Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2017 Ran by user (04-08-2017 09:27:21) Running from C:\Users\user\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2013-01-25 17:17:31) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= 788B5E4B02E649F0AEFF (S-1-5-21-3599117210-139940529-1983179741-1010 - Limited - Enabled) 9A3542F65C084D47BE6C (S-1-5-21-3599117210-139940529-1983179741-1009 - Limited - Enabled) Administrator (S-1-5-21-3599117210-139940529-1983179741-500 - Administrator - Disabled) ASPNET (S-1-5-21-3599117210-139940529-1983179741-1002 - Limited - Enabled) Guest (S-1-5-21-3599117210-139940529-1983179741-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3599117210-139940529-1983179741-1007 - Limited - Enabled) user (S-1-5-21-3599117210-139940529-1983179741-1000 - Administrator - Enabled) => C:\Users\user ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: ZoneAlarm Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9} AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3599117210-139940529-1983179741-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden 7-Data Recovery Suite version 3.2.0 (HKLM-x32\...\{02386A56-080B-485c-941D-AF96B29140DD}_is1) (Version: 3.2.0 - SharpNight Co,Ltd) 7-Zip 16.02 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1602-000001000000}) (Version: 16.02.00.0 - Igor Pavlov) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated) Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.11 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated) Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated) Adobe Audition 3.0 Vista Compatibility (HKLM\...\{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb) (Version: - ) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated) Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated) Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Premiere Pro CS6 Functional Content (HKLM-x32\...\{614020C8-2E16-4E16-A5F0-04DE2AB96097}) (Version: 6.0.0 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) Advanced Font Viewer 5.1 (HKLM-x32\...\Advanced Font Viewer_is1) (Version: - Alexander G Styopkin) Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.64 - Hulubulu Software) Aimersoft Helper Compact 2.5.1 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.1 - Aimersoft) Aimersoft YouTube Downloader(Build 4.9.2.0) (HKLM-x32\...\Aimersoft YouTube Downloader_is1) (Version: 4.9.2.0 - Aimersoft Software) AIR iPad (HKLM-x32\...\{EA09B356-31B5-3C6F-5B23-AE3FE0A29E99}) (Version: 01 - UNKNOWN) Hidden AIR iPad (HKLM-x32\...\AIRiPad.2F5B6419AD1E468138DDD0B435CF5E716FC9F465.1) (Version: v.01 - UNKNOWN) All File Email Extractor v2.4 (HKLM-x32\...\All File Email Extractor v2.4) (Version: - AlgoLogic) Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon) Anki (HKLM-x32\...\Anki) (Version: - ) Aostsoft Image to Word OCR Converter 3.8.2 (HKLM-x32\...\Aostsoft Image to Word OCR Converter_is1) (Version: - Aostsoft,Inc.) Apache Tomcat 7.0 Tomcat7 (remove only) (HKLM\...\Apache Tomcat 7.0 Tomcat7) (Version: - ) Apple Application Support (32-bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG) ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.2.6 - ASUSTeK Computer Inc.) Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software) Avid Pro Tools (HKLM\...\{440A8FC5-DF1F-49F2-8936-227247138A34}) (Version: 12.5.0.395 - Avid Technology, Inc.) B110 (HKLM-x32\...\{9F9A2D22-7E30-4546-B817-10644FFB9935}) (Version: 140.0.283.000 - Hewlett-Packard) Hidden bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.70.6309 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.) Brother MFL-Pro Suite DCP-T300 (HKLM-x32\...\{BA07A125-6AC7-4293-89D6-391676FFD041}) (Version: 1.0.2.0 - Brother Industries, Ltd.) BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden Bulk Rename Utility 2.7.1.2 (HKLM\...\Bulk Rename Utility_is1) (Version: - TGRMN Software) Canon LBP7200C (HKLM\...\Canon LBP7200C) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform) CGS17_Setup_x64 (HKLM\...\{83646B67-A878-4E95-BB4B-AF4A6E61F28C}) (Version: 17.0 - Corel Corporation) Hidden Classic PDF Editor 12.0 (HKLM-x32\...\Classic PDF Editor_is1) (Version: - ) Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 52.15.25.664 - Comodo) CopyTrans Suite Remove Only (HKU\S-1-5-21-3599117210-139940529-1983179741-1000\...\CopyTrans Suite) (Version: 2.37 - WindSolutions) Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.491 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{FD4A43CE-ABAE-4161-83AC-314A3C804F42}) (Version: 17.0.491 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Capture (x64) (HKLM\...\{1967EF95-E00B-4669-8B1C-A589BE8BF24F}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Common (x64) (HKLM\...\{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Connect (x64) (HKLM\...\{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Custom Data (x64) (HKLM\...\{7386B5FA-8715-481D-821F-7785110506DF}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Draw (x64) (HKLM\...\{27AE72A4-B217-4CDC-B82B-3311E9D7460E}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - EN (x64) (HKLM\...\{BB65D262-3EBC-4F10-89D9-67A320E94EAA}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Filters (x64) (HKLM\...\{E699230D-4B5E-411E-9F45-FF50789B18DD}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - FontNav (x64) (HKLM\...\{3933C06C-8239-432B-87FC-F2BDC5B49A10}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - IPM (HKLM\...\{B6DF7031-2843-44FD-9CAB-DECAB4257456}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (HKLM\...\{D7C2687D-924E-4485-B367-C7D95CBF8DDD}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (HKLM\...\{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Redist (x64) (HKLM\...\{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Setup Files (x64) (HKLM\...\{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VBA (x64) (HKLM\...\{10762393-1B90-4AC2-AF1A-4C0C04AE303F}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (HKLM\...\{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VSTA (x64) (HKLM\...\{1E3A578C-0A7D-4820-990F-B7545C0B2303}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Writing Tools (x64) (HKLM\...\{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.1.0.843 - Corel Corporation) CorelDRAW Graphics Suite X6 (x64) (HKLM\...\{CCE7423E-1D84-4CD3-9E32-220EC9358D97}) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (HKLM\...\{2C91CB9D-323D-43E5-A433-229B71CFB773}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (HKLM\...\{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (HKLM\...\{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (HKLM\...\{5162E418-BB43-4C8F-ACD6-069645EF98C3}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (HKLM\...\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - EN (x64) (HKLM\...\{3BB8EB77-737B-4B32-BAB9-08C7110C46BD}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (HKLM\...\{D10A5CFA-FE33-4F06-AE37-554604F00A52}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (HKLM\...\{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (HKLM\...\{C922F325-DD52-4E22-B204-431A06E63E51}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (HKLM\...