55.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-16 17.51.24.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-16 17.55.38.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-16 18.03.08.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-17 04.22.32.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-17 05.07.51.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-23 03.02.45.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-25 19.18.03.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-25 19.30.59.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-29 09.04.38.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-30 18.13.39.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-30 18.14.48.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-30 18.16.43.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-03 05.05.07.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-03 16.39.51.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-05 04.57.03.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-05 20.45.30.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-05 20.49.16.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-05 20.50.35.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-05 20.54.02.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-06 18.59.17.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-06 19.02.13.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-06 20.48.59.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-06 20.52.48.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-08 21.40.18.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-09 10.17.56.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-09 10.19.56.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-09 21.18.43.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-09 21.23.49.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-11 22.04.03.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-12 04.05.10.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 04.18.16.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 04.28.39.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 04.33.52.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 04.34.22.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 04.34.58.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 06.12.35.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 06.40.15.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 06.44.11.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 06.45.48.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 23.53.23.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.23.13.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.25.03.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.26.11.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.27.04.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.27.27.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.33.46.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.34.25.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-17 06.30.44.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-19 18.57.40.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-19 22.01.06.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-20 22.52.01.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-21 22.37.03.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.48.18.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.48.52.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.49.24.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.49.40.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.50.15.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.50.34.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.51.06.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.08.20.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.12.08.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.13.40.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.13.51.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.14.18.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.15.53.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.16.11.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.16.31.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.19.08.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 18.55.45.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 18.57.54.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 23.01.10.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 23.01.33.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 23.06.15.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-23 14.32.10.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-23 17.19.59.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-23 17.22.01.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-23 17.25.59.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-23 17.58.14.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-23 18.30.24.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 03.59.32.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.03.24.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.06.28.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.06.58.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.07.29.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.07.41.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.07.49.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.15.36.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.16.01.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.16.38.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.17.52.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.20.18.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.21.17.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-25 22.43.21.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-28 11.42.18.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-28 11.42.58.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-01 19.46.51.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-03 07.03.56.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-03 07.08.57.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-03 07.15.19.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-03 07.16.39.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-11 00.07.58.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-11 05.30.59.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-11 05.41.02.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-15 18.23.18.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-16 01.21.31.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-16 01.24.12.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-16 02.13.28.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-16 02.15.02.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-18 19.40.25.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-18 19.41.48.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-18 19.42.00.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-19 21.13.46.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-20 00.43.11.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-20 00.46.16.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-21 21.28.31.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-21 21.34.48.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-23 16.05.33.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-25 22.23.25.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-31 02.48.41.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-31 02.51.46.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-31 02.52.01.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-31 04.46.06.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-01 06.43.09.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-01 06.44.06.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-01 06.50.44.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-01 06.51.26.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-01 07.18.53.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-06 22.15.47.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-06 22.18.59.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-06 22.26.05.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-09 05.49.33.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-10 07.14.37.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-12 09.34.42.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-12 09.36.55.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-17 15.25.48.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-18 10.39.02.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-18 10.41.54.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-18 11.47.34.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-18 11.49.19.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-19 15.11.35.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-19 15.21.43.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-23 16.32.46.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-25 01.46.57.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-25 17.32.54.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-25 17.39.09.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-25 17.40.35.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-26 16.04.27.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-28 03.13.43.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-09 03.03.41.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-09 10.52.40.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-10 00.11.30.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-10 00.12.38.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-10 08.57.54.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-11 21.38.00.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-20 22.25.33.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-22 11.24.22.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-23 22.59.49.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-26 19.48.33.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-01 02.39.52.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-01 02.47.40.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-02 03.58.40.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-07 17.12.01.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-12 00.14.28.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-20 23.54.48.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-27 19.52.33.mov:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-29 00.06.56.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-08-07 04.48.28.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-08-08 12.50.12.mov:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-08-08 13.04.15.mov:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-08-08 19.14.41.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-08-16 00.09.05.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-09-18 15.00.27.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-10-02 02.49.05.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-10-03 20.15.07.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-10-21 12.07.56.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-10-24 10.30.56.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-11-06 03.09.35.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-11-07 07.11.21.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-11-23 21.49.08.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-11-26 14.27.25.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-11-28 05.21.05.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-12-11 17.23.54.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-01-12 01.14.32.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-01-17 10.06.26.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-01-19 16.03.13.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-02 00.54.17.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-02 01.14.38.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-02 01.15.16.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-06 23.57.20.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-13 19.01.41.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-18 14.22.40.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-22 06.04.39.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-22 06.06.31.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-22 06.07.30.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-22 06.08.15.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-22 06.08.48.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-24 11.52.42.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-25 18.42.37.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-11 22.36.22.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-11 22.49.54.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-12 04.31.07.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-12 04.31.18.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-23 09.30.56.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-23 21.41.46.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-24 17.01.07.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-04-03 18.19.37.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-04-04 05.36.24.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-04-04 05.40.24.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-04-09 02.56.25.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\996947_440954859342178_1844270018_n.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\IMG_387060353770565.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\Router Confirmation (1).eml:OECustomProperty
    AlternateDataStreams: C:\Users\Daniel\Downloads\Router Confirmation.eml:OECustomProperty
    AlternateDataStreams: C:\Users\Daniel\Downloads\Screenshot 2013-10-01 22.52.53.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\Screenshot 2015-02-17 00.02.25.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\Writing Assignment No. 1 (1).eml:OECustomProperty
    AlternateDataStreams: C:\Users\Daniel\Downloads\Writing Assignment No. 1.eml:OECustomProperty
     
  6. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    Additional.txt (continued - 2)

    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 24.226.10.193 - 24.226.10.194

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{7D78AF7B-CA48-4C5C-873F-5B7503690A31}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{2688D0AB-D451-4481-BE5B-3D7F738FADEC}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{381D04E9-024D-4495-9003-037ADA8B9E13}] => (Allow) svchost.exe
    FirewallRules: [{DDBEA448-67BC-4BFE-AF7B-222108DB3BA7}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    FirewallRules: [{4375ED0A-7137-4FF7-BB24-38FD5C420CD9}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    FirewallRules: [{203E4A05-5BB4-4C2A-ACAB-AF8AF19054BB}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
    FirewallRules: [{8E13EDFC-79DD-4274-B2A9-319F3E4E8A9E}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
    FirewallRules: [TCP Query User{A94D9F16-BFA6-4819-97B4-02B06846BF1E}D:\common\driver update\edupdate.exe] => (Allow) D:\common\driver update\edupdate.exe
    FirewallRules: [UDP Query User{AD6D3081-5C57-43D2-A5FA-31C62C635BC5}D:\common\driver update\edupdate.exe] => (Allow) D:\common\driver update\edupdate.exe
    FirewallRules: [TCP Query User{735727AA-4BF0-498A-B694-9C30E8A5E591}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [UDP Query User{12A0933A-039C-4F99-8693-6576B5AB735A}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [{7706412F-4594-4AD3-9F3A-C7AB31E512E5}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
    FirewallRules: [{5AD04E15-D362-4F5E-9130-AE2ADB8E8DF6}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
    FirewallRules: [{D986FCE2-173D-4050-BFD8-17A7F8C3DAA0}] => (Allow) C:\Program Files (x86)\Sony\Media Manager for PSP 2.5\MediaManager.exe
    FirewallRules: [{5646385C-BFE1-4D45-867C-0C5F02F6C068}] => (Allow) C:\Program Files (x86)\Sony\Media Manager for PSP 2.5\MediaManager.exe
    FirewallRules: [{C0F3867C-8261-41DB-A664-6692CF953C91}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
    FirewallRules: [{02D3ADB2-E188-4C84-A17B-87B21991B753}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
    FirewallRules: [{0D29A877-D58B-4E0E-B5F6-47B4FAEDC32A}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{4F9CCB71-D00C-4408-8649-CCCEDCFA8C8C}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{95D14B2E-EA53-4AEF-905E-39177C87411A}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{79202E38-520C-434D-A777-38CDD14D4F37}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{83057113-BF26-4F05-9A49-61E48DCDEC28}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
    FirewallRules: [{58611B7F-50E4-45BA-B4EF-DBD2380596CC}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
    FirewallRules: [{C9CCB89A-FC46-4BE7-B2AD-C8760E7C515A}] => (Allow) LPort=4481
    FirewallRules: [{0E9FFA9C-7758-43C8-9126-A30905F7ACC9}] => (Allow) LPort=4481
    FirewallRules: [{7793A052-3929-4183-8076-87ACB7B9390C}] => (Allow) LPort=4482
    FirewallRules: [{274C521A-9229-48B9-B085-094B31E1AA7D}] => (Allow) LPort=4482
    FirewallRules: [{F5443ED9-AED8-40E1-A1CC-F1FEA81F79B6}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
    FirewallRules: [{5A215B2C-B095-4598-9103-C22D39958001}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
    FirewallRules: [{C55334DE-1AC6-4704-8D3F-BB65E340CAD9}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
    FirewallRules: [{394FD475-2CAC-4152-A2DC-59A2588D8778}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
    FirewallRules: [{65600992-564F-4B2B-932F-F7EDE744C849}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
    FirewallRules: [{65C4C010-35AA-4FFF-BCDA-0FC9032021D8}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
    FirewallRules: [{90C4D653-27C2-4361-B4FB-66375D8A4E2E}] => (Allow) C:\Users\Daniel\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{66311296-010F-4D57-AC48-EE2F408E518E}] => (Allow) C:\Users\Daniel\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{0AF284D7-15C9-4B8F-9FF1-E1AEA94449E6}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
    FirewallRules: [{419554F5-537F-4CE4-BDDB-3EA1009BC9C1}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
    FirewallRules: [{5C3B39AC-BE2B-4B66-AD8E-02557A3E8849}] => (Allow) C:\Users\Daniel\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{9944D957-2666-4EAE-B7D1-86EA662A2B7A}] => (Allow) C:\Users\Daniel\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{22C64BCB-A690-44E8-AB82-89DFBBDDC3F5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{34A3ABFB-12E0-40E1-84A6-E8AE71450971}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{5CF36CAF-11DD-4803-80F9-D991BD1886FC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{B8B01B14-57B8-4A4E-BB7C-CB5C494CFF49}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{5FABC3E3-A79E-4371-B505-0C0DEEFE91EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kane & Lynch 2 - Dog Days\kl2.exe
    FirewallRules: [{FACD7453-6A52-4B9C-8671-DFA718A29746}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kane & Lynch 2 - Dog Days\kl2.exe
    FirewallRules: [TCP Query User{3F45389D-F370-41AC-B7AA-A72B449D0EE0}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
    FirewallRules: [UDP Query User{C90B010C-CA2B-4CE9-A820-80EAFDC17FC8}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
    FirewallRules: [{A74297A5-9A2E-46A8-9FBB-35DAA0992FAB}] => (Allow) C:\Users\Daniel\AppData\Local\vghd\bin\Virtuagirl_Downloader.exe
    FirewallRules: [{986598B9-A1E5-4690-9D62-2DB21236E35A}] => (Allow) C:\Users\Daniel\AppData\Local\vghd\bin\Virtuagirl_Downloader.exe
    FirewallRules: [{694A9510-9732-4782-BA54-6F96235D6B2C}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.1.01\AllShareFrameworkDMS.exe
    FirewallRules: [{6C7BEABE-F86D-4854-9BBC-BCB262AE64C2}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.1.01\AllShareFrameworkDMS.exe
    FirewallRules: [{C06D4117-562F-4001-9F53-9A8659A61932}] => (Allow) LPort=80
    FirewallRules: [{B90B8616-07DB-4568-996C-856838B59CEA}] => (Allow) C:\Users\Daniel\AppData\Local\vghd\bin\Virtuagirl_Downloader.exe
    FirewallRules: [{5DE53F28-9500-47C4-98C9-F9C74682B9F3}] => (Allow) C:\Users\Daniel\AppData\Local\vghd\bin\Virtuagirl_Downloader.exe
    FirewallRules: [{38496E0E-A160-4E0E-8A78-92D2C7CC2382}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{BA6E4F8F-715D-4431-BCDD-A92DF2B40296}] => (Allow) C:\Users\Daniel\AppData\Local\Temp\7zS3948.tmp\SymNRT.exe
    FirewallRules: [{EAE14D47-5D18-4424-87B5-11517944D4A6}] => (Allow) C:\Users\Daniel\AppData\Local\Temp\7zS3948.tmp\SymNRT.exe
    FirewallRules: [TCP Query User{25150C14-80D6-4724-98C3-0BD27ACFEC6D}C:\users\daniel\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\daniel\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [UDP Query User{1D5FCD30-A1AC-4D12-8239-A1BF31E81876}C:\users\daniel\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\daniel\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [{EE92C390-2904-4516-8534-800530CA3F42}] => (Allow) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{91487731-4BF3-48CD-96E6-0319893DA1C6}] => (Allow) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [TCP Query User{87BE4307-C9C5-44F7-A2FD-5BC1D78545D9}C:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{A97BC6D9-AC85-481F-8353-10A0DFFDD35B}C:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [{50751E09-F511-4D44-B918-B573C743AAEC}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
    FirewallRules: [{636C016F-94DE-47F4-886C-EF33668CAF65}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
    FirewallRules: [{2B20FB6E-FEB2-4B95-8A44-B0264DE88D05}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.03\AllShareFrameworkDMS.exe
    FirewallRules: [{8D16BDF7-BC4D-4789-9A93-11C27A195990}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.03\AllShareFrameworkDMS.exe
    FirewallRules: [{DFA67F26-F371-4478-B879-B0ED5EC856AF}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.03\AllShareFrameworkDMS.exe
    FirewallRules: [{FE87CD3E-EB40-41A4-AD86-AA32B7B1F1C6}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.03\AllShareFrameworkDMS.exe
    FirewallRules: [{65DAEC48-40F9-4F47-ACEA-A1F03F8A4710}] => (Allow) LPort=8743
    FirewallRules: [{D57920F1-7FE6-458B-A4D2-988D95436709}] => (Allow) LPort=8643
    FirewallRules: [{5E2FE8D6-1B36-4ECA-B59E-A1FBCFF7C04C}] => (Allow) LPort=7676
    FirewallRules: [{0CCCAF91-13B1-430C-A98A-D93B1C70ED6F}] => (Allow) LPort=7679
    FirewallRules: [{E2995CCC-AAE4-49F8-A124-E2B102796D26}] => (Allow) LPort=24234
    FirewallRules: [{9C49F2B5-D48E-4EB1-81FC-7DA35CF90F64}] => (Allow) LPort=7900
    FirewallRules: [{47D0A8B7-85CB-4322-848C-A25BFC02D367}] => (Allow) LPort=1900
    FirewallRules: [{8F56D798-7B78-4117-BF5E-E8AEF1D7DDFF}] => (Allow) C:\Users\Daniel\AppData\Local\DirectDownloader\DirectDownloader.exe
    FirewallRules: [{7A459418-7076-440D-B0A8-8B3D122B286A}] => (Allow) C:\Users\Daniel\AppData\Local\DirectDownloader\DirectDownloader.exe
    FirewallRules: [{9E2EE196-9C18-4310-8CFF-19D9B814B927}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.05\AllShareFrameworkDMS.exe
    FirewallRules: [{57764C72-09D4-4EF1-B49D-F577223EBE54}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.05\AllShareFrameworkDMS.exe
    FirewallRules: [{4BA062D1-D9DB-4A80-B093-714442D43C9A}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.05\AllShareFrameworkDMS.exe
    FirewallRules: [{7B923DD4-AD60-41D5-B98C-B5381A67ADD7}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.05\AllShareFrameworkDMS.exe
    FirewallRules: [{ACE298C8-E889-48E7-99E6-2CA1A33FB5E1}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
    FirewallRules: [{C04FC249-D027-49B9-8E1B-6BD4322DFAEA}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
    FirewallRules: [{CA7F2EB2-BFAB-4896-81E6-B33E4AD992DF}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
    FirewallRules: [{B63D891F-B758-42A3-86DD-CFEFCD74B5DF}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
    FirewallRules: [TCP Query User{7939E341-8B4C-44B5-B588-78CF56527F98}C:\users\daniel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniel\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{DC1C1442-6048-481E-B2AF-5C49EAD8AEA8}C:\users\daniel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniel\appdata\local\akamai\netsession_win.exe
    FirewallRules: [TCP Query User{06E9FA8B-C627-4149-9D10-EACD95AE1ACA}C:\users\daniel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniel\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{8521386B-57C3-47A5-AFDE-F249D859E309}C:\users\daniel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniel\appdata\local\akamai\netsession_win.exe
    FirewallRules: [{2DFCB775-D0B8-4CA2-A2AD-9F48D40DC861}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
    FirewallRules: [{F3152DCA-BAE0-4EBA-A725-59468C5DF556}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
    FirewallRules: [{E683BE97-63B9-4F13-A24D-A166A6C72399}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
    FirewallRules: [{46B30FB5-99FE-4048-99A2-B4E08F06D79F}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
    FirewallRules: [{9478330F-5F1E-4355-B2C5-530D5979DDCD}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{52181B54-B81A-4D16-8264-05881E672010}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
    FirewallRules: [TCP Query User{08A5729F-951D-49B2-A192-1C36FAE19C02}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
    FirewallRules: [UDP Query User{3EC4F739-94FE-46EC-95B1-6179350FDD8A}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
    FirewallRules: [TCP Query User{B67B2D39-0704-4452-A95D-2AF0578B0093}C:\program files (x86)\jfilemanager\jfilemanager.exe] => (Block) C:\program files (x86)\jfilemanager\jfilemanager.exe
    FirewallRules: [UDP Query User{23D8AE7E-6BF6-420B-81BD-4AE00F6074F7}C:\program files (x86)\jfilemanager\jfilemanager.exe] => (Block) C:\program files (x86)\jfilemanager\jfilemanager.exe
    FirewallRules: [{AE02975B-AAEE-43FA-8C24-B6E7B26E38BD}] => (Allow) C:\Users\Daniel\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
    FirewallRules: [{130DAB0D-968E-4F76-8006-CD1ECC0CAFF6}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [{1BA2A746-B000-4F4B-AB1B-C0D89D1100A7}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [{ECB0A061-70B8-4B38-A40A-2EAAD896D698}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
    FirewallRules: [{0A9CE147-EFFA-4114-BF63-47974FC111EA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{C901FD38-D49A-4BAE-B507-A6346A0D2476}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{13C1C6DE-6D98-4626-8ABA-A1CD5ED2CC4B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{71ECF7AC-DE50-4465-9C4B-26B45D87F69E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{8EC30338-4336-4EEB-BBA8-63762F789D07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{04EFC4B0-B9CD-4A1C-AD3D-113AC80189CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{94C16109-9BE5-4952-A18F-3FF23C11C974}] => (Allow) C:\Program Files (x86)\MoboRobo\MoboRobo PC Suite.exe
    FirewallRules: [{19DF5033-4272-4DEA-A930-26E7D036D56B}] => (Allow) C:\Program Files (x86)\MoboRobo\MoboRobo PC Suite.exe
    FirewallRules: [{BD178767-4EC8-4DC1-B79E-79179EC98595}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
    FirewallRules: [TCP Query User{131E8DA0-D915-42D7-A0C1-76EDAFC1F8DA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{F3912DE2-669D-424D-968A-C6A471D0182D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{297D9D06-A58F-4618-8EC1-6A44D18BA125}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{7A84D277-CECD-4C89-BB22-4E355DB316A9}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{6AD1563C-A7E0-4191-9B43-79C61F29DC36}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
    FirewallRules: [{28095D0D-B018-4C9E-B05E-C4A1AAF828FB}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{E0A5A0F0-2291-4C93-9FF6-719C9BA02E1C}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
    FirewallRules: [{BF1DCBD6-129A-4E4D-A692-93EECD1666BB}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
    FirewallRules: [{471BF509-DF2D-4C5E-A9B2-2CE0C99EFF3F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/05/2015 11:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x8db4
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/05/2015 07:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x96c4
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/05/2015 03:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x8ebc
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/05/2015 11:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x1ff0
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/05/2015 07:25:00 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x8964
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/05/2015 03:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x8ec4
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/05/2015 00:23:21 AM) (Source: Windows[​IMG] Backup[​IMG]) (EventID: 4104) (User: )
    Description: The backup was not successful. The error is: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005).

