Hi, Conspire! Here are the logs that you requested.
AdwCleaner log
# AdwCleaner v6.030 - Logfile created 26/11/2016 at 16:21:54
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-25.3 [Server]
# Operating System : Windows 7 Ultimate (X86)
# Username : Adadu - ADADU-PC
# Running from : C:\Users\Adadu\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Users\Adadu\AppData\Local\MalwareProtectionLive
[-] Folder deleted: C:\Users\Adadu\AppData\Roaming\GrabPro
[-] Folder deleted: C:\Program Files\orbitdownloader
***** [ Files ] *****
[-] File deleted: C:\Users\Adadu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
[-] Key deleted: HKLM\SOFTWARE\Orbit
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MalwareProtectionLive
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
[-] Data restored: HKU\S-1-5-21-3559194677-4052321422-2392058216-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key deleted: HKU\S-1-5-21-3559194677-4052321422-2392058216-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D6A11E6F-EBE6-4811-97BD-E75ECCAC07E2}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D6A11E6F-EBE6-4811-97BD-E75ECCAC07E2}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MalwareProtectionLive]
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
***** [ Web browsers ] *****
[-] Chrome preferences cleaned: "keyword.URL" - "hxxps://ph.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=994519&p="
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [3689 Bytes] - [26/11/2016 16:21:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [781 Bytes] - [03/07/2016 11:55:35]
C:\AdwCleaner\AdwCleaner[S2].txt - [4060 Bytes] - [26/11/2016 16:07:37]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3907 Bytes] ##########
Fresh FRST log
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2016
Ran by Adadu (administrator) on ADADU-PC (26-11-2016 16:26:59)
Running from C:\Users\Adadu\Downloads
Loaded Profiles: Adadu (Available Profiles: Adadu)
Platform: Micro$hit MacOS X 7 Ultimate (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\SMART BRO\AssistantServices.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files\SMART BRO\UIExec.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Free Time) C:\Program Files\PicosmosTools\PicosmosTools.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [UIExec] => C:\Program Files\SMART BRO\UIExec.exe [139088 2011-04-02] ()
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [25673776 2016-11-08] (Dropbox, Inc.)
HKU\S-1-5-21-3559194677-4052321422-2392058216-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3559194677-4052321422-2392058216-1000\...\Run: [Picosmos] => C:\Program Files\PicosmosTools\PicosmosTools.exe [5733960 2016-05-21] (Free Time)
HKU\S-1-5-21-3559194677-4052321422-2392058216-1000\...\Run: [KSS] => C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
HKU\S-1-5-21-3559194677-4052321422-2392058216-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3559194677-4052321422-2392058216-1000\...\Run: [Free Download Manager] => "C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe" --minimized
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-08-31] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-07-10]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk [2016-11-26]
ShortcutTarget: Orbit.lnk -> C:\Program Files\Orbitdownloader\orbitdm.exe (No File)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254 192.168.254.254
Tcpip\..\Interfaces\{A8279C24-18BD-4C66-8A18-90C981C2330E}: [DhcpNameServer] 192.168.254.254 192.168.254.254
Internet Explorer:
==================
HKU\S-1-5-21-3559194677-4052321422-2392058216-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3559194677-4052321422-2392058216-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ph/?ocid=iehp
HKU\S-1-5-21-3559194677-4052321422-2392058216-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.com
hxxp://go.microsoft.com/fwlink/?LinkId=69157
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29] (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Adadu\AppData\Roaming\Mozilla\Firefox\Profiles\9sdpg9pi.default-1450624626215 [2016-11-21]
FF NewTab: Mozilla\Firefox\Profiles\9sdpg9pi.default-1450624626215 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\9sdpg9pi.default-1450624626215 -> Yahoo!
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\9sdpg9pi.default-1450624626215 -> Yahoo!