\{1A73168F-5983-46A6-AAAB-FD83BC231E02}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (HKLM\...\{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (HKLM\...\{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (HKLM\...\{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (HKLM\...\{966996DC-D67C-40E3-8BD4-31FA0F093571}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation) cssSlider (HKLM-x32\...\cssSlider_is1) (Version: - ) CyberLink PowerDirector 11 (HKLM\...\{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.2321 - CyberLink Corp.) Hidden CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.2321 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DC1A2 version 2.1.0 (HKLM\...\DC1A2_is1) (Version: 2.1.0 - ) Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) D-Link DWA-131 Wireless N Nano USB Adapter (HKLM-x32\...\{D9198056-A296-4583-A790-C0E73694CFE8}) (Version: - D-Link) Dropbox (HKLM-x32\...\Dropbox) (Version: 31.4.24 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden DuOS (HKLM\...\{D642C486-5337-4882-A7F3-91A4C797ABFA}) (Version: 2.0.6.8063 - American Megatrends Inc.) DVD Architect Pro 6.0 (HKLM-x32\...\{E0E531A2-17C1-11E2-984D-1040F3E7010F}) (Version: 6.0.237 - Sony) DVD Audio Extractor 7.2.0 (HKLM-x32\...\DVD Audio Extractor_is1) (Version: - Computer Application Studio) EaseUS Data Recovery Wizard 8.0 (HKLM-x32\...\EaseUS Data Recovery Wizard 8.0_is1) (Version: - EaseUS) EaseUS Partition Master 10.8 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS) EaseUS Partition Recovery 8.5 (HKLM-x32\...\EaseUS Partition Recovery_is1) (Version: - EaseUS) Easy CD-DA Extractor 16 (HKLM-x32\...\Easy CD-DA Extractor 16) (Version: 16.0.9 - Poikosoft) eMail Bounce Handler 3.8.2 (HKLM-x32\...\eMail Bounce Handler_is1) (Version: - Max Programming LLC) Email Extractor Files (HKLM-x32\...\{4D970F49-9840-446A-A33F-0146752D3499}) (Version: 5.0 - Technocom Solutions) Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 5.06 - NCH Software) Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 5.85 - NCH Software) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) ffdshow v1.1.3572 [2010-09-13] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3572.0 - ) FileZilla Client 3.26.2 (HKLM-x32\...\FileZilla Client) (Version: 3.26.2 - Tim Kosse) Find and Mount 2.32 (HKLM\...\Find and Mount_is1) (Version: 2.32 - A-FF Data Recovery) FlippingBook PDF Publisher (HKLM-x32\...\{5DB38141-CCA8-4870-8EC1-FB06871AF278}) (Version: 0.5.8 - Mediaparts Interactive) Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com) Free Audio Converter 1.0.2 (HKLM-x32\...\Free Audio Converter) (Version: 1.0.2 - 1Focus, Org.) Free Audio Converter version 5.0.52.1122 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.52.1122 - DVDVideoSoft Ltd.) Free Video To Audio Converter 2015 6.5.8 (HKLM-x32\...\Free Video To Audio Converter 2015_is1) (Version: - FAEMedia Co., Ltd.) Free Video to Flash Converter version 5.0.37.327 (HKLM-x32\...\Free Video to Flash Converter_is1) (Version: 5.0.37.327 - DVDVideoSoft Ltd.) Freemake Video Converter version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation) GetFLV 9.6.2.1 (HKLM-x32\...\GetFLV_is1) (Version: - GetFLV, Inc.) gImageReader (HKLM-x32\...\gImageReader) (Version: 3.1.91 - Sandro Mani) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.) Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.) Google Earth Pro (HKLM-x32\...\{09A8EA8A-9C9D-45E4-B20C-3F13C2CCD32C}) (Version: 7.3.0.3830 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden GPAC (remove only) (HKLM-x32\...\GPAC) (Version: - ) GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden GroupMail :: Personal Edition (HKLM-x32\...\{72FC0445-FE6D-4E12-815B-3A8C5E3704DA}_is1) (Version: 5.3.0.125 - Infacta Ltd.) HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - ) HD Video Converter Factory 11.1 (HKLM-x32\...\HD Video Converter Factory) (Version: 11.1 - WonderFox Soft, Inc.) HD Video Converter Factory Pro 13.1 (HKLM-x32\...\HD Video Converter Factory Pro) (Version: 13.1 - WonderFox Soft, Inc.) HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome) hide.me VPN 1.2.14 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.2.14 - eVenture Limited) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife) HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{59C83C08-63F4-4AEC-81D6-392C5E23B843}) (Version: 14.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard) HPAppStudio (HKLM-x32\...\{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}) (Version: 140.0.95.000 - Hewlett-Packard) Hidden HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden iBall Claro TV T18 Device (HKLM-x32\...\TVCONDrv) (Version: - ) IBP 12.0.2 (HKLM-x32\...\IBP12_is1) (Version: 12.0.2 - Axandra GmbH) IconViewer (HKLM\...\{C6F34AE0-0576-11d4-82FE-4491FCC00000}) (Version: 3.2.147 - Bot Productions) ID3-TagIT 3 (HKLM-x32\...\ID3-TagIT 3_is1) (Version: 3 - Michael Pluemper) IDTE-ID3 Tag Editor (HKU\S-1-5-21-3599117210-139940529-1983179741-1000\...\IDTE-ID3 Tag Editor) (Version: 02.80.00.00 - Team IDTE) iLanguage (HKLM-x32\...\iLanguage) (Version: 2.2 - doIT) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4226 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) IObit Malware Fighter 5 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 5.2 - IObit) IrfanView 4.44 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.44 - Irfan Skiljan) Itranslator 2003 Beta (HKLM-x32\...\Itranslator 2003 Beta_is1) (Version: - Omkarananda Ashram Himalayas) iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.) iZotope Nectar 2 Production Suite (HKLM-x32\...\iZotope Nectar 2 Production Suite_is1) (Version: 2.03 - iZotope, Inc.) iZotope RX 4 (HKLM-x32\...\iZotope RX 4_is1) (Version: 4.00 - iZotope, Inc.) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) join.me (HKU\S-1-5-21-3599117210-139940529-1983179741-1000\...\JoinMe) (Version: 3.0.0.4238 - LogMeIn, Inc.) JPG to PDF Converter 1.1 (HKLM-x32\...\JPG to PDF Converter) (Version: 1.1 - ) kBilling Invoicing Software (HKLM-x32\...\{B38A9B1A-DAEF-4ECC-AC7D-FDB12EAE5663}_is1) (Version: - K Software) Kindle Previewer (HKU\S-1-5-21-3599117210-139940529-1983179741-1000\...\KindlePreviewer) (Version: 2.92 - Amazon) LameXP v4.15 (HKLM-x32\...\{FBD7A67D-D700-4043-B54F-DD106D00F308}) (Version: 4.15 Final-1 [Build #2002] - LoRd_MuldeR ) Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Manager (HKLM-x32\...\{38251B9A-C44B-42D9-9A6A-0697986E334A}) (Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden mediAvatar DAT Converter (HKLM-x32\...\mediAvatar DAT Converter) (Version: 6.8.0.1101 - mediAvatar) Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7916 - Memeo Inc.) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Expression SuperPreview 4 Trial (HKLM-x32\...\SuperPreview_4.0.1241.0) (Version: 4.0.1241.0 - Microsoft Corporation) Microsoft Junk E-mail Reporting Add-in (HKLM-x32\...\{B72B06E0-0C54-495F-896F-E3ED2905624B}) (Version: 10.1.207.1 - Microsoft Corporation) Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Moyea Importer for Adobe Premiere version: 3.0.1.504 (HKLM-x32\...