    Error: (06/04/2015 11:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x8b64
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/04/2015 07:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x7bec
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/04/2015 03:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x2734
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3


    System errors:
    =============
    Error: (06/02/2015 06:55:18 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver[​IMG] detected a controller error on \Device\Harddisk1\DR1.

    Error: (05/28/2015 00:17:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows[​IMG] Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (05/27/2015 05:26:23 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

    Error: (05/27/2015 01:43:26 PM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    Error: (05/27/2015 04:18:17 AM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    Error: (05/25/2015 03:15:11 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

    Error: (05/25/2015 00:02:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Windows Update[​IMG] service hung on starting.

    Error: (05/25/2015 11:54:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The IePlugin Services service failed to start due to the following error:
    %%2

    Error: (05/24/2015 06:09:20 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

    Error: (05/21/2015 06:28:59 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR2.


    Microsoft Office:
    =========================
    Error: (06/05/2015 11:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de8db401d0a0085e89cbccC:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll9d44cd0b-0bfb-11e5-967f-1c75081453d8

    Error: (06/05/2015 07:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de96c401d09fe6d7783a23C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll15bd4658-0bda-11e5-967f-1c75081453d8

    Error: (06/05/2015 03:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de8ebc01d09fc55066816aC:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll8efbf8bc-0bb8-11e5-967f-1c75081453d8

    Error: (06/05/2015 11:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de1ff001d09fa3c954efc1C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll07e11820-0b97-11e5-967f-1c75081453d8

    Error: (06/05/2015 07:25:00 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de896401d09f8242433708C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll80850ee1-0b75-11e5-967f-1c75081453d8

    Error: (06/05/2015 03:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de8ec401d09f60bb31a55fC:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dllf9e182e4-0b53-11e5-967f-1c75081453d8

    Error: (06/05/2015 00:23:21 AM) (Source: Windows Backup) (EventID: 4104) (User: )
    Description: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005)

    Error: (06/04/2015 11:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de8b6401d09f3f341feca6C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll72c20e58-0b32-11e5-967f-1c75081453d8

    Error: (06/04/2015 07:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de7bec01d09f1dad0e33edC:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dlleb8d8adc-0b10-11e5-967f-1c75081453d8

    Error: (06/04/2015 03:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de273401d09efc25fca244C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll648a9f6a-0aef-11e5-967f-1c75081453d8


    CodeIntegrity Errors:
    ===================================
    Date: 2015-01-24 04:02:28.053
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-24 04:02:27.897
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-03 14:40:15.460
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-03 14:40:15.319
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-03 14:37:20.338
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-03 14:37:20.207
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

    Date: 2013-02-20 17:43:13.169
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-02-20 17:43:12.979
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-02-20 17:43:10.760
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-02-20 17:43:10.511
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
    Percentage of memory in use: 85%
    Total physical RAM: 7862.71 MB
    Available physical RAM: 1150.11 MB
    Total Pagefile: 15723.63 MB
    Available Pagefile: 5884.07 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.83 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:582.07 GB) (Free:40 GB) NTFS
    Drive f: (WD SmartWare) (CDROM) (Total:0.65 GB) (Free:0 GB) UDF
    Drive h: (AUXILIARY DRIVE) (Fixed) (Total:1396.61 GB) (Free:0.04 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: A2767D18)
    Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=582.1 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 1396.6 GB) (Disk ID: 000389F4)
    Partition 1: (Not Active) - (Size=1396.6 GB) - (Type=07 NTFS)

    ==================== End of log ============================
     
  7. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    Basically I keep getting these annoying ads just about everywhere I go in Chrome. In addition to the example in the attached pictures, the ad malware is ranging from embedded text, to pop-up ads, to new tabs opening with ads even when I don't click on a specific link, etc. I've run MSE multiple times in addition to Crap Cleaner and nothing appears to be fixing it. Any help that can be offered would be greatly appreciated. Thanks!
     

    Attached Files:

  8. Broni

    Broni Malware Annihilator Posts: 52,904   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =================================

    It looks like you didn't run FRST as administrator.
    Please redo.
     
  9. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    How do I do that exactly?
     
  10. Broni

    Broni Malware Annihilator Posts: 52,904   +344

    Right click on FRST, click "Run as administrator".
     
  11. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
    Ran by Daniel (administrator) on MORELLI-PC on 06-06-2015 12:03:40
    Running from C:\Users\Daniel\Downloads
    Loaded Profiles: Daniel (Available Profiles: Daniel & Guest)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
    (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    (Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    (WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
    () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
    () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    () C:\Program Files (x86)\RocketDock\RocketDock.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Pushbullet Inc) C:\Users\Daniel\AppData\Local\Pushbullet\bin\pushbullet_client.exe
    (Microsoft Corporation) C:\Windows\System32\wisptis.exe
    (Microsoft Corporation) C:\Windows\System32\wisptis.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (BitTorrent Inc.) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
    (PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Apple Inc.) C:\Program Files\iTunes\iTunes.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MDCrashReportTool.exe
    (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    (Dropbox, Inc.) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
    HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
    HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-05-05] (DivX, LLC)
    HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
    HKLM-x32\...\Run: [ConnectionManager] => C:\Program Files (x86)\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
    HKLM-x32\...\Run: [Registry Helper] => "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
    HKLM-x32\...\Run: [fst_ca_145] => [X]
    HKLM-x32\...\Run: [t4pc_en_6] => [X]
    HKLM-x32\...\Run: [fst_ca_142] => [X]
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3207680 2015-05-20] (GoPro)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
    HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [2D7856E7538B13D026A66639D73BA27D30F728D9._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [Facebook Update] => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [Google Update] => "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe"
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [GoogleChromeAutoLaunch_50A9215009AE0931A8FCDF5026E9246D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1079592 2015-04-26] (Apple Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Daniel\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [64000 2014-12-21] (Pushbullet inc)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [Dropbox Update] => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-18] (Dropbox, Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Run: [GoogleChromeAutoLaunch_9CB2B8404301F8169D10E27C4B481A41] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {256ad01e-12e3-11e0-8da0-1c75081453d8} - "F:\WD SmartWare.exe" autoplay=true
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {51dfcb89-3a8d-11e4-8073-560f6e4d57ac} - E:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {587b6c70-a01b-11e4-928a-1c75081453d8} - G:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {918e673d-93e3-11e4-806d-1c75081453d8} - G:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {941fc4af-12c2-11e0-b8cb-1c75081453d8} - "E:\WD SmartWare.exe" autoplay=true
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {9c07bf98-9bcb-11e4-84e1-1c75081453d8} - F:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {a2460ab6-9bc8-11e4-9fd1-1c75081453d8} - F:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\MountPoints2: {d5af6515-bfd8-11e4-be2b-1c75081453d8} - F:\HTC_Sync_Manager_PC.exe
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
    HKU\S-1-5-18\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe
    HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
    AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File not found
    AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File not found
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Continue installation.lnk [2012-10-30]
    ShortcutTarget: Continue installation.lnk -> C:\Users\Daniel\AppData\Local\Temp\ktr_bbr_12_06_10_ashlynn_brooke_eva_angelina_and_jayden_jaymes_the_afro_****_downloader.exe (No File)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2010-12-28]
    ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)
    Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-02-09]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2012-04-10]
    ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Daniel\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File)
    Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2013-05-04]
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
    ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
    ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
    ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
    ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-05] (Dropbox, Inc.)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?type=hp&ts=14035...2A0RT0_WD-WXF1A80J7465J7465&I=psd&t=34498f3b9
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?type=hp&ts=14035...2A0RT0_WD-WXF1A80J7465J7465&I=psd&t=34498f3b9
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms}
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms}
    URLSearchHook: HKLM-x32 - KeyBar 1.13 Toolbar - {02edb56b-9b33-435b-b7df-b2843273a694} - C:\Users\Daniel\AppData\LocalLow\KeyBar_1.13\prxtbKey0.dll (ClientConnect Ltd.)
    URLSearchHook: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 - KeyBar 1.13 Toolbar - {02edb56b-9b33-435b-b7df-b2843273a694} - C:\Users\Daniel\AppData\LocalLow\KeyBar_1.13\prxtbKey0.dll (ClientConnect Ltd.)
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope value is missing
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} URL = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> DefaultScope {2D282815-167C-487E-8752-98A4DE24CB53} URL = http://search.conduit.com/ResultsEx...=SPE16FC33D-C9E5-45A4-8682-469D0466382B&SSPV=
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/ResultsEx...=SPE63BAACB-1575-4638-BA45-C61DC2DBE714&SSPV=
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {0503E931-5DD8-4169-9139-B89F933578A5} URL = http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {106D07B9-3498-4918-823E-AB4B6EE2B927} URL = http://search.conduit.com/ResultsEx...4&ctid=CT3291326&CUI=UN18611491911748417&UM=2
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {2D282815-167C-487E-8752-98A4DE24CB53} URL = http://search.conduit.com/ResultsEx...=SPE16FC33D-C9E5-45A4-8682-469D0466382B&SSPV=
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} URL = http://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
    BHO-x32: KeyBar 1.13 Toolbar -> {02edb56b-9b33-435b-b7df-b2843273a694} -> C:\Users\Daniel\AppData\LocalLow\KeyBar_1.13\prxtbKey0.dll [2014-03-26] (ClientConnect Ltd.)
    BHO-x32: MediaBar -> {28387537-e3f9-4ed7-860c-11e69af4a8a0} -> C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll No File
    BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> No File
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-14] (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: BitAccelerator -> {CAC42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\BitAccelerator\BitAccelerator.dll [2012-09-16] (WebPass LLC)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-14] (Oracle Corporation)
    Toolbar: HKLM-x32 - MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll No File
    Toolbar: HKLM-x32 - KeyBar 1.13 Toolbar - {02edb56b-9b33-435b-b7df-b2843273a694} - C:\Users\Daniel\AppData\LocalLow\KeyBar_1.13\prxtbKey0.dll [2014-03-26] (ClientConnect Ltd.)
    Toolbar: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    Toolbar: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001 -> No Name - {02EDB56B-9B33-435B-B7DF-B2843273A694} - No File
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 24.226.10.193 24.226.10.194 24.226.1.94