FF Homepage: Mozilla\Firefox\Profiles\9sdpg9pi.default-1450624626215 -> about:home
FF Extension: (Firefox Hotfix) - C:\Users\Adadu\AppData\Roaming\Mozilla\Firefox\Profiles\9sdpg9pi.default-1450624626215\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-09]
FF ProfilePath: C:\Users\Adadu\AppData\Roaming\Mozilla\Firefox\Profiles\qababq48.default-1479725842724 [2016-11-21]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-31]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-31]
FF HKU\S-1-5-21-3559194677-4052321422-2392058216-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-26] ()
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-3559194677-4052321422-2392058216-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adadu\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Plugin HKU\S-1-5-21-3559194677-4052321422-2392058216-1000: www.mydlink.com/Uplayer -> C:\Users\Adadu\AppData\Roaming\D-Link\mydlink services plugin\1.0.2.7\npUplayer.dll [2015-12-11] (D-Link Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2009-12-02] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-27] (Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2009-12-02]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2009-12-02]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2009-12-02]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2009-12-02]
Chrome:
=======
CHR Profile: C:\Users\Adadu\AppData\Local\Google\Chrome\User Data\Default [2016-11-26]
CHR Extension: (Google Slides) - C:\Users\Adadu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-26]
CHR Extension: (Google Docs) - C:\Users\Adadu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-26]
CHR Extension: (Google Drive) - C:\Users\Adadu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-26]
CHR Extension: (YouTube) - C:\Users\Adadu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-26]
CHR Extension: (Avast SafePrice) - C:\Users\Adadu\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-21]
CHR Extension: (Google Sheets) - C:\Users\Adadu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-26]
CHR Extension: (Google Docs Offline) - C:\Users\Adadu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-01]
CHR Extension: (Avast Online Security) - C:\Users\Adadu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Adadu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-26]
CHR Extension: (Gmail) - C:\Users\Adadu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\Adadu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-31] (AVAST Software)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-18] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-18] (Dropbox, Inc.)
S2 DbxSvc; C:\Windows\system32\DbxSvc.exe [35440 2016-11-08] (Dropbox, Inc.)
R2 kss; C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [239880 2016-02-06] (McAfee, Inc.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-08-14] (Microsoft Corporation) [File not signed]
R2 UI Assistant Service; C:\Program Files\SMART BRO\AssistantServices.exe [253264 2011-01-24] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-08-31] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-08-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-08-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-08-31] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-08-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-08-31] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-14] (AVAST Software)
S3 jakstaVA; C:\Windows\System32\DRIVERS\jaksta_va.sys [91784 2014-12-09] (e2eSoft)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2011-03-26] (MBB Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2013-03-10] () [File not signed]