\{4AC19FB6-9020-4539-B681-28BF301AC38F}_is1) (Version: - ) Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla) mp3Tag Pro 9.5 (HKLM-x32\...\mp3Tag Pro_is1) (Version: - ManiacTools.com) Mp3tag v2.83 (HKLM-x32\...\Mp3tag) (Version: 2.83 - Florian Heidenreich) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM-x32\...\{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR) Hidden NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM-x32\...\InstallShield_{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR) Network64 (HKLM\...\{48C0866E-57EB-444C-8371-8E4321066BC3}) (Version: 140.0.215.000 - Hewlett-Packard) Hidden Newblue Art Effects for PowerDirector (HKLM\...\NewBlue Art Effects for PowerDirector) (Version: 2.0 - NewBlue) Nitro Pro 8 (HKLM\...\{8995F47C-B7E7-466F-8FCD-3AD3340662C6}) (Version: 8.5.2.10 - Nitro) Noveltech Vocal Enhancer 1.6.1 (HKLM\...\Noveltech Vocal Enhancer_is1) (Version: 1.6.1 - Plugin Alliance) Opcion Font Viewer (HKLM-x32\...\{B86688D9-0F85-458B-AFB1-5B3B4C8CE541}) (Version: 1.1.1 - Chiu Software Systems) Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation) Opera Stable 46.0.2597.57 (HKLM-x32\...\Opera 46.0.2597.57) (Version: 46.0.2597.57 - Opera Software) PACE License Support Win64 (HKLM\...\{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.5.0812 - PACE Anti-Piracy, Inc.) Hidden PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.5.0812 - PACE Anti-Piracy, Inc.) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH) PDF Architect 4 Create Module (HKLM\...\{72B9DF2C-76FA-40B5-A469-16EAB159CE72}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden PDF Architect 4 Edit Module (HKLM\...\{BDF7326B-7ED4-4034-B867-F4E88D4E628B}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden PDF Architect 4 View Module (HKLM\...\{03E04B47-9270-4613-8D7E-DA4AD2B259A0}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.4.1 - pdfforge GmbH) PDFescape Desktop (HKLM-x32\...\PDFescape Desktop) (Version: 2.0.35.34126 - RedSoftware) PDFescape Desktop Create Module (HKLM\...\{1494D0BD-6284-43C2-87A1-5B2F7A5CA5C1}) (Version: 2.0.36.34130 - Red Software) Hidden PDFescape Desktop Edit Module (HKLM\...\{37E3FFCA-6A24-4762-826F-4F43F0A97C2E}) (Version: 2.0.36.34130 - Red Software) Hidden PDFescape Desktop Forms Module (HKLM\...\{6F3B51B6-B27B-4D14-96C5-4B1C1D1149B7}) (Version: 2.0.36.34130 - Red Software) Hidden PDFescape Desktop Insert Module (HKLM\...\{2F895ED2-6998-4C39-8668-7117804D127A}) (Version: 2.0.36.34130 - Red Software) Hidden PDFescape Desktop Secure Module (HKLM\...\{D20659F5-61A5-4385-A267-77CF442C1CB0}) (Version: 2.0.36.34130 - Red Software) Hidden PDFescape Desktop View Module (HKLM\...\{EC492F74-CD9C-419A-8FFA-C49319F59955}) (Version: 2.0.36.34130 - Red Software) Hidden ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden Photo to Cartoon (HKLM-x32\...\{2302FD51-7033-48DE-A302-039649DE4AE8}) (Version: 7.0 - Caricature Software Inc.) PS_AIO_07_B110_SW_Min (HKLM-x32\...\{F88E2E04-7EF5-488C-8E38-C94EB808458E}) (Version: 140.0.142.000 - Hewlett-Packard) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.) Rename-It! (HKLM-x32\...\Rename-It!) (Version: 3.32 - Beroux) Report Manager 2.9b (HKLM-x32\...\Report Manager_is1) (Version: 2.9b - Toni Martir) Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) SafeZone Stable 3.55.2393.609 (HKLM-x32\...\SafeZone 3.55.2393.609) (Version: 3.55.2393.609 - Avast Software) Hidden Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden SDL Trados 2015 SR2 - Remove suite of products (HKLM-x32\...\TranslationStudio2015) (Version: 4.2.5082 - SDL) SDL Trados Legacy Compatibility Module (HKLM-x32\...\{7F8F4AF6-0CE2-46E9-BA14-C55F19968926}) (Version: 2.1.128 - SDL) SDL Trados Studio 2015 SR2 (HKLM-x32\...\{47A9C592-6A0F-4E70-8057-74DA01D28EDA}) (Version: 4.2.5082 - SDL) SDL WorldServer Components (HKLM-x32\...\{791F1B1C-BF90-4145-95B6-0150FAC6BB6E}) (Version: 4.2.5082 - SDL) Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1548 - Memeo Inc.) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) SmartWebPrinting (HKLM-x32\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.214.000 - Hewlett-Packard) Hidden SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 2.31 - NCH Software) Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.256.000 - Hewlett-Packard) Hidden Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd) Streaming Audio Recorder version 3.4.5 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 3.4.5 - APOWERSOFT LIMITED) Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - ) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer) Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden TurboMailer 2 (HKLM-x32\...\{9E156899-D3A1-4F10-8323-364A095FCFDB}}_is1) (Version: - Xellsoft.com) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Voxbox version 1.0.1 (HKLM\...\Voxbox_is1) (Version: 1.0.1 - ) Waves Central 1.3.2.4 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}_is1) (Version: 1.3.2 - Waves, Inc.) Web Photo Album 1.1 (HKLM-x32\...\Web Photo Album_is1) (Version: - ) WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden WinDirStat 1.1.2 (HKU\S-1-5-21-3599117210-139940529-1983179741-1000\...\WinDirStat) (Version: - ) Windows Driver Package - Intel Corporation (igfx) Display (05/25/2015 10.18.10.4226) (HKLM\...\9BE1E70D477FC0A2AF08E2AA3EED5EDA155145B7) (Version: 05/25/2015 10.18.10.4226 - Intel Corporation) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-5 - Bitnami) Xilisoft HD Video Converter (HKLM-x32\...\Xilisoft HD Video Converter) (Version: 5.1.37.0416 - Xilisoft) ZoneAlarm Antivirus (HKLM-x32\...\{889B79B2-EB50-4A5D-A22A-65CAB29C46F4}) (Version: 15.0.159.17147 - Check Point Software Technologies Ltd.) Hidden ZoneAlarm Firewall (HKLM-x32\...\{C83E68B7-0DDA-462C-89C0-68DFA0A90F9D}) (Version: 15.0.159.17147 - Check Point Software Technologies Ltd.) Hidden ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 15.0.159.17147 - Check Point) ZoneAlarm Security (HKLM-x32\...\{B25B23E6-0FC6-45B4-8755-437F45F5CB82}) (Version: 15.0.159.17147 - Check Point Software Technologies Ltd.) Hidden Zoom (HKU\S-1-5-21-3599117210-139940529-1983179741-1000\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKU\S-1-5-21-3599117210-139940529-1983179741-1000\...\ChromeHTML: -> <==== ATTENTION CustomCLSID: HKU\S-1-5-21-3599117210-139940529-1983179741-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3599117210-139940529-1983179741-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3599117210-139940529-1983179741-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3599117210-139940529-1983179741-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3599117210-139940529-1983179741-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3599117210-139940529-1983179741-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3599117210-139940529-1983179741-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-20] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-20] (AVAST Software) ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Portable\Internet Download Manager 6.15\IDMShellExt64.dll [2012-11-16] (Tonec Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2014-05-08] (Adobe Systems Inc.) ContextMenuHandlers1: [Advanced SystemCare] -> {9486A9B2-D787-4eca-A25C-4A0086BB4154} => -> No File ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-20] (AVAST Software) ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2010-06-20] (Bulk Rename Utility) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google) ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-06-23] (Florian Heidenreich) ContextMenuHandlers1: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2016-08-05] (pdfforge GmbH) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) ContextMenuHandlers1: [PDFescapeDesktop_ManagerExt] -> {D3C28D54-72B8-4B8D-B204-157EFA9BF3E7} => C:\Program Files\PDFescape Desktop\context-menu.dll [2017-07-13] (Red Software) ContextMenuHandlers1-x32: [Rename-It!] -> {A64BBF5F-1250-4083-924C-B79661B75AAE} => C:\Program Files (x86)\Rename-It!