    FireFox:
    ========
    FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138
    FF DefaultSearchEngine: v9
    FF DefaultSearchEngine.US: Google
    FF SelectedSearchEngine: v9
    FF Homepage: hxxp://www.v9.com/?type=hppp&ts=1423593396&from=tugs&uid=WDCXWD6400BEVT-22A0RT0_WD-WXF1A80J7465J7465&I=psd&t=350871d0d
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
    FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-05-14] (DivX, LLC)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-14] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-14] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3324318861-2648927535-1656674588-1001: @client.dropbox.com/Dropbox Update;version=3 -> C:\Users\Daniel\AppData\Local\Dropbox\Update\1.3.27.15\npDropboxUpdate3.dll [2015-05-18] (Dropbox, Inc.)
    FF Plugin HKU\S-1-5-21-3324318861-2648927535-1656674588-1001: @client.dropbox.com/Dropbox Update;version=9 -> C:\Users\Daniel\AppData\Local\Dropbox\Update\1.3.27.15\npDropboxUpdate3.dll [2015-05-18] (Dropbox, Inc.)
    FF Plugin HKU\S-1-5-21-3324318861-2648927535-1656674588-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Daniel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
    FF Plugin HKU\S-1-5-21-3324318861-2648927535-1656674588-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin HKU\S-1-5-21-3324318861-2648927535-1656674588-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin HKU\S-1-5-21-3324318861-2648927535-1656674588-1001: samsung.com/AllSharePlayPCPlugin -> C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll No File
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-26] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-26] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-26] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-26] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-26] (Apple Inc.)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\v9.xml [2015-03-11]
    FF Extension: Webmail Ad Blocker - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\gmailnoads@mywebber.com.xpi [2014-12-15]
    FF Extension: Pushbullet - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\jid1-BYcQOfYfmBMd9A@jetpack.xpi [2015-03-01]
    FF Extension: Facebook Ads Block - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\jid1-CGxMej0nDJTjwQ@jetpack.xpi [2014-12-15]
    FF Extension: AdBlock Lite - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\jid1-dwtFBkQjb3SIQp@jetpack.xpi [2014-12-15]
    FF Extension: Smart Ads Blocker - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\jid1-LYopfl0r00ZV5k@jetpack.xpi [2014-12-15]
    FF Extension: Ads no more - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a2}.xpi [2014-12-15]
    FF Extension: FirefoxAdKiller - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\mvd5tz0r.default-1418619244138\Extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi [2014-12-15]
    FF HKLM-x32\...\Firefox\Extensions: [zulagames@ZulaGames.com] - C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
    FF HKLM-x32\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
    FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\2zzie9l6.default\extensions\faststartff@gmail.com
    FF HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Firefox\Extensions: [zulagames@ZulaGames.com] - C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
    FF HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
     