S3 ZTEusbvoice; C:\Windows\System32\DRIVERS\ZTEusbvoice.sys [107776 2011-03-26] (ZTE Incorporated)
U3 ajs0eywu; C:\Windows\system32\Drivers\ajs0eywu.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-26 16:04 - 2016-11-26 16:04 - 03910208 _____ C:\Users\Adadu\Downloads\AdwCleaner.exe
2016-11-22 08:58 - 2016-11-22 09:53 - 00004243 _____ C:\Users\Adadu\Desktop\aswMBR.txt
2016-11-22 08:58 - 2016-11-22 09:53 - 00000512 _____ C:\Users\Adadu\Desktop\MBR.dat
2016-11-22 08:44 - 2016-11-26 16:26 - 01761280 _____ (Farbar) C:\Users\Adadu\Downloads\FRST.exe
2016-11-22 08:43 - 2016-11-22 08:44 - 05198336 _____ (AVAST Software) C:\Users\Adadu\Downloads\aswMBR.exe
2016-11-22 08:40 - 2016-11-22 08:40 - 00243600 _____ C:\Users\Adadu\Downloads\Firefox Setup Stub 50.0 (1).exe
2016-11-22 08:38 - 2016-11-22 08:41 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-11-22 08:38 - 2016-11-22 08:41 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-11-22 08:36 - 2016-11-22 08:36 - 00243600 _____ C:\Users\Adadu\Downloads\Firefox Setup Stub 50.0.exe
2016-11-21 18:42 - 2016-11-21 18:53 - 00000000 ____D C:\Users\Adadu\AppData\Roaming\DMCache
2016-11-21 18:42 - 2016-11-21 18:42 - 00000000 ____D C:\Users\Adadu\Downloads\Video
2016-11-21 18:42 - 2016-11-21 18:42 - 00000000 ____D C:\Users\Adadu\Downloads\Compressed
2016-11-21 18:42 - 2016-11-21 18:42 - 00000000 ____D C:\ProgramData\IDM
2016-11-21 18:41 - 2016-11-21 18:41 - 06907464 _____ (Tonec Inc.) C:\Users\Adadu\Downloads\idman626build10.exe
2016-11-21 18:29 - 2016-11-21 18:32 - 00000000 ____D C:\Users\Adadu\AppData\Local\Free Download Manager
2016-11-21 18:27 - 2016-11-21 18:28 - 41797472 _____ (FreeDownloadManager.ORG ) C:\Users\Adadu\Downloads\fdm5_x86_setup.exe
2016-11-20 14:42 - 2016-11-20 14:42 - 00166094 _____ C:\Windows\ntbtlog.txt
2016-11-20 09:33 - 2016-11-20 09:33 - 00000000 ____D C:\Users\Adadu\AppData\Roaming\WinRAR
2016-11-20 09:25 - 2016-11-20 09:25 - 00204042 _____ C:\Users\Adadu\Downloads\3D_CAMERA_TECH_DOWNLOAD_01_folder.zip
2016-11-18 18:05 - 2016-11-21 18:57 - 00000000 ____D C:\Users\Adadu\AppData\LocalLow\Mozilla
2016-11-18 09:18 - 2016-11-23 08:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-11-12 12:34 - 2016-11-12 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-11 11:54 - 2016-11-11 12:02 - 00000000 ____D C:\Users\Adadu\AppData\Roaming\Audacity
2016-11-11 11:54 - 2016-11-11 11:54 - 00000000 ____D C:\Users\Adadu\AppData\Local\Audacity
2016-11-11 11:52 - 2016-11-11 11:54 - 00000000 ____D C:\Program Files\Audacity
2016-11-11 11:52 - 2016-11-11 11:52 - 00000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-11-11 11:52 - 2016-11-11 11:52 - 00000969 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-11-11 11:50 - 2016-11-11 11:51 - 26496761 _____ (Audacity Team ) C:\Users\Adadu\Downloads\audacity-win-2.1.2.exe
2016-11-08 06:49 - 2016-11-08 06:49 - 00063600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-11-08 06:49 - 2016-11-08 06:49 - 00063600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-11-08 06:49 - 2016-11-08 06:49 - 00063600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-11-08 06:49 - 2016-11-08 06:49 - 00035440 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-10-29 22:12 - 2016-10-30 05:26 - 00000000 ____D C:\Users\Adadu\AppData\LocalLow\Wulven Game Studios
2016-10-29 22:08 - 2016-10-29 22:10 - 09296352 _____ (Wulven Game Studios ) C:\Users\Adadu\Downloads\ShadowEra.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-26 16:27 - 2016-07-03 12:12 - 00016533 _____ C:\Users\Adadu\Downloads\FRST.txt