\SimpleExt.dll [2004-10-06] () ContextMenuHandlers1-x32-x32: [TranslationStudioShlExt2011] -> {F6C08E19-DCE1-45B5-A225-E94FADB585DD} => C:\Program Files (x86)\SDL\SDL Trados Studio\Studio4\TranslationStudioExt.dll [2016-03-02] (TODO: ) ContextMenuHandlers1-x32-x32-x32: [WebAlbum3D] -> {5C3CA950-420D-439E-A8C1-37F2196C48B2} => C:\Program Files (x86)\Web Photo Album\webalbumcontext.dll [2007-06-04] (VicMan Software) ContextMenuHandlers1-x32-x32-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32-x32-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32-x32-x32-x32-x32: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll [2016-12-13] (Check Point Software Technologies Ltd.) ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2010-06-20] (Bulk Rename Utility) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-06-23] (Florian Heidenreich) ContextMenuHandlers2-x32: [WebAlbum3D] -> {5C3CA950-420D-439E-A8C1-37F2196C48B2} => C:\Program Files (x86)\Web Photo Album\webalbumcontext.dll [2007-06-04] (VicMan Software) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-20] (AVAST Software) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2010-06-20] (Bulk Rename Utility) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google) ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-06-23] (Florian Heidenreich) ContextMenuHandlers4-x32: [Rename-It!] -> {A64BBF5F-1250-4083-924C-B79661B75AAE} => C:\Program Files (x86)\Rename-It!\SimpleExt.dll [2004-10-06] () ContextMenuHandlers4-x32-x32: [WebAlbum3D] -> {5C3CA950-420D-439E-A8C1-37F2196C48B2} => C:\Program Files (x86)\Web Photo Album\webalbumcontext.dll [2007-06-04] (VicMan Software) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-08-02] (Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-06-04] (Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2014-05-08] (Adobe Systems Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-20] (AVAST Software) ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit) ContextMenuHandlers6-x32: [SxContextMenuPro] -> {AE0FB986-4A9D-45B5-B434-112DB79BF518} => C:\Program Files (x86)\mp3Tag Pro 8\tag_menu.dll [2008-12-23] () ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32-x32-x32: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll [2016-12-13] (Check Point Software Technologies Ltd.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01EE37C1-FAC3-4473-92B2-F47E44AEB5AE} - System32\Tasks\{5CB279D8-29BE-4330-9F8C-35428777570B} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Documents\software\gm5p_setup_3.exe -d C:\Users\user\Documents\software Task: {105C583D-6278-4FFC-ADB6-61D193D3F19A} - System32\Tasks\{FD32F0ED-2BB3-46DB-B8B1-48B7EF0BE094} => C:\Users\user\Desktop\Voice Comments Ver 2.1.0.1\VoiceComments Ver 2.1.0.1.exe Task: {110030CE-C740-4BE3-9AF5-69485EF8504E} - System32\Tasks\{93368B05-8C1F-458C-B0C4-6EE3844A0EE1} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Downloads\airprint_installer.exe -d C:\Users\user\Downloads Task: {12B5F3A2-108C-4CA1-956F-4DFB0001A193} - System32\Tasks\{EB7D89F4-994B-4A40-8D86-35A2CEB78D99} => C:\Windows\system32\pcalua.exe -a C:\Users\user\AppData\Local\Temp\Temp1_installation_manager_win_1_0_1.zip\PA-InstallationManager.exe <==== ATTENTION Task: {15FF4588-8B3A-4652-B4A7-A5C868BA2A0A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-15] (AVAST Software) Task: {1C265897-379D-4D6C-8E79-B48807743038} - System32\Tasks\{3BE6BDAA-AB23-419D-8418-07168B94ABA7} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Aimersoft\YouTube Downloader\PluginInstallForExe.exe" -d C:\Windows\SysWOW64 -c 1 0 0 1 Task: {2286F8B2-89DC-4729-8320-1E65DF829733} - System32\Tasks\{560CA622-9B91-4A2E-933E-381805697AF0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Aimersoft\YouTube Downloader\PluginInstallForExe.exe" -d C:\Windows\SysWOW64 -c 1 0 1 0 Task: {2E51EF13-4168-40CD-BB8E-5097C53A2900} - System32\Tasks\{9A487F7F-4BAE-4EE2-A305-8F16D3DB692B} => C:\Program Files (x86)\Primera Technology\PTPublisher\PTPublisher.exe Task: {3264EEA6-19A6-4D8E-AD52-0ABDD8947531} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {3E844A4D-E087-4D69-8475-C84D2218F08B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-15] (Adobe Systems Incorporated) Task: {4198F86B-CCF6-4B77-B749-FF6CFB466B02} - System32\Tasks\{EB70110D-7621-4AE6-ADA7-20A233D8EE0A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\kBilling\unins000.exe" Task: {42714F76-A6E9-4BF6-BE2B-63E1C19E6CC8} - System32\Tasks\{DFB9B07F-FE99-44CF-A3E4-584EC36F38AC} => C:\Users\user\Desktop\Voice Comments Ver 2.1.0.1\VoiceComments Ver 2.1.0.1.exe Task: {4C66EE94-64F2-4CC6-A87E-3C45DDBE52B0} - System32\Tasks\{31750143-ADEB-407D-882E-B8B37A9D70AE} => C:\Windows\system32\pcalua.exe -a E:\Install.exe -d E:\ Task: {4C6CF0FB-A44C-4FFC-9DCD-080B11C47255} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {4EC11064-740F-476D-B3A6-742AFBFF8805} - System32\Tasks\SafeZone scheduled Autoupdate 1493527308 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-06-13] (Avast Software) Task: {5106500E-6325-4EAF-BD73-D8DD818639B0} - System32\Tasks\MsF to Iwares Starter Edition => C:\Windows\system32\rundll32.exe "C:\Program Files\MsF to Iwares Starter Edition\MsF to Iwares Starter Edition.dll",WmkHanDOGHEb <==== ATTENTION Task: {5ECFAFD6-964C-41F0-B1CF-E593E8E73FD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-29] (Google Inc.) Task: {69BC2748-B776-42EF-9CB8-4A2E8799575C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3599117210-139940529-1983179741-1000UA => C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-16] (Facebook Inc.) Task: {6F6CC83E-47B9-4A3C-9528-52B07BDA19FA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3599117210-139940529-1983179741-1000Core => C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-16] (Facebook Inc.) Task: {81A8C23D-16D2-4D3C-8DB4-AF49C1DF75F6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-07-20] (AVAST Software) Task: {83A6D604-E639-45AD-9028-D28842EA070E} - System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} => C:\ProgramData\cis1B4.exe <==== ATTENTION Task: {8E2ECF92-EB17-498A-BE79-5CA14642331A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-09] (Dropbox, Inc.) Task: {98E18818-2FE7-401A-A7CC-379608D13F14} - System32\Tasks\{3A4D8D08-2196-4A54-B7A9-B75EA93B3D43} => C:\Users\user\Desktop\Voice Comments Ver 