  12. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    Chrome:
    =======
    CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Translate) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-02-08]
    CHR Extension: (Google Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2013-04-09]
    CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2013-04-09]
    CHR Extension: (Angry Birds) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-04-09]
    CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-09]
    CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-09]
    CHR Extension: (TV) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2013-04-09]
    CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-09]
    CHR Extension: (Google Cast) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-05-30]
    CHR Extension: (Add to Amazon Wish List) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2015-03-14]
    CHR Extension: (Adblock for Youtube™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2013-07-27]
    CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2014-05-30]
    CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-29]
    CHR Extension: (Search by Image (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2013-04-09]
    CHR Extension: (Google News) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-07-26]
    CHR Extension: (Google+) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-07-26]
    CHR Extension: (Google Tasks (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmglolhoplikcoamfgjgammjbgchgjdd [2015-02-08]
    CHR Extension: (NYTimes) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmphppfkcfflgglcokcbdkofpfegoel [2013-09-24]
    CHR Extension: (Google Calendar) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-04-09]
    CHR Extension: (Google Apps Script) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoieeedlomnegifmaghhjnghhmcldobl [2013-07-26]
    CHR Extension: (Google Finance) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp [2013-09-24]
    CHR Extension: (Google Sheets) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2013-04-09]
    CHR Extension: (Print Using Google Cloud Print™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffaifmgpcdjedlffbhenaloimajbdkfg [2013-04-09]
    CHR Extension: (Google Play Movies) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fppdphmgcddhjeddoeghpjefkdlccljb [2013-09-24]
    CHR Extension: (Chrome Remote Desktop) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-09-29]
    CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2015-02-08]
    CHR Extension: (Google Play Movies & TV) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2014-09-29]
    CHR Extension: (AdBlock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-04-09]
    CHR Extension: (Dictionary by Dictionary.com) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gikhgcaliglmioibbockkmjknfnepbdh [2013-09-24]
    CHR Extension: (Cut the Rope) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2013-04-09]
    CHR Extension: (Bookmark Manager) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2014-11-01]
    CHR Extension: (Drive Notepad) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpgjomejfimnbmobcocilppikhncegaj [2013-04-09]
    CHR Extension: (feedly) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-09-24]
    CHR Extension: (Google Keep - notes and lists) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-09-24]
    CHR Extension: (Music Player for Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfeekfpnjbdmelcapngdgkjnhgijjkh [2014-09-29]
    CHR Extension: (Clock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoihofapbdnldlhecnhefifbcddgdkhm [2013-09-24]
    CHR Extension: (Pixlr Express) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2013-04-09]
    CHR Extension: (Google Play Music) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2013-04-09]
    CHR Extension: (Chrome to Mobile) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-05-30]
    CHR Extension: (Voice Recognition) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn [2013-07-26]
    CHR Extension: (Dropbox) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-07-26]
    CHR Extension: (Flash Player) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdpbajmogfhlafbipjjklkdhloplicgc [2014-09-29]
    CHR Extension: (Cut the Rope) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbadlndcminbkfojhlimnkgaackjmdo [2013-09-24]
    CHR Extension: (Downloads) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2014-05-30]
    CHR Extension: (Google Forms) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2013-04-09]
    CHR Extension: (Chromebook Recovery Utility) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2015-02-08]
    CHR Extension: (Hangouts call) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbpgddbgniojgndnhlkjbkpknjhppkbk [2013-07-26]
    CHR Extension: (eBay Extension for Google Chrome™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2013-04-09]
    CHR Extension: (Hangouts) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2014-11-22]
    CHR Extension: (Auto HD For YouTube™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2013-07-27]
    CHR Extension: (Google Play) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2013-07-26]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
    CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-15]
    CHR Extension: (Google Maps) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-04-09]
    CHR Extension: (Google Cast API) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafeflapfdfljijmlienjedomfjfmhpd [2014-09-29]
    CHR Extension: (Google Dictionary (by Google)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-05-30]
    CHR Extension: (Quick Note) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2013-04-09]
    CHR Extension: (Pocket) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2013-09-24]
    CHR Extension: (Google Drawings) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2013-04-09]
    CHR Extension: (Google Play Books) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2013-04-09]
    CHR Extension: (Need for Speed World) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [2013-04-09]
    CHR Extension: (Hangouts) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-03-03]
    CHR Extension: (OneDrive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2013-07-26]
    CHR Extension: (Save to Pocket) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2013-04-09]
    CHR Extension: (Facebook Notifications) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo [2013-04-09]
    CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
    CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2013-04-09]
    CHR Extension: (My Chrome Theme) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-09-24]
    CHR Extension: (WeVideo - Video Editor and Maker) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb [2013-04-09]
    CHR Extension: (Picasa) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2013-04-09]
    CHR Extension: (Outlook.com) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2013-07-26]
    CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-09]
    CHR HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [njljkdinboobkmkihgcohanchjnjpgjk] - C:\Users\Daniel\AppData\Local\CRE\njljkdinboobkmkihgcohanchjnjpgjk.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [bgnnidmnbdkmhfkjgdnngciimpdgohok] - C:\Program Files (x86)\FirstRowSportApp.com\stv12.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Windows\system32\config\systemprofile\AppData\Roaming\zulagames\zulagames.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [kngjfmklipimnkegmcilmbhchklgjgfl] - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl.crx [2012-10-30]
    CHR HKLM-x32\...\Chrome\Extension: [njljkdinboobkmkihgcohanchjnjpgjk] - C:\Users\Daniel\AppData\Local\CRE\njljkdinboobkmkihgcohanchjnjpgjk.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-23]
    CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31]
    CHR HKLM-x32\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files (x86)\1ClickDownload\oneclickdownloader10.crx [Not Found]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
    R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [56648 2015-03-08] (Google Inc.)
    R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-04-15] (Freemake) [File not signed]
    R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
    R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
    R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288256 2010-11-08] (WDC) [File not signed]
    R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1060352 2010-11-08] () [File not signed]
    R2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [485376 2010-11-08] () [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
    S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
    R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
    S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
    S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
    S3 motandroidusb; System32\Drivers\motoandroid.sys [X]
    S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
  13. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-05 23:40 - 2015-06-05 23:41 - 00089758 _____ C:\Users\Daniel\Downloads\Addition.txt
    2015-06-05 23:37 - 2015-06-06 12:05 - 00054769 _____ C:\Users\Daniel\Downloads\FRST.txt
    2015-06-05 23:36 - 2015-06-06 12:03 - 00000000 ____D C:\FRST
    2015-06-05 23:36 - 2015-06-05 23:36 - 02108928 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
    2015-06-05 21:28 - 2015-06-05 21:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-06-05 18:57 - 2015-06-06 01:35 - 00000224 _____ C:\Windows\setupact.log
    2015-06-05 18:57 - 2015-06-05 18:57 - 00000000 _____ C:\Windows\setuperr.log
    2015-06-04 18:19 - 2015-06-06 01:47 - 3854055729 _____ C:\Users\Daniel\Downloads\Fast and Furious 7 2015 1080p HDRip x264 AC3-JYK.mkv
    2015-06-04 18:19 - 2015-06-04 19:31 - 00911671 _____ C:\Users\Daniel\Downloads\~uTorrentPartFile_E7824B2B.dat
    2015-06-04 01:46 - 2015-06-04 02:36 - 1613518033 _____ C:\Users\Daniel\Downloads\Jessica Robbin.wmv
    2015-06-02 21:47 - 2015-06-02 21:47 - 00000000 ____D C:\Users\Daniel\Downloads\Ep 71 Lilly Banks - Ride The Bride HD 1080p
    2015-06-02 21:21 - 2015-06-03 12:44 - 2275745812 ____R C:\Users\Daniel\Downloads\girl_power_big-1080.mp4
    2015-06-02 20:49 - 2015-06-06 01:47 - 2206009234 _____ C:\Users\Daniel\Downloads\Lilly Banks - Team Skeet Extras (I Was Looking For Your Sister).mp4
    2015-06-02 18:05 - 2015-06-02 18:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\GoPro
    2015-06-02 18:03 - 2015-06-02 18:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\GoPro
    2015-06-02 18:02 - 2015-06-02 18:03 - 00000000 ____D C:\Users\Public\CineForm
    2015-06-02 17:59 - 2015-06-02 17:59 - 00000810 _____ C:\Users\Public\Desktop\GoPro Studio.lnk
    2015-06-02 17:59 - 2015-06-02 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
    2015-06-02 17:58 - 2015-06-02 18:03 - 00000000 ____D C:\ProgramData\Package Cache
    2015-06-02 17:58 - 2015-06-02 17:58 - 00000000 ____D C:\Program Files (x86)\GoPro
    2015-06-02 17:58 - 2015-06-02 17:58 - 00000000 ____D C:\Program Files (x86)\CineForm
    2015-06-02 17:41 - 2015-06-02 17:57 - 121651128 _____ (GoPro, Inc.) C:\Users\Daniel\Downloads\GoProStudioPC-2.5.5.443.exe
    2015-06-01 18:04 - 2015-06-03 06:11 - 2446670338 ____R C:\Users\Daniel\Downloads\18yo.14.08.15.lilly.banks.dirty.selfies.mp4
    2015-06-01 17:12 - 2015-06-04 07:41 - 2149012305 _____ C:\Users\Daniel\Downloads\104_lily_banks_full-hd_1080p.mp4
    2015-06-01 17:06 - 2015-06-06 07:21 - 1638428587 ____R C:\Users\Daniel\Downloads\[MrPOV] Lilly Banks (1080p) (08.01.2014).mp4
    2015-06-01 17:03 - 2015-06-04 04:15 - 1287870908 _____ C:\Users\Daniel\Downloads\ktr.tds.13.01.21.lilly.banks.blondies.blowjob.mp4
    2015-06-01 03:14 - 2015-06-01 03:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\GWX
    2015-05-25 01:24 - 2015-05-25 01:24 - 00001295 _____ C:\Windows\system32\invisibleSHIELD-Original-For-Samsung-Galaxy-Tab-8.9-Inch-with-sim-card-ZAGG-InvisibleSHIELD-ZAGG-Electronics-Full-Body-protector-invisibleSHIELD-Original-For-Samsung-Galaxy-Tab-8.9-Inch-with-sim-.jpg.lnk
    2015-05-22 00:03 - 2015-05-22 00:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-05-21 20:00 - 2015-05-23 21:13 - 3432974962 _____ C:\Users\Daniel\Downloads\ham.13.10.29.abby.cross.mia.malkova.kiera.winters.and.lola.foxx.yer.under.arrest.missy.mp4
    2015-05-21 19:52 - 2015-05-21 21:40 - 589405271 _____ C:\Users\Daniel\Downloads\reg.13.03.30.kiera.winters.sexual.interactions.wmv
    2015-05-21 19:48 - 2015-05-21 21:41 - 2037812315 _____ C:\Users\Daniel\Downloads\Kiera Winters - She's A Freak (***** Workouts!).mp4
    2015-05-21 19:46 - 2015-05-21 21:13 - 1517014224 _____ C:\Users\Daniel\Downloads\mts.14.06.20.brandi.love.and.kiera.winters.caught.with.your.pants.down.mp4
    2015-05-21 19:45 - 2015-05-21 23:02 - 3078230812 _____ C:\Users\Daniel\Downloads\tlhc.13.10.05.kiera.winters.naughty.needs.mp4
    2015-05-20 11:40 - 2015-05-20 12:54 - 1321352348 _____ C:\Users\Daniel\Downloads\cum_bum_720p.mp4
    2015-05-20 09:59 - 2015-05-20 09:59 - 01490944 _____ (CineForm Inc.) C:\Windows\SysWOW64\CFHD.dll
    2015-05-20 09:59 - 2015-05-20 09:59 - 01462272 _____ (CineForm Inc.) C:\Windows\system32\CFHD.dll
    2015-05-20 02:46 - 2015-05-20 04:15 - 1177470825 _____ C:\Users\Daniel\Downloads\bbw6421_3000.mp4
    2015-05-20 01:52 - 2015-05-20 02:20 - 727197567 _____ C:\Users\Daniel\Downloads\in_position_big.wmv
    2015-05-18 13:21 - 2015-06-06 11:26 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job
    2015-05-18 13:21 - 2015-06-05 13:31 - 00000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job
    2015-05-18 13:21 - 2015-05-18 13:21 - 00003898 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA
    2015-05-18 13:21 - 2015-05-18 13:21 - 00003502 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core
    2015-05-18 13:21 - 2015-05-18 13:21 - 00000000 ____D C:\Users\Daniel\AppData\Local\Dropbox
    2015-05-18 13:21 - 2015-05-18 13:21 - 00000000 ____D C:\ProgramData\Dropbox
    2015-05-14 23:33 - 2015-05-01 09:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-14 23:33 - 2015-05-01 09:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-05-14 19:51 - 2015-04-21 22:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-05-14 19:51 - 2015-04-21 21:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-05-14 19:51 - 2015-04-21 13:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-05-14 19:51 - 2015-04-21 13:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-05-14 19:51 - 2015-04-21 12:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-05-14 19:51 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-05-14 19:51 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-05-14 19:51 - 2015-04-21 12:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-05-14 19:51 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-05-14 19:51 - 2015-04-21 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-05-14 19:51 - 2015-04-21 12:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-05-14 19:51 - 2015-04-21 12:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-05-14 19:51 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-05-14 19:51 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-05-14 19:51 - 2015-04-21 12:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-05-14 19:51 - 2015-04-21 12:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-05-14 19:51 - 2015-04-21 12:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-05-14 19:51 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-05-14 19:51 - 2015-04-21 12:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-05-14 19:51 - 2015-04-21 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-05-14 19:51 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-05-14 19:51 - 2015-04-21 12:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-05-14 19:51 - 2015-04-21 12:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-05-14 19:51 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-05-14 19:51 - 2015-04-21 12:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-05-14 19:51 - 2015-04-21 12:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-05-14 19:51 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-05-14 19:51 - 2015-04-21 12:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-05-14 19:51 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-05-14 19:51 - 2015-04-21 12:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-05-14 19:51 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-05-14 19:51 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-05-14 19:51 - 2015-04-21 12:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-05-14 19:51 - 2015-04-21 12:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-05-14 19:51 - 2015-04-21 12:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-05-14 19:51 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-05-14 19:51 - 2015-04-21 11:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-05-14 19:51 - 2015-04-21 11:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-05-14 19:51 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-05-14 19:51 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-05-14 19:51 - 2015-04-21 11:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-05-14 19:51 - 2015-04-21 11:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-05-14 19:51 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-05-14 19:51 - 2015-04-21 11:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-05-14 19:51 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-05-14 19:51 - 2015-04-21 11:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-05-14 19:51 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-05-14 19:51 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-05-14 19:51 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-05-14 19:51 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-05-14 19:51 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-05-14 19:51 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-05-14 19:51 - 2015-04-21 11:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-05-14 19:51 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-05-14 19:51 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-05-14 19:51 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-05-14 19:51 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-05-14 19:51 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-05-14 19:51 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-05-14 19:50 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-05-14 19:46 - 2015-05-04 21:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-05-14 19:46 - 2015-05-04 21:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-05-14 19:46 - 2015-04-17 23:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-05-14 19:46 - 2015-03-04 00:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-05-14 19:46 - 2015-03-04 00:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-05-14 19:46 - 2015-03-04 00:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-05-14 19:46 - 2015-03-04 00:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-05-14 19:46 - 2015-03-04 00:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
    2015-05-14 19:46 - 2015-03-04 00:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2015-05-14 19:46 - 2015-03-04 00:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2015-05-14 19:45 - 2015-04-17 22:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2015-05-14 19:41 - 2015-04-27 15:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-05-14 19:41 - 2015-04-27 15:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-05-14 19:41 - 2015-04-27 15:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-05-14 19:41 - 2015-04-27 15:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2015-05-14 19:41 - 2015-04-27 15:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2015-05-14 19:41 - 2015-04-27 15:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-05-14 19:41 - 2015-04-27 15:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
    2015-05-14 19:41 - 2015-04-27 15:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-05-14 19:41 - 2015-04-27 15:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 15:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-05-14 19:41 - 2015-04-27 15:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-05-14 19:41 - 2015-04-27 15:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-05-14 19:41 - 2015-04-27 15:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2015-05-14 19:41 - 2015-04-27 15:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2015-05-14 19:41 - 2015-04-27 15:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-05-14 19:41 - 2015-04-27 15:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
    2015-05-14 19:41 - 2015-04-27 15:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
    2015-05-14 19:41 - 2015-04-27 15:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
    2015-05-14 19:41 - 2015-04-27 15:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
    2015-05-14 19:41 - 2015-04-27 15:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2015-05-14 19:41 - 2015-04-27 15:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-05-14 19:41 - 2015-04-27 15:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2015-05-14 19:41 - 2015-04-27 15:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2015-05-14 19:41 - 2015-04-27 15:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-05-14 19:41 - 2015-04-27 15:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-05-14 19:41 - 2015-04-27 15:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
    2015-05-14 19:41 - 2015-04-27 15:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 14:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-14 19:41 - 2015-04-27 13:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2015-05-14 19:41 - 2015-04-27 13:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2015-05-14 19:41 - 2015-04-27 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2015-05-14 19:40 - 2015-04-27 15:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-05-14 19:40 - 2015-04-27 15:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-05-14 19:40 - 2015-04-27 15:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-05-14 19:40 - 2015-04-27 15:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-05-14 19:40 - 2015-04-27 15:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2015-05-14 19:40 - 2015-04-27 15:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2015-05-14 19:40 - 2015-04-27 15:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-05-14 19:40 - 2015-04-27 15:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-05-14 19:40 - 2015-04-27 14:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-05-14 19:40 - 2015-04-27 14:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2015-05-14 19:40 - 2015-04-27 14:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2015-05-14 19:40 - 2015-04-27 14:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2015-05-14 19:40 - 2015-04-27 13:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2015-05-14 19:18 - 2015-05-14 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    2015-05-14 19:15 - 2015-02-18 03:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2015-05-14 19:15 - 2015-02-18 03:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2015-05-14 19:13 - 2015-04-12 23:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-05-14 19:11 - 2015-04-19 23:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2015-05-14 19:11 - 2015-04-19 23:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-05-14 19:11 - 2015-04-19 22:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2015-05-14 19:11 - 2015-04-19 22:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-05-14 19:07 - 2015-04-07 23:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-05-14 19:07 - 2015-04-07 23:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-05-14 19:07 - 2015-04-07 23:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-06-06 12:05 - 2015-03-16 01:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\uTorrent
    2015-06-06 12:05 - 2010-10-11 17:03 - 01499245 _____ C:\Windows\WindowsUpdate.log
    2015-06-06 12:04 - 2015-03-18 23:02 - 00000000 ____D C:\Users\Daniel\Downloads\Video
    2015-06-06 12:00 - 2010-12-27 05:28 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
    2015-06-06 11:51 - 2010-12-26 19:11 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job
    2015-06-06 11:27 - 2012-07-16 23:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-06-06 11:25 - 2014-06-24 22:06 - 00000286 _____ C:\Windows\Tasks\bench-Updater removing.job
    2015-06-06 11:11 - 2012-01-27 19:01 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-06-06 11:03 - 2011-10-25 20:15 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job
    2015-06-06 08:45 - 2014-06-23 23:03 - 00000346 _____ C:\Windows\Tasks\bench-sys.job
    2015-06-06 06:56 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-06-06 06:56 - 2009-07-14 00:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-06-06 02:03 - 2011-10-25 20:15 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job
    2015-06-06 00:09 - 2013-10-03 17:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-06-05 21:51 - 2010-12-26 19:11 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job
    2015-06-05 21:28 - 2012-09-16 01:41 - 00000000 ___RD C:\Users\Daniel\Dropbox
    2015-06-05 21:28 - 2012-09-16 01:37 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Dropbox
    2015-06-05 18:11 - 2012-01-27 19:01 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-06-05 02:35 - 2015-02-16 23:27 - 00000000 ____D C:\Users\Daniel\Downloads\Audio
    2015-06-04 20:15 - 2012-06-22 01:10 - 00000000 ___RD C:\Users\Daniel\Google Drive
    2015-06-04 20:14 - 2012-06-22 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2015-06-04 12:37 - 2013-01-29 23:55 - 00000000 ____D C:\Users\Daniel\Downloads\Random Stuff
    2015-06-03 09:55 - 2014-12-10 02:37 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
    2015-06-03 09:35 - 2015-01-23 05:29 - 00000000 ____D C:\Users\Daniel\Downloads\For Sale
    2015-06-01 16:25 - 2015-03-16 02:05 - 00000000 ____D C:\Program Files\PeerBlock
    2015-05-29 12:52 - 2010-12-26 19:00 - 00000000 ____D C:\ProgramData\EPSON
    2015-05-25 14:59 - 2011-09-22 18:39 - 00000000 ____D C:\Program Files (x86)\DivX
    2015-05-25 14:59 - 2011-02-21 22:36 - 00000000 ____D C:\ProgramData\DivX
    2015-05-25 14:58 - 2013-09-10 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
    2015-05-25 11:59 - 2015-03-02 02:31 - 00000000 ____D C:\Users\Daniel\AppData\Local\HTC MediaHub
    2015-05-25 11:57 - 2014-09-24 18:18 - 00000000 ___RD C:\Users\Daniel\iCloudDrive
    2015-05-25 11:54 - 2014-06-23 22:41 - 00000000 ____D C:\ProgramData\IePluginServices
    2015-05-25 11:54 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-05-25 11:53 - 2013-10-06 13:26 - 00000000 ____D C:\Program Files (x86)\Conduit
    2015-05-22 20:54 - 2009-07-14 01:13 - 00786662 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-05-22 09:52 - 2010-12-27 05:18 - 00000000 ____D C:\ProgramData\Skype
    2015-05-20 12:02 - 2015-03-29 22:28 - 00000000 ___SD C:\Windows\SysWOW64\GWX
    2015-05-20 12:02 - 2015-03-29 22:28 - 00000000 ___SD C:\Windows\system32\GWX
    2015-05-18 13:31 - 2010-12-28 17:39 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
    2015-05-18 13:29 - 2014-10-01 00:26 - 00000000 ____D C:\Users\Daniel\AppData\Local\E602EEE4-6D14-4789-9B7E-D6F188D5E92D.aplzod
    2015-05-15 18:06 - 2012-01-27 19:01 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-05-15 18:06 - 2012-01-27 19:01 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-05-15 13:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
    2015-05-15 12:19 - 2013-03-13 17:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2015-05-15 12:19 - 2009-07-14 00:45 - 00421712 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-05-15 12:18 - 2013-03-13 17:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2015-05-15 12:15 - 2009-07-14 03:45 - 00000000 ____D C:\Program Files\Windows Journal
    2015-05-15 01:25 - 2010-12-28 17:46 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-05-15 01:17 - 2012-07-20 22:26 - 00002155 _____ C:\Windows\epplauncher.mif
    2015-05-15 01:17 - 2012-07-20 22:26 - 00002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2015-05-15 01:16 - 2012-07-20 22:26 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2015-05-15 01:15 - 2012-07-20 22:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
    2015-05-15 01:06 - 2013-08-16 06:54 - 00000000 ____D C:\Windows\system32\MRT
    2015-05-15 00:30 - 2015-03-02 02:31 - 00001995 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
    2015-05-15 00:28 - 2011-07-12 19:45 - 00000000 ____D C:\Users\Daniel\AppData\Local\Downloaded Installations
    2015-05-14 23:43 - 2010-12-27 05:35 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-05-14 23:33 - 2013-03-13 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-05-14 20:10 - 2013-11-21 15:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2015-05-14 18:24 - 2012-09-16 01:41 - 00001026 _____ C:\Users\Daniel\Desktop\Dropbox.lnk