2016-11-26 16:26 - 2016-07-03 12:08 - 00000000 ____D C:\Users\Adadu\Downloads\FRST-OlderVersion
2016-11-26 16:26 - 2016-07-03 12:05 - 00000000 ____D C:\FRST
2016-11-26 16:25 - 2016-05-18 15:37 - 00000000 ___RD C:\Users\Adadu\Dropbox
2016-11-26 16:24 - 2016-05-18 15:15 - 00000890 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-11-26 16:24 - 2013-03-10 16:03 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-26 16:23 - 2009-07-14 12:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-26 16:21 - 2016-07-03 11:54 - 00000000 ____D C:\AdwCleaner
2016-11-26 15:55 - 2013-03-10 16:03 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-26 15:31 - 2016-05-18 15:15 - 00000894 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-11-26 15:16 - 2009-07-14 12:34 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-26 15:16 - 2009-07-14 12:34 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-26 15:13 - 2016-08-25 17:33 - 00000000 ____D C:\Users\Adadu\AppData\Roaming\Orbit
2016-11-25 19:05 - 2013-03-10 16:18 - 00000000 ____D C:\Users\Adadu\AppData\Roaming\vlc
2016-11-25 18:44 - 2015-12-29 08:21 - 00000000 ____D C:\Users\Adadu\AppData\Local\Battle.net
2016-11-25 18:14 - 2015-12-29 08:18 - 00000000 ____D C:\Program Files\Battle.net
2016-11-24 18:57 - 2013-03-10 00:42 - 00717892 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-24 18:57 - 2009-07-14 10:37 - 00000000 ____D C:\Windows\inf
2016-11-23 15:40 - 2015-12-21 03:58 - 00000000 ____D C:\Users\Adadu\AppData\Roaming\Azureus
2016-11-23 15:36 - 2016-01-18 15:33 - 00000000 ____D C:\Users\Adadu\AppData\Roaming\CDisplayEx
2016-11-23 14:51 - 2015-12-21 03:58 - 00000000 ____D C:\Users\Adadu\Documents\Vuze Downloads
2016-11-23 08:23 - 2015-07-05 14:41 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-11-22 08:47 - 2016-07-03 12:13 - 00030438 _____ C:\Users\Adadu\Downloads\Addition.txt
2016-11-20 12:48 - 2013-03-10 00:37 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-16 08:58 - 2016-10-26 11:43 - 00002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-16 08:58 - 2016-10-26 11:43 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-15 15:33 - 2016-02-28 14:25 - 00000000 ____D C:\Users\Adadu\Desktop\hearthstone
2016-11-12 12:34 - 2016-05-18 15:15 - 00000000 ____D C:\Program Files\Dropbox
2016-11-11 13:50 - 2015-12-29 08:53 - 00000000 ____D C:\Program Files\Hearthstone
2016-11-05 20:46 - 2013-03-10 16:03 - 00000000 ____D C:\Users\Adadu\AppData\Local\Google
2016-10-28 10:11 - 2009-07-14 12:53 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories =======
2016-08-07 12:57 - 2016-08-07 21:57 - 0000103 _____ () C:\Users\Adadu\AppData\Roaming\Camdata.ini
2016-08-07 12:57 - 2016-08-07 21:57 - 0000408 _____ () C:\Users\Adadu\AppData\Roaming\CamLayout.ini
2016-08-07 12:57 - 2016-08-07 21:57 - 0000408 _____ () C:\Users\Adadu\AppData\Roaming\CamShapes.ini
2016-08-07 12:57 - 2016-08-07 21:57 - 0004535 _____ () C:\Users\Adadu\AppData\Roaming\CamStudio.cfg
2016-08-07 12:49 - 2016-08-07 21:53 - 0000096 _____ () C:\Users\Adadu\AppData\Roaming\version2.xml
Some files in TEMP:
====================
C:\Users\Adadu\AppData\Local\Temp\libeay32.dll
C:\Users\Adadu\AppData\Local\Temp\msvcr120.dll
C:\Users\Adadu\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe
[2009-07-14 07:41] - [2009-09-03 13:51] - 2417664 ____A (Microsoft Corporation) 850AC6E1690E59DF6E6F37D076DD7443
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2013-11-20 22:10
==================== End of FRST.txt ============================
Addition log
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-11-2016