2.1.0.1\VoiceComments Ver 2.1.0.1.exe Task: {9AB938C3-37AD-476A-AEBB-4618AE4D32B9} - System32\Tasks\{4BD45BD6-4372-43A7-A83E-643E8D194755} => C:\Users\user\Desktop\Voice Comments Ver 2.1.0.1\VoiceComments Ver 2.1.0.1.exe Task: {9F4435DE-A4A6-44C0-9FDD-839BAEA64B1B} - System32\Tasks\{025EFD6D-C172-4A4E-92B4-87B5FADDEB9F} => C:\Users\user\Desktop\Voice Comments Ver 2.1.0.1\VoiceComments Ver 2.1.0.1.exe Task: {A428F7C5-1B11-4944-B4DB-00C791335084} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-09] (Dropbox, Inc.) Task: {AD27E602-5846-47E7-9773-2945DBF28025} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-29] (Google Inc.) Task: {B2CB9B5E-61A4-46B1-8AF6-F259C156CF6C} - System32\Tasks\{7AAF8906-23BA-4267-BB92-E65EB5EF77A8} => C:\Program Files (x86)\Primera Technology\PTPublisher\PTPublisher.exe Task: {BA31057A-304C-4755-ACC0-B780DFAF7B85} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_user => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe Task: {C3120D31-34D5-4918-AE21-C60D261ADECE} - System32\Tasks\{D7F9F977-9B77-4EC7-BFC5-D8564E32B520} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.33.0.104/en/abandoninstall?source=lightinstaller&page=tsBing Task: {C7D05EAF-91FC-480F-AA6A-448B13F97789} - System32\Tasks\Opera scheduled Autoupdate 1451100758 => C:\Program Files (x86)\Opera\launcher.exe [2017-07-18] (Opera Software) Task: {C8936B4C-60D8-42B6-9326-09022B708205} - System32\Tasks\{548B6018-E7E4-41AD-BDD8-3A64186E4F2D} => C:\Users\user\Desktop\Voice Comments Ver 2.1.0.1\VoiceComments Ver 2.1.0.1.exe Task: {CC4AEA42-5AB6-4B7F-A055-B713048FE1AF} - System32\Tasks\{F754823A-14D8-44DD-93B1-E6DFB0443492} => C:\Windows\system32\pcalua.exe -a "C:\Users\user\Documents\software\Sony SoundForge v8.0 build 53\soundforge80.exe" -d "C:\Users\user\Documents\software\Sony SoundForge v8.0 build 53" Task: {CDC2F808-ADB5-4650-BD92-CB24BB1844D2} - System32\Tasks\{F39E99C2-BAD8-4F84-BC48-CD2B90F11A2A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Task: {D1D33AC4-867E-4985-AEBD-0EFBB231A349} - System32\Tasks\{3192821A-23FB-4CD6-B5C1-31231C7F6118} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Downloads\vkaraoke.exe -d C:\Users\user\Downloads Task: {D2C8D071-FE43-4320-962F-2EE3B6E175A4} - System32\Tasks\AdobeAAMUpdater-1.0-user-PC-user => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated) Task: {D35A34F9-1889-4266-B5F3-DCE3F64A4EA8} - System32\Tasks\{E18EB61C-406F-4295-B395-FD961776D36E} => C:\Users\user\Desktop\Voice Comments Ver 2.1.0.1\VoiceComments Ver 2.1.0.1.exe Task: {D3FD566F-170B-458D-A1F1-ED0824903DA5} - System32\Tasks\{1EE7218E-4F1A-4907-AF10-4CB43BD88E26} => C:\Windows\system32\pcalua.exe -a C:\Users\user\Documents\software\DP4100_WinDriver_108\Setup\PostSetup\Win32\WinDriverInstaller32.exe -d C:\Users\user\Documents\software\DP4100_WinDriver_108\Setup\PostSetup\Win32 Task: {D884A3C3-FBF2-4B59-A8EE-E9AD74B1D90A} - System32\Tasks\{1169BD85-CCCD-4DF7-B609-DB133965B0A6} => C:\Users\user\Desktop\Voice Comments Ver 2.1.0.1\VoiceComments Ver 2.1.0.1.exe Task: {ED18C1A2-1678-452E-9652-8A9E008D034E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-22] (Piriform Ltd) Task: {F8766863-EA11-48A6-91F0-CD9801E40D50} - System32\Tasks\{F362C98C-1806-4933-B966-667E9E7D774C} => C:\Users\user\Desktop\Voice Comments Ver 2.1.0.1\VoiceComments Ver 2.1.0.1.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3599117210-139940529-1983179741-1000Core.job => C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3599117210-139940529-1983179741-1000UA.job => C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\MsF to Iwares Starter Edition.job => rundll32.exe C:\Program Files\MsF to Iwares Starter Edition\MsF to Iwares Starter Edition.dll ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-09-01 18:12 - 2016-09-01 18:12 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-10-31 09:29 - 2012-10-23 11:13 - 000135168 _____ () C:\Program Files (x86)\MMX353G 3G USB Manager\Driver\ChgService.exe 2014-09-12 17:07 - 2014-07-18 21:54 - 010982912 _____ () C:\xampp\mysql\bin\mysqld.exe 2013-01-30 16:32 - 2012-12-04 15:25 - 000176128 _____ () C:\Program Files\PostgreSQL\9.2\bin\LIBPQ.dll 2013-04-22 14:55 - 2012-09-11 23:14 - 000390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2013-04-30 09:17 - 2013-04-30 09:17 - 000248704 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe 2013-05-25 11:19 - 2008-06-26 19:09 - 000167936 _____ () C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe 2017-06-12 23:18 - 2017-06-12 23:18 - 000052392 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2013-04-03 19:28 - 2013-04-03 19:28 - 000287448 _____ () C:\Program Files (x86)\NETGEAR\WNA1000M\WPSService.exe 2017-08-02 20:02 - 2017-06-27 12:06 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2013-01-30 16:32 - 2012-08-14 19:01 - 001328128 _____ () C:\Program Files\PostgreSQL\9.2\bin\libxml2.dll 2017-07-20 01:59 - 2017-07-20 01:59 - 000162032 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll 2017-07-20 02:00 - 2017-07-20 02:00 - 000831664 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll 2017-07-20 01:59 - 2017-07-20 01:59 - 000276808 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2017-06-28 01:32 - 2017-06-23 08:51 - 003807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll 2017-06-28 01:32 - 2017-06-23 08:51 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll 2016-08-02 01:24 - 2016-08-02 01:24 - 000865232 _____ () C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kpcengine.2.3.dll 2017-07-20 01:59 - 2017-07-20 01:59 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-07-20 01:59 - 2017-07-20 01:59 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-07-20 01:59 - 2017-07-20 01:59 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-08-02 23:01 - 2017-08-02 23:01 - 005891448 _____ () C:\Program Files\AVAST Software\Avast\defs\17080206\algo.dll 2017-07-20 01:59 - 2017-07-20 01:59 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-07-20 01:59 - 2017-07-20 01:59 - 000231664 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2017-08-03 15:17 - 2017-08-03 15:17 - 005891448 _____ () C:\Program Files\AVAST Software\Avast\defs\17080302\algo.dll 2017-08-03 23:21 - 2017-08-03 23:21 - 005891448 _____ () C:\Program Files\AVAST Software\Avast\defs\17080308\algo.dll 2014-09-12 17:07 - 2014-07-17 16:48 - 000219648 _____ () C:\xampp\apache\bin\pcre.dll 2014-09-12 17:08 - 2014-07-24 03:54 - 000128512 _____ () C:\xampp\php\libpq.dll 2017-07-20 02:00 - 2017-07-20 02:00 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll 2017-07-04 10:10 - 2017-07-04 10:10 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-07-20 01:59 - 2017-07-20 01:59 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2016-09-08 15:29 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2011-12-13 11:10 - 2011-12-13 11:10 - 000413696 _____ () C:\Program Files (x86)\NETGEAR\WNA1000M\WlanDll.dll 2017-08-02 21:48 - 2016-08-10 17:13 - 000188704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll 2017-08-02 21:48 - 2016-08-10 17:13 - 000899872 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\webres.dll 2017-08-02 21:48 - 2016-08-10 17:13 - 000151840 