    ==================== Files in the root of some directories =======

    2010-12-29 21:32 - 2011-11-22 18:14 - 0016846 _____ () C:\Users\Daniel\AppData\Roaming\Rim.Desktop.Exception.log
    2010-12-29 17:35 - 2012-06-06 03:39 - 0005333 _____ () C:\Users\Daniel\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
    2011-06-10 13:29 - 2011-11-22 18:14 - 0001309 _____ () C:\Users\Daniel\AppData\Roaming\Rim.DesktopHelper.Exception.log
    2010-12-30 20:16 - 2014-09-29 04:07 - 0057856 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2013-02-17 04:09 - 2013-02-17 04:09 - 0000057 _____ () C:\ProgramData\Ament.ini
    2010-12-28 17:38 - 2010-12-28 17:38 - 0000137 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

    Some files in TEMP:
    ====================
    C:\Users\Daniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpy1e1hw.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-25 12:58

    ==================== End of log ============================
     
  14. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
    Ran by Daniel at 2015-06-06 12:07:50
    Running from C:\Users\Daniel\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3324318861-2648927535-1656674588-500 - Administrator - Disabled)
    Daniel (S-1-5-21-3324318861-2648927535-1656674588-1001 - Administrator - Enabled) => C:\Users\Daniel
    Guest (S-1-5-21-3324318861-2648927535-1656674588-501 - Limited - Disabled) => C:\Users\Guest
    HomeGroupUser$ (S-1-5-21-3324318861-2648927535-1656674588-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
    Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.3 - Liteon)
    Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
    Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
    Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
    Chrome Remote Desktop Host (HKLM-x32\...\{A1A724F3-F1A6-479C-AE98-208946717E2B}) (Version: 42.0.2311.39 - Google Inc.)
    DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.70 - DivX, LLC)
    Dropbox (HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\...\Dropbox) (Version: 3.6.6 - Dropbox, Inc.)
    erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
    Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version: - GTgroup) <==== ATTENTION
    Freemake Video Converter version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
    Freemake YouTube To MP3 Boom (HKLM-x32\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.3 - Ellora Assets Corporation)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
    Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
    GoPro App (x32 Version: 0.1.443 - GoPro, Inc.) Hidden
    GoPro Studio 2.5.5 (HKLM-x32\...\{5d43231e-c765-405a-a122-81de16acd8b4}) (Version: 2.5.5.443 - GoPro, Inc.)
    HP Officejet 6700 Basic Device Software (HKLM\...\{A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
    HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
    iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
    IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
    iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
    Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Java(TM) SE Development Kit 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
    Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: - )
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
    Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
    Pushbullet version 312 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 312 - Pushbullet Inc)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
    RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
    Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
    SOTI Pocket Controller-Pro For BlackBerry (HKLM-x32\...\{8944B5A2-A948-4BA2-9A14-B094EB23D779}) (Version: - )
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
    VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    WD SmartWare (HKLM\...\{B6FD23F0-1047-4088-94BF-B137D4D17CD8}) (Version: 1.4.3.4 - Western Digital)
    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3324318861-2648927535-1656674588-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

    ==================== Restore Points =========================

    04-06-2015 12:06:56 Windows Update
    05-06-2015 00:00:53 Windows Backup
    06-06-2015 00:03:24 Windows Backup

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 22:34 - 2014-06-23 23:17 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {00C873E0-E977-4662-91BE-14383F2AD5CC} - System32\Tasks\bench-Updater removing
    Task: {0382D4B0-480C-4169-A884-E2A91286D33D} - System32\Tasks\{F2B6D04A-331E-4A29-A8D3-FD669BE21BF3} => pcalua.exe -a C:\Users\Daniel\AppData\Local\Temp\Temp1_Lan_Atheros_1.0.0.34_W7x64_A.zip\Lan_Atheros_1.0.0.34_W7x64_AS5745\setup.exe
    Task: {11366688-BAFF-49A3-8BE0-CDFB9A15BCB6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: {11B6E5D8-3FCD-4B5F-A666-EE90608A0655} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
    Task: {19F338B2-0232-4C1B-AE52-98FB26D1FB6A} - System32\Tasks\{85AA2A13-FA4A-4173-91CF-A2C9136C462F} => pcalua.exe -a D:\SETUP.EXE -d D:\
    Task: {218E47C5-CFED-42E5-A44C-3141285B4CB2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-08] (Google Inc.)
    Task: {2D46E39F-6A85-46DA-BED5-B798EA0F9AE0} - System32\Tasks\{215C85D0-7A5A-48B7-BB7D-E6B35027AFA4} => pcalua.exe -a C:\Users\Daniel\Downloads\RocketDock-v1.3.5.exe -d C:\Users\Daniel\Downloads
    Task: {318678D5-C82B-4264-A0CB-6DEBBCF4E268} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
    Task: {38DFAA13-4FE1-4D69-9CBD-27B53E042939} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {534CFB4F-9A02-412D-98EF-82B1A2E78376} - System32\Tasks\{75D976B3-4FD1-47DE-A198-0CB8328252C9} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=4.1.0.179.367&amp;LastError=12007
    Task: {558352AF-9DCF-4796-8F8F-164B67DD4EB7} - System32\Tasks\{8D64A52F-C543-4068-99DF-F1AD7E063ABB} => pcalua.exe -a "C:\Users\Daniel\Downloads\chromeinstall-8u25 (1).exe" -d C:\Users\Daniel\Downloads
    Task: {5869198F-1453-4144-8FA0-83681F901AEA} - System32\Tasks\{C6B61B03-1CA1-4DEC-BF6A-9BF80EA2AC64} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{3E31400D-274E-4647-916C-2CACC3741799}\ENPSETUP.exe" -c -runfromtemp -l0x0009 -EPSON -removeonly
    Task: {5CDEC803-6D46-4D33-A5F7-B0AC25346F4F} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
    Task: {6F5D6A93-F04E-4D08-84FD-7B015383996B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
    Task: {86CF030A-B82D-4B5F-A960-4A1AD1623B96} - System32\Tasks\{2D965988-10B6-4B03-8D4A-79EA711985F6} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=4.1.0.179.367&amp;LastError=12007
    Task: {8D2701DB-47B6-43E5-AEA6-5397A1FCB9E1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
    Task: {95BF47A1-DDC1-4F6B-A870-CB043C50F52D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    Task: {97EEFF96-E334-43C4-850E-CA06FE14DFDC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
    Task: {9C41B237-4C53-44BF-83A5-36A4FB957EA6} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-03-27] () <==== ATTENTION
    Task: {A27EB2B1-80C2-4107-A084-E2A1C1E65B8D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
    Task: {A6557631-38B3-49EA-8C25-A5BE8C81320B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
    Task: {A6A45F03-77B8-4F31-8A1F-C4E8E7B71CCE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: {A941774B-E4FF-43FB-B941-96BDBA15C0A1} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {B5713518-CBAD-4A6B-892C-A2BCF5598E89} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-27] (Microsoft Corporation)
    Task: {BD113CC3-DFD0-45F3-A7DD-B416D84DFFA5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
    Task: {CD36AC2A-3C6B-45F9-B022-7A38D4E203A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-08] (Google Inc.)
    Task: {D33CC7E4-5FCA-49CC-AC44-A863AE60D143} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {D5691901-7A2D-45A8-9F08-B22EBB733FD7} - System32\Tasks\RunAsStdUser Task => C:\Users\Daniel\AppData\Local\PlayVolcanoSA\bin\1.0.10.0\PlayVolcanoSA.exe
    Task: {D7E6B171-8562-41F4-A29F-1036FCD0BF03} - System32\Tasks\{5E9606FE-159C-4521-91C2-A08424EC16CD} => pcalua.exe -a C:\Users\Daniel\Downloads\epson13714.exe
    Task: {D95309B1-B218-4C17-8E12-9DB08A438AF6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-18] (Dropbox, Inc.)
    Task: {DBA3334B-30FF-4DED-8905-002DE22EC2E5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
    Task: {E8E7CA92-AC55-4D8F-95A7-4053184B268D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    Task: {EBDF3514-7FFD-4899-AE2F-1795E0F2BBD1} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-18] (Dropbox, Inc.)
    Task: {FFCD13BC-A60B-4605-8AC2-BE9600926CB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
    Task: C:\Windows\Tasks\bench-Updater removing.job => qRF /verysilent SYSTEM This will uninstall Updater <==== ATTENTION
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job => C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    2010-11-08 12:43 - 2010-11-08 12:43 - 01060352 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
    2010-11-08 12:43 - 2010-11-08 12:43 - 00485376 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
    2015-03-01 18:42 - 2014-12-21 12:58 - 00010240 _____ () C:\Program Files (x86)\Pushbullet\pushbullet_ctx.dll
    2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2015-05-07 12:34 - 2015-05-07 12:34 - 00123912 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXIconHandler.dll
    2015-04-13 15:55 - 2015-04-13 15:55 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    2011-08-31 19:13 - 2011-08-31 19:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2011-01-17 12:43 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
    2014-01-10 01:26 - 2014-01-10 01:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    2015-01-20 23:35 - 2015-01-20 23:35 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
    2014-12-18 16:06 - 2014-12-18 16:06 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
    2015-04-13 15:54 - 2015-04-13 15:54 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
    2014-12-18 16:09 - 2014-12-18 16:09 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
    2014-12-18 16:08 - 2014-12-18 16:08 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
    2014-12-18 16:09 - 2014-12-18 16:09 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
    2014-12-18 16:11 - 2014-12-18 16:11 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
    2014-12-18 16:14 - 2014-12-18 16:14 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
    2010-03-05 10:24 - 2010-03-05 10:24 - 00886272 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll
    2011-01-17 12:43 - 2007-03-04 10:48 - 00106496 _____ () C:\Program Files (x86)\RocketDock\Docklets\RocketClock\RocketClock.dll
    2011-01-17 12:43 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
    2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2014-01-10 01:28 - 2014-01-10 01:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    2014-10-19 15:35 - 2014-10-19 15:35 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\89753abff3827095ec7f3d3fb79f744a\IsdiInterop.ni.dll
    2010-08-30 06:56 - 2010-04-13 12:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
    2015-05-07 12:34 - 2015-05-07 12:34 - 00097288 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXIconHandler32.dll
    2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-06-04 20:14 - 2015-06-04 20:14 - 00098816 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32api.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00110080 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\pywintypes27.dll
    2015-06-04 20:14 - 2015-06-04 20:14 - 00364544 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\pythoncom27.dll
    2015-06-04 20:14 - 2015-06-04 20:14 - 00045568 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\_socket.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 01161216 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\_ssl.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00320512 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32com.shell.shell.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00713216 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\_hashlib.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 01175040 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\wx._core_.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00805888 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\wx._gdi_.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00811008 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\wx._windows_.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 01062400 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\wx._controls_.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00735232 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\wx._misc_.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00682496 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\pysqlite2._sqlite.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00087552 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\_ctypes.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00119808 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32file.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00108544 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32security.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00007168 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\hashobjs_ext.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00026624 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\usb_ext.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00167936 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32gui.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00018432 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32event.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00128512 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\_elementtree.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00127488 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\pyexpat.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00013824 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\common.time34.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00036864 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\_psutil_windows.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00038912 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32inet.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00011264 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32crypt.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00070656 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\wx._html2.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00027136 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\_multiprocessing.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00020480 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\_yappi.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00035840 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32process.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00686080 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\unicodedata.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00122368 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\wx._wizard.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00024064 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32pipe.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00010240 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\select.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00025600 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32pdh.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00525640 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\windows._lib_cacheinvalidation.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00017408 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32profile.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00022528 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\win32ts.pyd
    2015-06-04 20:14 - 2015-06-04 20:14 - 00078336 _____ () C:\Users\Daniel\AppData\Local\Temp\_MEI356682\wx._animate.pyd
    2015-06-05 21:28 - 2015-06-05 21:28 - 00043008 _____ () c:\users\daniel\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpy1e1hw.dll
    2015-03-04 17:45 - 2015-03-19 03:15 - 00750080 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libGLESv2.dll
    2015-03-04 17:45 - 2015-03-19 03:15 - 00047616 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libEGL.dll
    2015-05-21 22:01 - 2015-03-19 03:15 - 00865280 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
    2015-03-04 17:45 - 2015-03-19 03:15 - 00200704 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
    2015-06-03 00:32 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
    2015-06-03 00:32 - 2015-03-19 03:15 - 00726016 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
    2015-06-03 00:32 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
    2015-05-25 21:15 - 2015-05-22 16:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
    2015-05-25 21:15 - 2015-05-22 16:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
    2015-05-25 21:15 - 2015-05-22 16:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll
     