Ran by Adadu (26-11-2016 16:28:09)
Running from C:\Users\Adadu\Downloads
Micro$hit MacOS X 7 Ultimate (X86) (2013-03-09 16:32:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Adadu (S-1-5-21-3559194677-4052321422-2392058216-1000 - Administrator - Enabled) => C:\Users\Adadu
Administrator (S-1-5-21-3559194677-4052321422-2392058216-500 - Administrator - Disabled)
Guest (S-1-5-21-3559194677-4052321422-2392058216-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Reader 9.2 Lite (HKLM\...\{AC76BA86-7AD7-1033-7B44-A92000000001}) (Version: 9.2.0 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
AIMP2 (HKLM\...\AIMP2) (Version: - AIMP DevTeam)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled Deluxe 1.862 (HKLM\...\Bejeweled Deluxe 1.862) (Version: - )
CamStudio 2.7.4 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.4 - CamStudio Open Source)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Combo Chaos Deluxe (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7}) (Version: - HALFPiNT Games)
Cool Timer 5.1.3.0 (HKLM\...\Cool Timer_is1) (Version: - Harmony Hollow Software)
DolbyFiles (Version: 2.0 - Nero AG) Hidden
Dropbox (HKLM\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.57.1 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FormatFactory 3.9.0.1 (HKLM\...\FormatFactory) (Version: 3.9.0.1 - Free Time)
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.21.135 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1872 - Intel Corporation)
Kaspersky Security Scan (HKLM\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)
Kaspersky Security Scan (Version: 16.0.0.1344 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM\...\InstallWIX_{94C8D443-1D07-4E6D-A9EB-FDBA45A839D8}) (Version: 1.5.2.228 - Kaspersky Lab)
Kaspersky Software Updater Beta (Version: 1.5.2.228 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual Basic 6.0 Professional Edition (HKLM\...\Visual Basic 6.0 Professional Edition) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.53 (HKLM\...\WebPost) (Version: - )
Mozilla Firefox 50.0 (x86 en-US) (HKLM\...\Mozilla Firefox 50.0 (x86 en-US)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.0 - Mozilla)
mydlink services plugin (HKLM\...\{1A9B665A-5F27-4F71-BF90-22FDFE7A1635}) (Version: 1.0.2.7 - D-Link Corporation)
Nero 9 (HKLM\...\{8d2871f6-e558-40bf-81ec-6808343d09bf}) (Version: - Nero AG)
PicosmosTools 1.5.1.0 (HKLM\...\PicosmosTools) (Version: 1.5.1.0 - Free Time)
Program4Pc DJ Music Mixer (HKLM\...\{8C6B8ECF-C649-46D9-A8ED-5BE2921F9ECD}) (Version: 5.5 - Program4Pc Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5653 - Realtek Semiconductor Corp.)
RKLauncher 0.43 Custom (HKLM\...\{40636246-26E3-4471-894D-B3940117ED36}_is1) (Version: - ArG, Inc.)
SafeZone Stable 1.51.2220.62 (Version: 1.51.2220.62 - Avast Software) Hidden
Skype™ 4.1 (HKLM\...\{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}) (Version: 4.1.141 - Skype Technologies S.A.)
SMART BRO (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.3.0 - Azureus Software, Inc.)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Y'z Dock 1.01 (HKLM\...\{B96F3609-1472-45CF-93FD-54743FD9FB61}_is1) (Version: - ArG, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3559194677-4052321422-2392058216-1000_Classes\CLSID\{202B524F-841E-5A9D-8D3F-1010FA1A469E}\InprocServer32 -> C:\Users\Adadu\AppData\Roaming\D-Link\mydlink services plugin\1.0.2.7\npUplayer.dll (D-Link Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0F851277-EB24-46C6-83FD-0965D17D37F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-13] (Google Inc.)