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll 2017-08-02 21:48 - 2017-05-09 10:59 - 000631584 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll 2017-06-12 23:18 - 2017-06-12 23:18 - 000048296 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2017-08-02 21:48 - 2016-12-12 16:52 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl 2017-08-02 21:48 - 2016-12-12 16:52 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl 2017-08-02 21:48 - 2016-12-12 16:52 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl 2013-01-25 23:00 - 2012-06-25 10:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2012-03-09 16:26 - 2012-03-09 16:26 - 000100352 _____ () C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences [514] AlternateDataStreams: C:\ProgramData\TEMP:1493A0EF [134] AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [127] AlternateDataStreams: C:\ProgramData\TEMP:89FAC91C [246] AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9 [180] AlternateDataStreams: C:\Users\user\Local Settings:7esI4uoB2hMrxMNjQcu [1922] AlternateDataStreams: C:\Users\user\AppData\Local:7esI4uoB2hMrxMNjQcu [1922] AlternateDataStreams: C:\Users\user\AppData\Local\Application Data:7esI4uoB2hMrxMNjQcu [1922] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-02-09 21:18 - 2017-02-22 12:06 - 000000000 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3599117210-139940529-1983179741-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Launcher.lnk => C:\Windows\pss\Launcher.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Remote Control.lnk => C:\Windows\pss\Remote Control.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Connection Manager.lnk => C:\Windows\pss\Wireless Connection Manager.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\Bluestacks\HD-Agent.exe MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN MSCONFIG\startupreg: BrowserPlugInHelper => C:\Program Files (x86)\Aimersoft\YouTube Downloader\BrowserPlugInHelper.exe MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: CNAP2 Launcher => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Aimersoft\YouTube Downloader\DelayPluginI.exe MSCONFIG\startupreg: DigidesignMMERefresh => C:\Program Files\Avid\Pro Tools\MMERefresh.exe MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup MSCONFIG\startupreg: EaseUS EPM Tray Agent => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe" MSCONFIG\startupreg: Facebook Update => "C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: Free Download Manager => "C:\Program Files (x86)\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized MSCONFIG\startupreg: GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch MSCONFIG\startupreg: Memeo Instant Backup => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui MSCONFIG\startupreg: MobileBroadband => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe MSCONFIG\startupreg: MSN Toolbar => "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe" MSCONFIG\startupreg: OCCAgent => C:\Program Files (x86)\OCCAgent\OCCAgent.exe MSCONFIG\startupreg: PATHPILOT => C:\Program Files (x86)\Aktiv MP3 Recorder\Aktiv MP3 Recorder.lnk MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: SDP => C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: TiVme Agent => C:\Program Files (x86)\iBall Claro TV\iBall Claro TV\ScheduleAgent.exe srec MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave MSCONFIG\startupreg: uTorrent => "C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: VmbNotifier => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe MSCONFIG\startupreg: WhatPulse => "C:\Program Files (x86)\WhatPulse2\whatpulse.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{CED53D76-181C-484F-B8CA-494BD44F3DE5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{1299B49D-98C1-44B9-910D-17B07832C6F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{797BEC01-5C95-4757-AF6D-12D298B063E9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{7DF70F8D-DB66-4A61-BE57-128AE64F0A80}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{2F53632B-2536-4C2B-89CD-C6930E9CA992}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{B82A5848-20D6-4ECB-A771-4D666A3F59CA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{C26B893D-3DCF-4054-AB6A-BBFE4B704998}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{264DD373-AE2D-4CED-B9C2-C6333F47A460}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{90C1F44B-2CC7-42BE-A35F-C9793E4859B5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{4B6F036D-71F6-4000-95BF-274ECDCD2779}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{BCD49DCC-20E9-44EB-B696-6091DF79BD19}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{B74661B6-B4CD-449D-991F-C8BA154F18FC}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{0D5E8FB6-A25A-4400-9C57-4A4CF5CA641B}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{47F4B93B-DC07-4CD0-B838-BFC292CD096C}] => (Allow) LPort=5353 FirewallRules: [{F9B44D1A-E69F-4236-9380-87D5A2A6928D}] => (Allow) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe FirewallRules: [{EFD3074D-96C9-420F-88E7-DB849AE196FF}] => (Allow) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe FirewallRules: [{C0A3E674-2A78-4417-B33E-2E03841A75EC}] => (Allow) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe FirewallRules: [{887EB605-6F96-4CC8-B2B8-5DC31F871F9E}] => (Allow) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe FirewallRules: [{B27515C4-8769-4AAE-9A2C-282A7B3919E6}] => (Allow) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe FirewallRules: [TCP Query User{39E86D47-1D17-467A-BB8E-62D5D2910E10}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe FirewallRules: [UDP Query User{C7FC367F-A845-4EAD-8269-9A13007E2E75}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe FirewallRules: [{8D3E0551-F490-46A6-A5EF-AB98C9681BEF}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{023A1B46-6284-42F9-85BB-EE7586B774CA}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E370996B-C7F9-4D2F-BE55-C23D09D0FEA4}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4F3D126D-77D2-447B-96FD-5BEC3574E2DA}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{84161983-E912-4734-9439-DEE045847760}] => (Allow) C:\Users\user\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [TCP Query User{FF318F77-CA37-4BB1-9CBE-D10049F58663}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [UDP Query User{EA9AC15D-5206-44B7-B627-DCF914E4B1A0}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [{3CDF5802-8728-4EB9-B4E5-128D9D243944}] => (Block) C:\xampp\apache\bin\httpd.exe FirewallRules: [{982AB8FE-4058-43C8-A8AF-04EA408A735B}] => (Block) C:\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{F0AA214F-B38C-434E-A099-0F364CA1081B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe FirewallRules: [UDP Query User{97F0EF08-B570-4750-9786-CFFC903F43E8}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe FirewallRules: [TCP Query User{CDD0534B-2086-461B-8283-46F305A1AA78}C:\program files (x86)\aimersoft\youtube downloader\urlreqservice.exe] => (Allow) C:\program files (x86)\aimersoft\youtube downloader\urlreqservice.exe FirewallRules: [UDP Query User{929D35CE-07FA-4F56-9C23-BCC877973012}C:\program