  15. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:373E1720
    AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
    AlternateDataStreams: C:\Users\Daniel\Downloads\1001994_441051482665849_2071377629_n.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\10653288_901289869890004_663565123845086682_n.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\10712895_899427696735212_1833185090630122312_n.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\10926344_907340162632784_3922748838221288792_o.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\1376393_430890237012403_1881651259_n.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\1391601_430890597012367_1633048089_n.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\1395946_441138299323834_714249870_n.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2012-06-07 23.22.49.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2012-07-11 23.02.39.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2012-08-06 23.05.43.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2012-08-09 23.56.25.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2012-10-16 18.27.58.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\20120803_184509.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\20120803_200644.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\20120803_201516.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\20120913_224933.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-01-12 23.03.33.mov:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-01-12 23.10.14.mov:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-07-29 07.33.03-1.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-01 07.31.48.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-01 21.08.00.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-04 01.54.07.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-09 13.18.28.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-09 19.25.22.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-16 13.26.35.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-08-31 00.26.11.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-04 18.34.53.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-05 01.01.51.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-05 23.51.11.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-07 12.31.57.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-07 12.41.42.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-11 02.54.41.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-13 00.02.05.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-13 00.02.33.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-18 21.18.45.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-18 22.27.45.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-19 02.45.00.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-19 02.45.11.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-19 02.45.26.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-19 11.27.42.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-20 21.07.37.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-20 21.08.03.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-20 21.11.49.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-28 20.11.27.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-29 05.26.29.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-09-29 05.28.58.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-02 04.56.15.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-02 04.56.29.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-02 04.59.00.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-02 05.04.23.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-02 05.06.43.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-02 17.18.59.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-04 01.18.19.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-04 18.36.41.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-04 18.40.46.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-04 18.47.01.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-06 08.52.16.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-06 08.57.19.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-06 12.00.51.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-09 16.29.15.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-11 18.45.08.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-11 18.45.34.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-12 18.16.36.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-12 20.47.11.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-13 04.35.13.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-14 04.19.56.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-14 04.23.20.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-18 03.25.26.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-18 03.26.30.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-21 15.18.15.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-23 21.17.29.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-24 07.28.04.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-27 10.43.54.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-27 10.44.19.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-27 10.47.53.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-27 15.54.10.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-29 06.00.16.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-29 06.00.40.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-29 06.03.05.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-29 06.09.41.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-30 04.23.08.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-10-31 18.04.42.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-01 14.09.27.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-01 14.09.48.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-02 04.25.30.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-04 19.41.54.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-11 05.52.42.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-12 04.21.59.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-12 04.23.52.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-17 10.24.29.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-22 22.08.31.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-24 01.00.41.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-24 01.05.40.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-24 01.17.35.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-24 01.18.41.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-25 05.47.39.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-25 06.06.15.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-25 06.07.49.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-25 06.44.23.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-26 19.55.30.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-28 12.58.00.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-11-28 12.59.17.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-03 15.36.21.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-04 23.02.46.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-06 15.50.29.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-06 15.52.36.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-06 16.05.51.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-13 02.25.55.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-13 02.33.39.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-15 16.34.42.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-19 18.19.20.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-25 05.06.32.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-25 05.14.29.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-25 05.26.39.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-25 14.53.28.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2013-12-27 10.09.50.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-02 14.23.10.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-03 15.37.48.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-03 15.39.38.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-03 17.09.26.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-03 17.15.37.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-07 23.50.55.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-09 05.03.44.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-09 05.07.26.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-09 05.13.29.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-10 14.40.26.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-11 02.46.54.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-11 07.01.41.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-11 07.03.14.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-11 07.05.44.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-11 07.07.40.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-12 15.58.55.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-16 17.51.24.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-16 17.55.38.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-16 18.03.08.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-17 04.22.32.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-17 05.07.51.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-23 03.02.45.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-25 19.18.03.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-25 19.30.59.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-29 09.04.38.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-30 18.13.39.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-30 18.14.48.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-01-30 18.16.43.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-03 05.05.07.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-03 16.39.51.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-05 04.57.03.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-05 20.45.30.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-05 20.49.16.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-05 20.50.35.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-05 20.54.02.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-06 18.59.17.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-06 19.02.13.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-06 20.48.59.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-06 20.52.48.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-08 21.40.18.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-09 10.17.56.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-09 10.19.56.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-09 21.18.43.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-09 21.23.49.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-11 22.04.03.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-12 04.05.10.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 04.18.16.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 04.28.39.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 04.33.52.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 04.34.22.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 04.34.58.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 06.12.35.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 06.40.15.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 06.44.11.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 06.45.48.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-15 23.53.23.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.23.13.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.25.03.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.26.11.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.27.04.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.27.27.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.33.46.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-16 02.34.25.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-17 06.30.44.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-19 18.57.40.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-19 22.01.06.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-20 22.52.01.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-21 22.37.03.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.48.18.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.48.52.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.49.24.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.49.40.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.50.15.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.50.34.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 00.51.06.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.08.20.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.12.08.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.13.40.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.13.51.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.14.18.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.15.53.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.16.11.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.16.31.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 05.19.08.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 18.55.45.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 18.57.54.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 23.01.10.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 23.01.33.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-22 23.06.15.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-23 14.32.10.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-23 17.19.59.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-23 17.22.01.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-23 17.25.59.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-23 17.58.14.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-23 18.30.24.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 03.59.32.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.03.24.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.06.28.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.06.58.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.07.29.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.07.41.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.07.49.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.15.36.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.16.01.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.16.38.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.17.52.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.20.18.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-24 04.21.17.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-25 22.43.21.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-28 11.42.18.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-02-28 11.42.58.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-01 19.46.51.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-03 07.03.56.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-03 07.08.57.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-03 07.15.19.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-03 07.16.39.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-11 00.07.58.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-11 05.30.59.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-11 05.41.02.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-15 18.23.18.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-16 01.21.31.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-16 01.24.12.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-16 02.13.28.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-16 02.15.02.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-18 19.40.25.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-18 19.41.48.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-18 19.42.00.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-19 21.13.46.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-20 00.43.11.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-20 00.46.16.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-21 21.28.31.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-21 21.34.48.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-23 16.05.33.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-25 22.23.25.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-31 02.48.41.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-31 02.51.46.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-31 02.52.01.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-03-31 04.46.06.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-01 06.43.09.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-01 06.44.06.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-01 06.50.44.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-01 06.51.26.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-01 07.18.53.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-06 22.15.47.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-06 22.18.59.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-06 22.26.05.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-09 05.49.33.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-10 07.14.37.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-12 09.34.42.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-12 09.36.55.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-17 15.25.48.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-18 10.39.02.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-04-18 10.41.54.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-18 11.47.34.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-18 11.49.19.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-19 15.11.35.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-19 15.21.43.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-23 16.32.46.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-25 01.46.57.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-25 17.32.54.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-25 17.39.09.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-25 17.40.35.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-26 16.04.27.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-05-28 03.13.43.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-09 03.03.41.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-09 10.52.40.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-10 00.11.30.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-10 00.12.38.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-10 08.57.54.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-11 21.38.00.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-20 22.25.33.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-22 11.24.22.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-23 22.59.49.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-06-26 19.48.33.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-01 02.39.52.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-01 02.47.40.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-02 03.58.40.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-07 17.12.01.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-12 00.14.28.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-20 23.54.48.mp4:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-27 19.52.33.mov:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-07-29 00.06.56.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-08-07 04.48.28.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-08-08 12.50.12.mov:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-08-08 13.04.15.mov:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-08-08 19.14.41.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-08-16 00.09.05.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-09-18 15.00.27.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-10-02 02.49.05.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-10-03 20.15.07.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-10-21 12.07.56.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-10-24 10.30.56.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-11-06 03.09.35.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-11-07 07.11.21.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-11-23 21.49.08.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-11-26 14.27.25.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-11-28 05.21.05.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2014-12-11 17.23.54.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-01-12 01.14.32.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-01-17 10.06.26.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-01-19 16.03.13.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-02 00.54.17.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-02 01.14.38.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-02 01.15.16.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-06 23.57.20.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-13 19.01.41.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-18 14.22.40.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-22 06.04.39.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-22 06.06.31.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-22 06.07.30.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-22 06.08.15.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-22 06.08.48.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-24 11.52.42.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-02-25 18.42.37.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-11 22.36.22.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-11 22.49.54.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-12 04.31.07.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-12 04.31.18.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-23 09.30.56.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-23 21.41.46.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-03-24 17.01.07.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-04-03 18.19.37.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-04-04 05.36.24.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-04-04 05.40.24.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\2015-04-09 02.56.25.jpg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\996947_440954859342178_1844270018_n.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\IMG_387060353770565.jpeg:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\Router Confirmation (1).eml:OECustomProperty
    AlternateDataStreams: C:\Users\Daniel\Downloads\Router Confirmation.eml:OECustomProperty
    AlternateDataStreams: C:\Users\Daniel\Downloads\Screenshot 2013-10-01 22.52.53.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\Screenshot 2015-02-17 00.02.25.png:com.dropbox.attributes
    AlternateDataStreams: C:\Users\Daniel\Downloads\Writing Assignment No. 1 (1).eml:OECustomProperty
    AlternateDataStreams: C:\Users\Daniel\Downloads\Writing Assignment No. 1.eml:OECustomProperty
     
  16. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3324318861-2648927535-1656674588-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 24.226.10.193 - 24.226.10.194