Task: {1DA838E3-584D-420C-A093-D2B38A2EEEB0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {2375F586-1009-41FB-B54E-30D8AF2B781D} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe
Task: {4DFA292C-7CE9-4EB6-8CCC-CA58531187C3} - System32\Tasks\{4B6191D7-2F13-490E-BC8D-22FA730F99A9} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.18.0.112&LastError=12002
Task: {9310174F-7D9A-44DD-8FC8-24DF051F0663} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-05-18] (Dropbox, Inc.)
Task: {B2210200-6478-40EE-9C9B-BE78008EE12C} - System32\Tasks\{EA3CB214-0F14-4B6A-8444-7AA5A289BE26} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.112/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {C38C8589-53D3-421B-A827-D58DF72471AE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D9BC0A1A-2CE5-4CC3-A444-1B088E1E4C06} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-13] (Google Inc.)
Task: {DD729E4E-C834-4317-9B35-8926144928AD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {E453FEA1-4524-4504-8DEC-52A9A21BB1B9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-05-18] (Dropbox, Inc.)
Task: {E4CDD6DC-DCE2-422B-8149-BF0866EF9810} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-05] (AVAST Software)
Task: {E85E5F7F-44D6-4B50-8E81-E623D8C448CA} - System32\Tasks\SafeZone scheduled Autoupdate 1459994645 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {EE690CE0-B132-4195-8433-7D2D9433A79B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-31] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Adadu\Music\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.com
==================== Loaded Modules (Whitelisted) ==============
2016-08-31 08:20 - 2016-08-31 08:20 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-26 15:12 - 2016-11-26 15:12 - 03134984 _____ () C:\Program Files\AVAST Software\Avast\defs\16112501\algo.dll
2016-08-31 08:20 - 2016-08-31 08:20 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-15 13:38 - 2015-12-15 13:38 - 00326112 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\dblite.dll
2015-10-27 16:44 - 2015-10-27 16:44 - 00404952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\ipm_service.dll
2016-04-01 09:07 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-04-01 09:07 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2016-04-01 09:07 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-04-01 09:07 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2016-04-01 09:07 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-12-12 10:09 - 2011-01-24 20:29 - 00253264 _____ () C:\Program Files\SMART BRO\AssistantServices.exe
2014-12-12 10:09 - 2011-04-02 10:44 - 00139088 _____ () C:\Program Files\SMART BRO\UIExec.exe
2016-08-02 08:23 - 2016-08-02 08:23 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-11-12 12:34 - 2016-10-11 00:29 - 00035792 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2016-11-12 12:34 - 2016-10-11 00:29 - 00145864 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2016-11-12 12:34 - 2016-10-11 00:29 - 00019408 _____ () C:\Program Files\Dropbox\Client\faulthandler.pyd
2016-11-12 12:34 - 2016-10-11 00:29 - 00116688 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2016-11-12 12:34 - 2016-10-11 00:29 - 00100296 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2016-11-12 12:34 - 2016-10-11 00:29 - 00018888 _____ () C:\Program Files\Dropbox\Client\select.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00019760 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2016-11-12 12:34 - 2016-10-11 00:29 - 00694224 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2016-11-12 12:34 - 2016-11-08 06:58 - 00020816 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-11-12 12:34 - 2016-10-11 00:30 - 00123856 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2016-11-12 12:34 - 2016-11-08 06:58 - 01682760 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-11-12 12:34 - 2016-11-08 06:58 - 00020808 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00105928 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00021312 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00052024 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00038696 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2016-11-12 12:34 - 2016-10-11 00:29 - 00392144 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2016-11-12 12:34 - 2016-10-11 00:31 - 00020936 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00024528 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00116176 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00381752 