files (x86)\aimersoft\youtube downloader\urlreqservice.exe] => (Allow) C:\program files (x86)\aimersoft\youtube downloader\urlreqservice.exe FirewallRules: [{FACE4521-D643-420E-8A33-32E8F86273E0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{3137A315-D97E-4B86-BBF8-4F9A6810BF7D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{1DD16A3E-D151-46D9-B8A1-28341E92F0BB}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{39275637-5DE8-49DE-B8AF-C4351AC851BC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{8B5A40E8-97B4-4EBB-B163-1CED77951058}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{0AEC1FE6-8473-4015-833E-CF89F20E8129}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [TCP Query User{AB547EC7-8B47-4D6F-A752-7E2C6A597BF7}C:\program files (x86)\youwave android\vb\vboxsdl.exe] => (Allow) C:\program files (x86)\youwave android\vb\vboxsdl.exe FirewallRules: [UDP Query User{21BDB955-DE1B-4C54-A218-1E58FF8A9A52}C:\program files (x86)\youwave android\vb\vboxsdl.exe] => (Allow) C:\program files (x86)\youwave android\vb\vboxsdl.exe FirewallRules: [{41426EE5-A14E-4B26-A795-E264780669F9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8024CE2D-147F-4B84-AC3D-86CBE251E032}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{09709BFB-A3B5-483E-8908-0A687ED715A3}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe FirewallRules: [UDP Query User{5E688DFF-A262-4554-BA24-A1D1DE4573C8}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe FirewallRules: [{F5647487-D6AE-4A88-9386-6A0F557C5013}] => (Allow) C:\Program Files (x86)\Droid4X\Droid4X.exe FirewallRules: [{682FAEA6-E84C-4C43-B95D-235E85AAED6E}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe FirewallRules: [{BF9F3838-739D-47BF-BBBC-EA21059F497F}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe FirewallRules: [{633F6CE0-075C-46AC-B74A-13E23689C228}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe FirewallRules: [TCP Query User{316B23B8-30A7-4203-A685-2226100102B3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{9B1BF3DA-5D3F-4C01-B593-AF2BCA14C9F0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{7C81A35A-CB51-4400-AEF6-A7FC6C08E4B0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{181C2D77-E590-4E7E-9C72-1CF9FB6559E3}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{FD04AC89-094E-4F63-8972-A4A222F76C5A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [{97CF3095-07C3-40A5-ADF8-61B69A5F2160}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe FirewallRules: [{BF56F7E2-652C-48B9-805F-173B48CCBB73}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe FirewallRules: [TCP Query User{ABA9F6BA-8527-4384-AF2A-A2CD1BCF43C0}C:\program files (x86)\adobe\adobe dreamweaver cs5.5\dreamweaver.exe] => (Allow) C:\program files (x86)\adobe\adobe dreamweaver cs5.5\dreamweaver.exe FirewallRules: [UDP Query User{C70B38A3-D463-412B-A7DF-DA8997F5D7F9}C:\program files (x86)\adobe\adobe dreamweaver cs5.5\dreamweaver.exe] => (Allow) C:\program files (x86)\adobe\adobe dreamweaver cs5.5\dreamweaver.exe FirewallRules: [{36662E86-30B8-4949-BBD6-A47EF35E5503}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D0938B98-73C0-4229-A926-46C26112D79A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{B14B8023-E11C-41FE-B652-F22167A0B4AB}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Block) C:\program files (x86)\synology\assistant\dsassistant.exe FirewallRules: [UDP Query User{60CFAEE1-900D-401A-9CAE-74C483A040AC}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Block) C:\program files (x86)\synology\assistant\dsassistant.exe FirewallRules: [{DE7B4EB3-FDE5-4B61-8705-EB7641B5D721}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{FAE5AB1F-240A-4870-A1F5-C9D228384939}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5ECB844B-8084-4A96-97E7-A64ABC82A284}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0212A282-06AE-4488-B950-5C7B2E2B1060}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{381EA27B-CBCC-4DCF-8137-215804AEFDA2}] => (Allow) C:\Program Files (x86)\X-Mirage\x-mirage.exe FirewallRules: [{C2C4C5AA-E1F4-475B-AB8D-0019F9CA3141}] => (Allow) C:\Program Files\AMI\DuOS\DuOS.exe FirewallRules: [{572AB3C1-6BFF-4F1C-B51D-D8EBC77CC9D6}] => (Allow) C:\Program Files\AMI\DuOS\DuOS.exe FirewallRules: [{5F9F91BF-FA47-4971-8939-A9CA77D1F169}] => (Allow) C:\Program Files\AMI\DuOS\Ubusd.exe FirewallRules: [{A4670802-8756-4187-AF3E-4B9562565ACB}] => (Allow) C:\Program Files\AMI\DuOS\Ubusd.exe FirewallRules: [{86ECBE5D-3151-415A-BBFC-01DFAB70C90E}] => (Allow) C:\Program Files\AMI\DuOS\Dsync.exe FirewallRules: [{55DF995A-ED92-4BD7-BB37-777530C8C575}] => (Allow) C:\Program Files\AMI\DuOS\Dsync.exe FirewallRules: [{7D216E68-2D55-4A6F-9879-9F2C3A977BEE}] => (Allow) C:\Program Files\AMI\DuOS\SysEvent.exe FirewallRules: [{F055A3F9-F660-4FC0-864D-C91E92BD90C9}] => (Allow) C:\Program Files\AMI\DuOS\SysEvent.exe FirewallRules: [{722725A4-125F-4FF0-9E77-9207BCB7081F}] => (Allow) C:\Program Files\AMI\DuOS\locationservice.exe FirewallRules: [{9E3EB905-0CAB-4716-A353-0131329F88E3}] => (Allow) C:\Program Files\AMI\DuOS\locationservice.exe FirewallRules: [{5BEC2607-C315-4B4A-A5EA-22B2B8945744}] => (Allow) C:\Program Files\AMI\DuOS\CamProvider.exe FirewallRules: [{9885A463-8C80-4C34-9681-62B939C934D0}] => (Allow) C:\Program Files\AMI\DuOS\CamProvider.exe FirewallRules: [{F579AA21-B342-40E4-83D5-3FB267F236C3}] => (Allow) C:\Program Files\AMI\DuOS\SensorService.exe FirewallRules: [{0D2B7C7D-C37E-4D5C-83E7-FD95F38EB5B3}] => (Allow) C:\Program Files\AMI\DuOS\SensorService.exe FirewallRules: [{8F8CCF8C-2BB5-4603-A3B2-2C22E5C32900}] => (Allow) C:\Program Files\AMI\DuOS\..\DuoVM\DuoVMHeadless.exe FirewallRules: [{49C274BC-A654-4380-AB38-EFAE35902532}] => (Allow) C:\Program Files\AMI\DuOS\..\DuoVM\DuoVMHeadless.exe FirewallRules: [{442E8BC8-0368-48B9-970A-886F069736FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{CFA44FBE-55E3-4B4D-BE61-22683AA662DC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{AA036C15-69CB-421A-927F-812D9B2E1A68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{7D980DA6-5FD2-45B3-8E9E-B346339F970E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{9191462F-D6AF-4A1E-BAB8-F4DA3FB2E808}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{C82D0BF8-6142-4ACC-BC86-25DC33B162E2}] => (Allow) C:\Program Files (x86)\AirPrint\airprint.exe FirewallRules: [TCP Query User{A2887B37-AAE3-4525-A13F-17695DBABF77}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{AF52BF24-E5C2-4224-A71B-2B1285DAE1C7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [{5F9876F2-8B0B-449B-9FD6-3066CD9559B2}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{8970C5F7-E7C3-4724-99CE-97446B02F09C}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe FirewallRules: [{B47DA446-FA4E-4A66-9EC5-7DDF018F0316}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{4E900C73-895D-4BB1-9454-AFBADB85A470}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{F24A1E51-45FB-432C-9BD8-E7E6CAA1468A}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{F6B3D542-0B3A-49A7-9749-29A18DCEADDD}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{C4CB19A6-096B-4E78-BF53-075B91F86BB9}] => (Allow) C:\Program Files (x86)\FreeDownloadManager.ORG\Free Download Manager\fdm.exe FirewallRules: [{3C8A5212-CDEE-4A5F-B6FD-2F9484CE4C73}] => (Allow) C:\Program Files (x86)\FreeDownloadManager.ORG\Free Download Manager\fdm.exe FirewallRules: [{EB1793CB-481B-46D4-98A2-E44B103EF084}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4A6DAE3F-7378-4F7D-BE91-7FE6C9F1AE48}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe FirewallRules: [{7D9796F0-3E95-4D88-A1C6-45F040EF6198}] => (Allow) C:\Program Files (x86)\Opera\46.0.2597.46\opera.exe FirewallRules: [{06E9D18C-3943-45BF-82AE-24FD1C8F1524}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe FirewallRules: [{A955704E-F179-4475-AA1F-D032F57F5F20}] => (Allow) C:\Program Files (x86)\Opera\46.0.2597.57\opera.exe FirewallRules: [{76ADB3DD-1BD6-4873-BC6E-ECE55D7CB6CF}] => (Allow) C:\Program Files\Avid\Pro Tools\AvidVideoEngine.exe FirewallRules: [{8BB003BF-256B-4BAD-ABEE-044EAF1962A2}] => (Allow) C:\Program Files\Avid\Pro Tools\ProTools.exe FirewallRules: [{C680D199-3119-4458-B098-BAF9F6A5085E}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{3030B1AD-C307-4279-99E9-EAE5D8BE5FEB}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{1ABAC347-D0D0-435F-AB55-8F81FF8F7BDA}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{8A60BFE6-3512-49EB-B2AB-BFAED0AA62F3}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe FirewallRules: [{EE259837-ADAC-44D6-98EE-C84466379FF2}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe FirewallRules: [{C17F0F78-CD10-4547-B777-758311A4D94B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Restore Points ========================= 04-08-2017 02:00:59 Installed PDFescape Desktop View Module 04-08-2017 02:03:59 Installed PDFescape Desktop Create Module 04-08-2017 02:07:04 Installed PDFescape Desktop Insert Module 04-08-2017 02:07:29 Installed PDFescape Desktop Secure Module 04-08-2017 02:08:37 Installed PDFescape Desktop Forms Module 04-08-2017 02:09:45 Installed PDFescape Desktop Edit Module 04-08-2017 02:11:10 Installed PDFescape Desktop Review Module ==================== Faulty Device Manager Devices ============= Name: BAPIDRV Description: BAPIDRV Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: BAPIDRV Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (08/04/2017 06:55:06 AM) (Source: Google Update) (EventID: 20) (User: user-PC) Description: Event-ID 20 Error: (08/04/2017 03:55:06 AM) (Source: Google Update) (EventID: 20) (User: user-PC) Description: Event-ID 20 Error: (08/04/2017 12:55:07 AM) (Source: Google Update) (EventID: 20) (User: user-PC) Description: Event-ID 20 Error: (08/03/2017 09:55:07 PM) (Source: Google Update) (EventID: 20) (User: user-PC) Description: Event-ID 20 Error: (08/03/2017 06:55:06 PM) (Source: Google Update) (EventID: 20) (User: user-PC) Description: Event-ID 20 Error: (08/03/2017 03:55:06 PM) (Source: Google Update) (EventID: 20) (User: user-PC) Description: Event-ID 20 Error: (08/03/2017 02:43:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Explorer.EXE, version: 6.1.7601.23537, time stamp: 0x57c44efe Faulting module name: localization-service.dll_unloaded, version: 0.0.0.0, time stamp: 0x57a49211 Exception code: 0xc0000005 Fault offset: 0x000007fed56f66d1 Faulting process id: 0xedc Faulting application start time: 0x01d30bfa2f3f4c80 Faulting application path: C:\Windows\Explorer.EXE Faulting module path: localization-service.dll Report Id: 05cd7b62-782c-11e7-b40d-50465d8d7f0d Error: (08/03/2017 12:55:07 PM) (Source: Google Update) (EventID: 20) (User: user-PC) Description: Event-ID 20 Error: (08/03/2017 09:55:06 AM) (Source: Google Update) (EventID: 20) (User: user-PC) Description: Event-ID 20 Error: (08/03/2017 06:55:05 AM) (Source: Google Update) (EventID: 20) (User: user-PC) Description: Event-ID 20 System errors: ============= Error: (08/04/2017 07:10:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 Error: (08/04/2017 07:10:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 Error: (08/04/2017 07:10:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 Error: (08/04/2017 07:10:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 Error: (08/04/2017 07:10:28 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801. Error: (08/04/2017 07:10:28 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801. Error: (08/04/2017 02:51:12 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 Error: (08/04/2017 02:51:12 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 Error: (08/04/2017 02:51:12 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801. Error: (08/04/2017 02:11:53 AM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk2\DR2. CodeIntegrity: =================================== Date: 2017-03-06 01:38:55.723 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hfsplusrec.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-06 01:38:55.715 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hfsplusrec.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-06 01:38:55.477 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hfsplus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-06 01:38:55.465 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hfsplus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-06 01:35:17.995 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hfsplusrec.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-06 01:35:17.985 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hfsplusrec.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-06 01:35:17.298 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hfsplus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-06 01:35:17.276 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hfsplus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-06 01:15:12.278 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hfsplusrec.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-06 01:15:12.271 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\hfsplusrec.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz Percentage of memory in use: 87% Total physical RAM: 7882.99 MB Available physical RAM: 1015.11 MB Total Virtual: 15764.17 MB Available Virtual: 5215.76 MB ==================== Drives ================================ Drive c: (Win7) (Fixed) (Total:488.18 GB) (Free:13.85 GB) NTFS Drive d: (Data) (Fixed) (Total:443.23 GB) (Free:38.71 GB) NTFS Drive f: (SDS-BG ) (Removable) (Total:7.48 GB) (Free:0.05 GB) FAT32 Drive g: (SDS-BG ) (Removable) (Total:7.48 GB) (Free:0.05 GB) FAT32 Drive h: (SDS-BG ) (Removable) (Total:7.49 GB) (Free:0.05 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 425BDDB2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=488.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 7.5 GB) (Disk ID: 6928BD7A) Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B) ======================================================== Disk: 2 (Size: 7.5 GB) (Disk ID: 7A1E1612) Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B) ======================================================== Disk: 3 (Size: 7.5 GB) (Disk ID: 021BCEEB) Partition 1: (Active) - (Size=7.5 GB) - (Type=0B) ==================== End of Addition.txt ============================