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{7D78AF7B-CA48-4C5C-873F-5B7503690A31}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{2688D0AB-D451-4481-BE5B-3D7F738FADEC}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    FirewallRules: [{381D04E9-024D-4495-9003-037ADA8B9E13}] => (Allow) svchost.exe
    FirewallRules: [{DDBEA448-67BC-4BFE-AF7B-222108DB3BA7}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    FirewallRules: [{4375ED0A-7137-4FF7-BB24-38FD5C420CD9}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    FirewallRules: [{203E4A05-5BB4-4C2A-ACAB-AF8AF19054BB}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
    FirewallRules: [{8E13EDFC-79DD-4274-B2A9-319F3E4E8A9E}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
    FirewallRules: [TCP Query User{A94D9F16-BFA6-4819-97B4-02B06846BF1E}D:\common\driver update\edupdate.exe] => (Allow) D:\common\driver update\edupdate.exe
    FirewallRules: [UDP Query User{AD6D3081-5C57-43D2-A5FA-31C62C635BC5}D:\common\driver update\edupdate.exe] => (Allow) D:\common\driver update\edupdate.exe
    FirewallRules: [TCP Query User{735727AA-4BF0-498A-B694-9C30E8A5E591}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [UDP Query User{12A0933A-039C-4F99-8693-6576B5AB735A}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [{7706412F-4594-4AD3-9F3A-C7AB31E512E5}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
    FirewallRules: [{5AD04E15-D362-4F5E-9130-AE2ADB8E8DF6}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
    FirewallRules: [{D986FCE2-173D-4050-BFD8-17A7F8C3DAA0}] => (Allow) C:\Program Files (x86)\Sony\Media Manager for PSP 2.5\MediaManager.exe
    FirewallRules: [{5646385C-BFE1-4D45-867C-0C5F02F6C068}] => (Allow) C:\Program Files (x86)\Sony\Media Manager for PSP 2.5\MediaManager.exe
    FirewallRules: [{C0F3867C-8261-41DB-A664-6692CF953C91}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
    FirewallRules: [{02D3ADB2-E188-4C84-A17B-87B21991B753}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
    FirewallRules: [{0D29A877-D58B-4E0E-B5F6-47B4FAEDC32A}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{4F9CCB71-D00C-4408-8649-CCCEDCFA8C8C}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{95D14B2E-EA53-4AEF-905E-39177C87411A}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{79202E38-520C-434D-A777-38CDD14D4F37}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
    FirewallRules: [{83057113-BF26-4F05-9A49-61E48DCDEC28}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
    FirewallRules: [{58611B7F-50E4-45BA-B4EF-DBD2380596CC}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
    FirewallRules: [{C9CCB89A-FC46-4BE7-B2AD-C8760E7C515A}] => (Allow) LPort=4481
    FirewallRules: [{0E9FFA9C-7758-43C8-9126-A30905F7ACC9}] => (Allow) LPort=4481
    FirewallRules: [{7793A052-3929-4183-8076-87ACB7B9390C}] => (Allow) LPort=4482
    FirewallRules: [{274C521A-9229-48B9-B085-094B31E1AA7D}] => (Allow) LPort=4482
    FirewallRules: [{F5443ED9-AED8-40E1-A1CC-F1FEA81F79B6}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
    FirewallRules: [{5A215B2C-B095-4598-9103-C22D39958001}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
    FirewallRules: [{C55334DE-1AC6-4704-8D3F-BB65E340CAD9}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
    FirewallRules: [{394FD475-2CAC-4152-A2DC-59A2588D8778}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe
    FirewallRules: [{65600992-564F-4B2B-932F-F7EDE744C849}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
    FirewallRules: [{65C4C010-35AA-4FFF-BCDA-0FC9032021D8}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe
    FirewallRules: [{90C4D653-27C2-4361-B4FB-66375D8A4E2E}] => (Allow) C:\Users\Daniel\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{66311296-010F-4D57-AC48-EE2F408E518E}] => (Allow) C:\Users\Daniel\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{0AF284D7-15C9-4B8F-9FF1-E1AEA94449E6}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
    FirewallRules: [{419554F5-537F-4CE4-BDDB-3EA1009BC9C1}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
    FirewallRules: [{5C3B39AC-BE2B-4B66-AD8E-02557A3E8849}] => (Allow) C:\Users\Daniel\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{9944D957-2666-4EAE-B7D1-86EA662A2B7A}] => (Allow) C:\Users\Daniel\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{22C64BCB-A690-44E8-AB82-89DFBBDDC3F5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{34A3ABFB-12E0-40E1-84A6-E8AE71450971}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{5CF36CAF-11DD-4803-80F9-D991BD1886FC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{B8B01B14-57B8-4A4E-BB7C-CB5C494CFF49}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{5FABC3E3-A79E-4371-B505-0C0DEEFE91EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kane & Lynch 2 - Dog Days\kl2.exe
    FirewallRules: [{FACD7453-6A52-4B9C-8671-DFA718A29746}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kane & Lynch 2 - Dog Days\kl2.exe
    FirewallRules: [TCP Query User{3F45389D-F370-41AC-B7AA-A72B449D0EE0}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
    FirewallRules: [UDP Query User{C90B010C-CA2B-4CE9-A820-80EAFDC17FC8}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
    FirewallRules: [{A74297A5-9A2E-46A8-9FBB-35DAA0992FAB}] => (Allow) C:\Users\Daniel\AppData\Local\vghd\bin\Virtuagirl_Downloader.exe
    FirewallRules: [{986598B9-A1E5-4690-9D62-2DB21236E35A}] => (Allow) C:\Users\Daniel\AppData\Local\vghd\bin\Virtuagirl_Downloader.exe
    FirewallRules: [{694A9510-9732-4782-BA54-6F96235D6B2C}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.1.01\AllShareFrameworkDMS.exe
    FirewallRules: [{6C7BEABE-F86D-4854-9BBC-BCB262AE64C2}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.1.01\AllShareFrameworkDMS.exe
    FirewallRules: [{C06D4117-562F-4001-9F53-9A8659A61932}] => (Allow) LPort=80
    FirewallRules: [{B90B8616-07DB-4568-996C-856838B59CEA}] => (Allow) C:\Users\Daniel\AppData\Local\vghd\bin\Virtuagirl_Downloader.exe
    FirewallRules: [{5DE53F28-9500-47C4-98C9-F9C74682B9F3}] => (Allow) C:\Users\Daniel\AppData\Local\vghd\bin\Virtuagirl_Downloader.exe
    FirewallRules: [{38496E0E-A160-4E0E-8A78-92D2C7CC2382}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{BA6E4F8F-715D-4431-BCDD-A92DF2B40296}] => (Allow) C:\Users\Daniel\AppData\Local\Temp\7zS3948.tmp\SymNRT.exe
    FirewallRules: [{EAE14D47-5D18-4424-87B5-11517944D4A6}] => (Allow) C:\Users\Daniel\AppData\Local\Temp\7zS3948.tmp\SymNRT.exe
    FirewallRules: [TCP Query User{25150C14-80D6-4724-98C3-0BD27ACFEC6D}C:\users\daniel\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\daniel\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [UDP Query User{1D5FCD30-A1AC-4D12-8239-A1BF31E81876}C:\users\daniel\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\daniel\appdata\local\google\chrome\application\chrome.exe
    FirewallRules: [{EE92C390-2904-4516-8534-800530CA3F42}] => (Allow) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{91487731-4BF3-48CD-96E6-0319893DA1C6}] => (Allow) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [TCP Query User{87BE4307-C9C5-44F7-A2FD-5BC1D78545D9}C:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{A97BC6D9-AC85-481F-8353-10A0DFFDD35B}C:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\daniel\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [{50751E09-F511-4D44-B918-B573C743AAEC}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
    FirewallRules: [{636C016F-94DE-47F4-886C-EF33668CAF65}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
    FirewallRules: [{2B20FB6E-FEB2-4B95-8A44-B0264DE88D05}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.03\AllShareFrameworkDMS.exe
    FirewallRules: [{8D16BDF7-BC4D-4789-9A93-11C27A195990}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.03\AllShareFrameworkDMS.exe
    FirewallRules: [{DFA67F26-F371-4478-B879-B0ED5EC856AF}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.03\AllShareFrameworkDMS.exe
    FirewallRules: [{FE87CD3E-EB40-41A4-AD86-AA32B7B1F1C6}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.03\AllShareFrameworkDMS.exe
    FirewallRules: [{65DAEC48-40F9-4F47-ACEA-A1F03F8A4710}] => (Allow) LPort=8743
    FirewallRules: [{D57920F1-7FE6-458B-A4D2-988D95436709}] => (Allow) LPort=8643
    FirewallRules: [{5E2FE8D6-1B36-4ECA-B59E-A1FBCFF7C04C}] => (Allow) LPort=7676
    FirewallRules: [{0CCCAF91-13B1-430C-A98A-D93B1C70ED6F}] => (Allow) LPort=7679
    FirewallRules: [{E2995CCC-AAE4-49F8-A124-E2B102796D26}] => (Allow) LPort=24234
    FirewallRules: [{9C49F2B5-D48E-4EB1-81FC-7DA35CF90F64}] => (Allow) LPort=7900
    FirewallRules: [{47D0A8B7-85CB-4322-848C-A25BFC02D367}] => (Allow) LPort=1900
    FirewallRules: [{8F56D798-7B78-4117-BF5E-E8AEF1D7DDFF}] => (Allow) C:\Users\Daniel\AppData\Local\DirectDownloader\DirectDownloader.exe
    FirewallRules: [{7A459418-7076-440D-B0A8-8B3D122B286A}] => (Allow) C:\Users\Daniel\AppData\Local\DirectDownloader\DirectDownloader.exe
    FirewallRules: [{9E2EE196-9C18-4310-8CFF-19D9B814B927}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.05\AllShareFrameworkDMS.exe
    FirewallRules: [{57764C72-09D4-4EF1-B49D-F577223EBE54}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.05\AllShareFrameworkDMS.exe
    FirewallRules: [{4BA062D1-D9DB-4A80-B093-714442D43C9A}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.05\AllShareFrameworkDMS.exe
    FirewallRules: [{7B923DD4-AD60-41D5-B98C-B5381A67ADD7}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.05\AllShareFrameworkDMS.exe
    FirewallRules: [{ACE298C8-E889-48E7-99E6-2CA1A33FB5E1}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
    FirewallRules: [{C04FC249-D027-49B9-8E1B-6BD4322DFAEA}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
    FirewallRules: [{CA7F2EB2-BFAB-4896-81E6-B33E4AD992DF}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
    FirewallRules: [{B63D891F-B758-42A3-86DD-CFEFCD74B5DF}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
    FirewallRules: [TCP Query User{7939E341-8B4C-44B5-B588-78CF56527F98}C:\users\daniel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniel\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{DC1C1442-6048-481E-B2AF-5C49EAD8AEA8}C:\users\daniel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniel\appdata\local\akamai\netsession_win.exe
    FirewallRules: [TCP Query User{06E9FA8B-C627-4149-9D10-EACD95AE1ACA}C:\users\daniel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniel\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{8521386B-57C3-47A5-AFDE-F249D859E309}C:\users\daniel\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\daniel\appdata\local\akamai\netsession_win.exe
    FirewallRules: [{2DFCB775-D0B8-4CA2-A2AD-9F48D40DC861}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
    FirewallRules: [{F3152DCA-BAE0-4EBA-A725-59468C5DF556}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
    FirewallRules: [{E683BE97-63B9-4F13-A24D-A166A6C72399}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
    FirewallRules: [{46B30FB5-99FE-4048-99A2-B4E08F06D79F}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
    FirewallRules: [{9478330F-5F1E-4355-B2C5-530D5979DDCD}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
    FirewallRules: [{52181B54-B81A-4D16-8264-05881E672010}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
    FirewallRules: [TCP Query User{08A5729F-951D-49B2-A192-1C36FAE19C02}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
    FirewallRules: [UDP Query User{3EC4F739-94FE-46EC-95B1-6179350FDD8A}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
    FirewallRules: [TCP Query User{B67B2D39-0704-4452-A95D-2AF0578B0093}C:\program files (x86)\jfilemanager\jfilemanager.exe] => (Block) C:\program files (x86)\jfilemanager\jfilemanager.exe
    FirewallRules: [UDP Query User{23D8AE7E-6BF6-420B-81BD-4AE00F6074F7}C:\program files (x86)\jfilemanager\jfilemanager.exe] => (Block) C:\program files (x86)\jfilemanager\jfilemanager.exe
    FirewallRules: [{AE02975B-AAEE-43FA-8C24-B6E7B26E38BD}] => (Allow) C:\Users\Daniel\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
    FirewallRules: [{130DAB0D-968E-4F76-8006-CD1ECC0CAFF6}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [{1BA2A746-B000-4F4B-AB1B-C0D89D1100A7}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [{ECB0A061-70B8-4B38-A40A-2EAAD896D698}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
    FirewallRules: [{0A9CE147-EFFA-4114-BF63-47974FC111EA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{C901FD38-D49A-4BAE-B507-A6346A0D2476}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{13C1C6DE-6D98-4626-8ABA-A1CD5ED2CC4B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{71ECF7AC-DE50-4465-9C4B-26B45D87F69E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{8EC30338-4336-4EEB-BBA8-63762F789D07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{04EFC4B0-B9CD-4A1C-AD3D-113AC80189CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{94C16109-9BE5-4952-A18F-3FF23C11C974}] => (Allow) C:\Program Files (x86)\MoboRobo\MoboRobo PC Suite.exe
    FirewallRules: [{19DF5033-4272-4DEA-A930-26E7D036D56B}] => (Allow) C:\Program Files (x86)\MoboRobo\MoboRobo PC Suite.exe
    FirewallRules: [{BD178767-4EC8-4DC1-B79E-79179EC98595}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
    FirewallRules: [TCP Query User{131E8DA0-D915-42D7-A0C1-76EDAFC1F8DA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{F3912DE2-669D-424D-968A-C6A471D0182D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{297D9D06-A58F-4618-8EC1-6A44D18BA125}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{7A84D277-CECD-4C89-BB22-4E355DB316A9}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{6AD1563C-A7E0-4191-9B43-79C61F29DC36}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
    FirewallRules: [{28095D0D-B018-4C9E-B05E-C4A1AAF828FB}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{E0A5A0F0-2291-4C93-9FF6-719C9BA02E1C}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
    FirewallRules: [{BF1DCBD6-129A-4E4D-A692-93EECD1666BB}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
    FirewallRules: [{471BF509-DF2D-4C5E-A9B2-2CE0C99EFF3F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (06/06/2015 11:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x77e8
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/06/2015 07:25:03 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x9850
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/06/2015 03:25:04 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x7554
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/06/2015 02:09:02 AM) (Source: Windows Backup) (EventID: 4104) (User: )
    Description: The backup was not successful. The error is: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005).

    Error: (06/05/2015 11:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x8db4
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/05/2015 07:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x96c4
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/05/2015 03:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x8ebc
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/05/2015 11:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x1ff0
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/05/2015 07:25:00 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x8964
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3

    Error: (06/05/2015 03:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0xc0000005
    Fault offset: 0x00000000000027de
    Faulting process id: 0x8ec4
    Faulting application start time: 0xtaskeng.exe0
    Faulting application path: taskeng.exe1
    Faulting module path: taskeng.exe2
    Report Id: taskeng.exe3


    System errors:
    =============
    Error: (06/02/2015 06:55:18 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR1.

    Error: (05/28/2015 00:17:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (05/27/2015 05:26:23 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

    Error: (05/27/2015 01:43:26 PM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    Error: (05/27/2015 04:18:17 AM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    Error: (05/25/2015 03:15:11 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

    Error: (05/25/2015 00:02:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Windows Update service hung on starting.

    Error: (05/25/2015 11:54:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The IePlugin Services service failed to start due to the following error:
    %%2

    Error: (05/24/2015 06:09:20 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

    Error: (05/21/2015 06:28:59 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR2.


    Microsoft Office:
    =========================
    Error: (06/06/2015 11:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de77e801d0a06cf3be9f79C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll3242d87b-0c60-11e5-967f-1c75081453d8

    Error: (06/06/2015 07:25:03 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de985001d0a04b6cad0dd0C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dllac5531a8-0c3e-11e5-967f-1c75081453d8

    Error: (06/06/2015 03:25:04 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de755401d0a029e59b5517C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll26372b50-0c1d-11e5-967f-1c75081453d8

    Error: (06/06/2015 02:09:02 AM) (Source: Windows Backup) (EventID: 4104) (User: )
    Description: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005)

    Error: (06/05/2015 11:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de8db401d0a0085e89cbccC:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll9d44cd0b-0bfb-11e5-967f-1c75081453d8

    Error: (06/05/2015 07:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de96c401d09fe6d7783a23C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll15bd4658-0bda-11e5-967f-1c75081453d8

    Error: (06/05/2015 03:25:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de8ebc01d09fc55066816aC:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll8efbf8bc-0bb8-11e5-967f-1c75081453d8

    Error: (06/05/2015 11:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de1ff001d09fa3c954efc1C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll07e11820-0b97-11e5-967f-1c75081453d8

    Error: (06/05/2015 07:25:00 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de896401d09f8242433708C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll80850ee1-0b75-11e5-967f-1c75081453d8

    Error: (06/05/2015 03:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de8ec401d09f60bb31a55fC:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dllf9e182e4-0b53-11e5-967f-1c75081453d8


    CodeIntegrity Errors:
    ===================================
    Date: 2015-01-24 04:02:28.053
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-24 04:02:27.897
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-03 14:40:15.460
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-03 14:40:15.319
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-03 14:37:20.338
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-03 14:37:20.207
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system.

    Date: 2013-02-20 17:43:13.169
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-02-20 17:43:12.979
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-02-20 17:43:10.760
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-02-20 17:43:10.511
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
    Percentage of memory in use: 78%
    Total physical RAM: 7862.71 MB
    Available physical RAM: 1669.02 MB
    Total Pagefile: 15723.63 MB
    Available Pagefile: 6247.44 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.83 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:582.07 GB) (Free:41.18 GB) NTFS
    Drive f: (WD SmartWare) (CDROM) (Total:0.65 GB) (Free:0 GB) UDF
    Drive h: (AUXILIARY DRIVE) (Fixed) (Total:1396.61 GB) (Free:0 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: A2767D18)
    Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=582.1 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 1396.6 GB) (Disk ID: 000389F4)
    Partition 1: (Not Active) - (Size=1396.6 GB) - (Type=07 NTFS)

    ==================== End of log ============================
     
  17. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    Is this any better?
     