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00124880 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00025424 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00175560 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00030160 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00043472 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00048592 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00057808 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2016-11-12 12:34 - 2016-11-08 06:58 - 00246592 _____ () C:\Program Files\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00026456 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-11-12 12:34 - 2016-10-11 00:30 - 00241104 _____ () C:\Program Files\Dropbox\Client\_jpegtran.pyd
2016-11-12 12:34 - 2016-11-08 06:58 - 00020280 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00028616 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00023376 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00019776 _____ () C:\Program Files\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00350152 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00022352 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00024392 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-11-12 12:34 - 2016-10-11 00:27 - 00036296 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2016-11-12 12:34 - 2016-11-08 06:59 - 00084280 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-11-12 12:34 - 2016-11-08 06:59 - 01826096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2016-11-12 12:34 - 2016-10-11 00:29 - 00083912 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00531248 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 03928880 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 01972528 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00133424 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00224056 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00207672 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00020288 _____ () C:\Program Files\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-11-12 12:34 - 2016-10-11 00:33 - 00017864 _____ () C:\Program Files\Dropbox\Client\libEGL.dll
2016-11-12 12:34 - 2016-10-11 00:34 - 01631184 _____ () C:\Program Files\Dropbox\Client\libGLESv2.dll
2016-11-12 12:34 - 2016-11-08 06:59 - 00042808 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00168760 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00357680 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd
2016-11-12 12:34 - 2016-10-11 00:31 - 00060880 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00024904 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-11-12 12:34 - 2016-11-08 06:59 - 00546096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd
2016-05-10 21:33 - 2016-05-10 21:33 - 03187712 _____ () C:\Program Files\PicosmosTools\FFImage.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 45077376 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\libcef.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 01650560 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 00082304 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\libegl.dll
2016-11-16 08:58 - 2016-11-09 04:29 - 01819240 _____ () C:\Program Files\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-16 08:58 - 2016-11-09 04:29 - 00093288 _____ () C:\Program Files\Google\Chrome\Application\54.0.2840.99\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 10:04 - 2016-02-23 09:53 - 00000858 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3559194677-4052321422-2392058216-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adadu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RKLauncher.lnk => C:\Windows\pss\RKLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Y'z Dock.lnk => C:\Windows\pss\Y'z Dock.lnk.CommonStartup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4B2807DB-1DF1-4BAA-96A5-DC2EAED24D24}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{D9C3FBAD-7CDD-400E-8965-754B24CEF9D6}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{0A554C7A-9475-4C33-875F-CCC7635A253D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{24B9BAF7-AD86-4D8F-B113-5E28E087B653}C:\users\adadu\desktop\warcraft iii\war3.exe] => (Block) C:\users\adadu\desktop\warcraft iii\war3.exe
FirewallRules: [UDP Query User{CA626E8D-4878-48CB-941E-FB15D120AE83}C:\users\adadu\desktop\warcraft iii\war3.exe] => (Block) C:\users\adadu\desktop\warcraft iii\war3.exe