  18. Broni

    Broni Malware Annihilator Posts: 52,904   +344

    Good :)

    [​IMG] Uninstall following unwanted program:

    Fast And Safe


    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
    NOTE. If you already have MBAM 2.0 installed scroll down.

    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
      • Launch Malwarebytes Anti-Malware
      • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.


    If you already have MBAM 2.0 installed:

    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.

    How to get logs:
    (Export log to save as txt)


    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • Attach that saved log to your next reply.


    (Copy to clipboard for pasting into forum replies or tickets)

    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.

    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
  19. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    I've tried to uninstall that program before in Programs and Features, but I get this error message here every time I try and do it.
     

    Attached Files:

  20. Broni

    Broni Malware Annihilator Posts: 52,904   +344

    We'll remove it manually.
    Go ahead with other steps.

    I'll be gone for few hours...
     
  21. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    Alright, thanks.

    No worries, I'll get started with the other steps.

    Thanks again for your help.
     
  22. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    RogueKiller V10.8.1.0 [Jun 3 2015] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Daniel [Administrator]
    Started from : C:\Users\Daniel\Downloads\RogueKiller.exe
    Mode : Delete -- Date : 06/06/2015 14:13:33

    ¤¤¤ Processes : 1 ¤¤¤
    [Suspicious.Path|VT.PUP.Optional.ClientConnect] rundll32.exe(4388) -- C:\Users\Daniel\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll[7] -> Unloaded

    ¤¤¤ Registry : 27 ¤¤¤
    [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0} -> Not selected
    [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> Not selected
    [PUP] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {28387537-e3f9-4ed7-860c-11e69af4a8a0} : MediaBar -> Not selected
    [PUP] (X64) HKEY_USERS\S-1-5-21-3324318861-2648927535-1656674588-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {D4027C7F-154A-4066-A1AD-4243D8127440} : -> Not selected
    [PUP] (X86) HKEY_USERS\S-1-5-21-3324318861-2648927535-1656674588-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {D4027C7F-154A-4066-A1AD-4243D8127440} : -> Not selected
    [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Registry Helper : "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot [x][x] -> Not selected
    [PUP] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run | SearchProtect : \SearchProtect\bin\cltmng.exe [x] -> Not selected
    [PUP] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run | SearchProtect : \SearchProtect\bin\cltmng.exe [x] -> Not selected
    [PUP] (X64) HKEY_USERS\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Windows\CurrentVersion\Run | BackgroundContainerV2 : "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Daniel\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][7] -> Not selected
    [Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Windows\CurrentVersion\Run | Dropbox Update : "C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c [7][x] -> Not selected
    [PUP] (X86) HKEY_USERS\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Windows\CurrentVersion\Run | BackgroundContainerV2 : "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Daniel\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][7] -> Not selected
    [Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Windows\CurrentVersion\Run | Dropbox Update : "C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c [7][x] -> Not selected
    [PUP] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run | SearchProtect : \SearchProtect\bin\cltmng.exe [x] -> Not selected
    [PUP] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run | SearchProtect : \SearchProtect\bin\cltmng.exe [x] -> Not selected
    [PUP|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IePluginServices (C:\ProgramData\IePluginServices\PluginService.exe -service) -> Not selected
    [PUP|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IePluginServices (C:\ProgramData\IePluginServices\PluginService.exe -service) -> Not selected
    [PUP|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\IePluginServices (C:\ProgramData\IePluginServices\PluginService.exe -service) -> Not selected
    [PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.v9.com/?type=hp&ts=14035...2A0RT0_WD-WXF1A80J7465J7465&I=psd&t=34498f3b9 -> Not selected
    [PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.v9.com/?type=hp&ts=14035...2A0RT0_WD-WXF1A80J7465J7465&I=psd&t=34498f3b9 -> Not selected
    [PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms} -> Not selected
    [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms} -> Not selected
    [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms} -> Not selected
    [PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms} -> Not selected
    [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms} -> Not selected
    [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3324318861-2648927535-1656674588-1001\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : http://search.v9.com/web/?type=ds&t...0J7465J7465&I=psd&t=34498f3b9&q={searchTerms} -> Not selected
    [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected
    [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected

    ¤¤¤ Tasks : 5 ¤¤¤
    [Suspicious.Path] DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core.job -- C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe (/c) -> Not selected
    [Suspicious.Path] DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA.job -- C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe (/ua /installsource scheduler) -> Not selected
    [Suspicious.Path] \\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001Core -- C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe (/c) -> Not selected
    [Suspicious.Path] \\DropboxUpdateTaskUserS-1-5-21-3324318861-2648927535-1656674588-1001UA -- C:\Users\Daniel\AppData\Local\Dropbox\Update\DropboxUpdate.exe (/ua /installsource scheduler) -> Not selected
    [Suspicious.Path] \\RunAsStdUser Task -- "C:\Users\Daniel\AppData\Local\PlayVolcanoSA\bin\1.0.10.0\PlayVolcanoSA.exe" -> Not selected

    ¤¤¤ Files : 1 ¤¤¤
    [Suspicious.Path][File] Continue installation.lnk -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Continue installation.lnk [LNK@] C:\Users\Daniel\AppData\Local\Temp\ktr_bbr_12_06_10_ashlynn_brooke_eva_angelina_and_jayden_jaymes_the_afro_****_downloader.exe -> Deleted

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

    ¤¤¤ Web browsers : 3 ¤¤¤
    [PUP][FIREFX:Addon] mvd5tz0r.default-1418619244138 : Zula Games [zulagames@ZulaGames.com] -> Not selected
    [PUP][FIREFX:Addon] mvd5tz0r.default-1418619244138 : Speed Analysis 2 [speedanalysis02@SpeedAnalysis.com] -> Not selected
    [PUM.HomePage][FIREFX:Config] mvd5tz0r.default-1418619244138 : user_pref("browser.startup.homepage", "http://www.v9.com/?type=hppp&ts=142...2A0RT0_WD-WXF1A80J7465J7465&I=psd&t=350871d0d"); -> Not selected

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: +++++
    --- User ---
    [MBR] b512a1c8c339f778a4269a42d688d4a6
    [BSP] 6d56f0e1fcd22508a941249f3d35d28d : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14336 MB
    1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 29362176 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 29566976 | Size: 596042 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: WD My Book 1110 USB Device +++++
    --- User ---
    [MBR] 615b439adcb2cc192088e17c0f1dcff2
    [BSP] 1afd54edd23389de79be7cf676986e13 : Windows XP MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1430126 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    Error reading LL2 MBR! ([32] The request is not supported. )


    ============================================
    RKreport_SCN_06062015_135152.log
     
  23. Broni

    Broni Malware Annihilator Posts: 52,904   +344

    Go on...
     
  24. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 06/06/2015
    Scan Time: 8:52:23 PM
    Logfile: ScanLog.txt
    Administrator: Yes

    Version: 2.01.6.1022
    Malware Database: v2015.06.06.07
    Rootkit Database: v2015.06.02.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Daniel

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 619380
    Time Elapsed: 2 hr, 24 min, 36 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  25. Daniel Morelli

    Daniel Morelli TS Enthusiast Topic Starter Posts: 48

    # AdwCleaner v4.206 - Logfile created 06/06/2015 at 23:46:58
    # Updated 01/06/2015 by Xplode
    # Database : 2015-06-05.1 [Server]
    # Operating system : Windows 7 Home Premium Service Pack 1 (x64)
    # Username : Daniel - MORELLI-PC
    # Running from : C:\Users\Daniel\Downloads\adwcleaner_4.206.exe
    # Option : Cleaning

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\SearchProtect
    Folder Deleted : C:\ProgramData\Babylon
    Folder Deleted : C:\ProgramData\Conduit
    Folder Deleted : C:\ProgramData\Tarma Installer
    Folder Deleted : C:\ProgramData\4ab9a86942475f4e
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Program Files (x86)\globalUpdate
    Folder Deleted : C:\Program Files (x86)\iMesh Applications
    Folder Deleted : C:\Program Files (x86)\predm
    Folder Deleted : C:\Program Files (x86)\ToggleMark
    Folder Deleted : C:\Program Files (x86)\greAtsaVing
    Folder Deleted : C:\Windows\SysWOW64\SearchProtect
    Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\file scout
    Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SpeedAnalysis2
    Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\zulagames
    Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\Administrator\AppData\Local\torch
    Folder Deleted : C:\Users\Daniel\AppData\Local\apn
    Folder Deleted : C:\Users\Daniel\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\Daniel\AppData\Local\Conduit
    Folder Deleted : C:\Users\Daniel\AppData\Local\DirectDownloader
    Folder Deleted : C:\Users\Daniel\AppData\Local\globalUpdate
    Folder Deleted : C:\Users\Daniel\AppData\Local\iMesh
    Folder Deleted : C:\Users\Daniel\AppData\Local\OpenCandy
    Folder Deleted : C:\Users\Daniel\AppData\Local\PackageAware
    Folder Deleted : C:\Users\Daniel\AppData\Local\torch
    Folder Deleted : C:\Users\Daniel\AppData\Local\vghd
    Folder Deleted : C:\Users\Daniel\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Daniel\AppData\LocalLow\Delta
    Folder Deleted : C:\Users\Daniel\AppData\Roaming\Babylon
    Folder Deleted : C:\Users\Daniel\AppData\Roaming\Systweak
    Folder Deleted : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnlineHD.TV
    Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\Guest\AppData\Local\torch
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
    Folder Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
    Folder Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
    File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dajedkncpodkggklbegccjpmnglmnflm_0.localstorage
    File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\icpgjfneehieebagbmdbhnlpiopdcmna
    File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niloccemoadcdkdjlinkgdfekeahmflj_0.localstorage
    File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niloccemoadcdkdjlinkgdfekeahmflj_0.localstorage-journal
    File Deleted : C:\END
    File Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\speedanalysis.ico
    File Deleted : C:\Windows\System32\roboot64.exe
    File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
    File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utorrent.en.softonic.com_0.localstorage-journal
    File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
    File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage-journal
    File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.reimageplus.com_0.localstorage
    File Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.reimageplus.com_0.localstorage-journal

    ***** [ Scheduled tasks ] *****

    Task Deleted : RunAsStdUser Task

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl
    Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile
    Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile1
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\iMesh.exe
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
    Key Deleted : HKLM\SOFTWARE\Classes\iMesh.AudioCD
    Key Deleted : HKLM\SOFTWARE\Classes\iMesh.Device
    Key Deleted : HKLM\SOFTWARE\Classes\oneclick
    Key Deleted : HKLM\SOFTWARE\Classes\oneclickmg
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival
    Key Deleted : HKCU\Software\5853dddbb368e444
    Key Deleted : HKLM\SOFTWARE\5853dddbb368e444
    Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{458BD324-E5D0-412C-954D-EDFD69A59ED9}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{596BB86E-F1E5-A1DE-3363-41AB634E77EF}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A3492A3A-6715-9371-F8DB-1C48CC4DAAA1}
    Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
    Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
    Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\filescout
    Key Deleted : HKCU\Software\genesis
    Key Deleted : HKCU\Software\GlobalUpdate
    Key Deleted : HKCU\Software\Imesh
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKCU\Software\usyndication.com
    Key Deleted : HKCU\Software\USyndication
    Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKCU\Software\AppDataLow\Toolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
    Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
    Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
    Key Deleted : HKLM\SOFTWARE\Babylon
    Key Deleted : HKLM\SOFTWARE\Bench
    Key Deleted : HKLM\SOFTWARE\Conduit
    Key Deleted : HKLM\SOFTWARE\DownTango
    Key Deleted : HKLM\SOFTWARE\GlobalUpdate
    Key Deleted : HKLM\SOFTWARE\PIP
    Key Deleted : HKLM\SOFTWARE\Uniblue
    Key Deleted : HKLM\SOFTWARE\V9Software
    Key Deleted : HKLM\SOFTWARE\Wpm
    Key Deleted : HKLM\SOFTWARE\Taronja
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F5F003B-C71B-72E3-42B4-DE51AB079EB2}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
    Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
    Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
    Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
    Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL
    Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17801


    -\\ Mozilla Firefox v37.0.1 (x86 en-US)


    -\\ Google Chrome v43.0.2357.81

    [C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] :
    [C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : AB291F26B56CCEFD3D09541336F7E1A8B50DC36E76CE536929DD8813C8EEC01D"},"software_reporter":{"prompt_reason":"D15E84B2558C3A514086A6B0081C013C12BB5070321582A3F720327373E58A2F","prompt_seed":"46A3E9ABAE15604BABE6C44FC3E5C923AD2C1D25C810FDC5E88E0D7E301032FA","prompt_version":"35F7BC51E9C465D7AAEFAC4F0760D74E92F1F6370092A2530683CBC51CA2E5DA"},"sync":{"remaining_rollback_tries":"23FF82F34876F115269AB5D89F12EBB046CC2368E6F2296091E5C0C275D3C583"}},"super_mac":"1296F0206CE8573E80063A08C2345EE6646FE05F84C4A86E4509CFC0DF8D5595"},"session":{"restore_on_startup":1,"startup_urls":["","hxxp://www.v9.com/?type=hp&ts=1403577644&from=tugs&uid=WDCXWD6400BEVT-22A0RT0_WD-WXF1A80J7465J7465&I=psd&t=34498f3b9

    -\\ Comodo Dragon v


    -\\ Chrome Canary v


    *************************

    AdwCleaner[R0].txt - [30284 bytes] - [06/06/2015 23:34:01]
    AdwCleaner[S0].txt - [15891 bytes] - [06/06/2015 23:46:58]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15951 bytes] ##########
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...