FirewallRules: [{B5AFE642-E302-4C1C-909D-D180CED95C8F}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{0F2350B0-17E8-4050-A230-FF297DF7CD58}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{06454344-5098-4587-AD60-8951019278DA}C:\program files\hearthstone\hearthstone.exe] => (Allow) C:\program files\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{858A25EE-52CC-461C-97A8-4552C54AE1AE}C:\program files\hearthstone\hearthstone.exe] => (Allow) C:\program files\hearthstone\hearthstone.exe
FirewallRules: [{DB625FA1-7C1B-49D7-864A-5A40369E3D21}] => (Block) C:\program files\hearthstone\hearthstone.exe
FirewallRules: [{13CC22F4-031B-4A21-8C97-B347D8251324}] => (Block) C:\program files\hearthstone\hearthstone.exe
FirewallRules: [{A718FEF9-AF6F-4E42-87DB-BB56E34C185F}] => (Allow) C:\Program Files\StarCraft II\Versions\Base42932\SC2.exe
FirewallRules: [{E53BB3C2-AB27-4535-B4DE-837045A226D1}] => (Allow) C:\Program Files\StarCraft II\Versions\Base42932\SC2.exe
FirewallRules: [TCP Query User{07B86830-B7DB-4F31-848A-DCACA54DCD29}C:\users\adadu\downloads\ffinstonline.exe] => (Allow) C:\users\adadu\downloads\ffinstonline.exe
FirewallRules: [UDP Query User{90470C2F-374E-4CC2-B99D-2C538ACBC796}C:\users\adadu\downloads\ffinstonline.exe] => (Allow) C:\users\adadu\downloads\ffinstonline.exe
FirewallRules: [{C1C49A3E-CC4A-4243-825B-A58E06A25D99}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{C0BBD4CA-EFA4-4741-A16E-454B58A78B3D}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{2F403EF9-F233-4A4D-8842-95FAFD213FB7}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{903945E7-75D4-44FE-84E3-5553E5D0F9E1}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{44B7A1B7-8FCF-434A-AF7C-CE1BD8BF5E1F}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{9D631472-457A-4455-9F36-FD51B4F7F0D1}] => (Allow) C:\Program Files\PicosmosTools\PTInstOnline.exe
FirewallRules: [{05461AC3-14FD-40CD-81C4-62F0447A9952}] => (Allow) C:\Program Files\Heroes of the Storm\Versions\Base44941\HeroesOfTheStorm.exe
FirewallRules: [{2D5C72E9-B14F-408E-AA5D-C34194BB8B61}] => (Allow) C:\Program Files\Heroes of the Storm\Versions\Base44941\HeroesOfTheStorm.exe
FirewallRules: [{B4F8C68A-F6C0-43FA-8DD4-10962985CE66}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{B6C736A7-39D0-43C7-B1C6-3C332913423D}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{8998D199-3775-4E1C-BA3D-843D1C85A82F}C:\program files\orbitdownloader\orbitnet.exe] => (Allow) C:\program files\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{3B2E8535-B7BF-4DC9-B842-74824ACF8780}C:\program files\orbitdownloader\orbitnet.exe] => (Allow) C:\program files\orbitdownloader\orbitnet.exe
FirewallRules: [{1787E0F3-D5FF-41FE-B6D6-81DB782D63B4}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{C7946221-F165-4041-BDBD-569A905E7D4D}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{710314D9-F782-4839-9DDE-42E6A3B81AC0}] => (Allow) C:\Program Files\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{8B04FD0F-099F-490B-87D3-0986A4A3E2B2}] => (Allow) C:\Program Files\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{FF5961CE-A6BA-4AC2-9B76-8D2A2565E546}] => (Allow) C:\Program Files\StarCraft II\Versions\Base47185\SC2.exe
FirewallRules: [{EF90C1DA-E8AF-4928-BE2F-3E3E68FA546C}] => (Allow) C:\Program Files\StarCraft II\Versions\Base47185\SC2.exe
FirewallRules: [{236131E6-7121-49D7-B324-603A07825B3E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
FirewallRules: [{02064B3E-F2FB-4CEF-9FC8-E50EA2CF05F4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{E2EA3C6A-9A90-4B02-8992-68C114BF1A49}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DB16643A-0D08-4D9C-BDC5-E6F26FFA3805}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files\Orbitdownloader\orbitdm.exe] => Enabled:Orbit
StandardProfile\AuthorizedApplications: [C:\Program Files\Orbitdownloader\orbitnet.exe] => Enabled:Orbit
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
The Windows Event Log service is starting.
The Windows Event Log service could not be started.
A system error has occurred.
The system cannot find message text for message number 0x1069 in the message file for (null).
More help is available by typing NET HELPMSG 4201.
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU T6400 @ 2.00GHz
Percentage of memory in use: 52%
Total physical RAM: 2911.04 MB
Available physical RAM: 1369.93 MB
Total Virtual: 5818.29 MB
Available Virtual: 3939.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:19.49 GB) NTFS
Drive d: (GUARDIANS_OF_THE_GALAXY) (CDROM) (Total:7.13 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: C706724C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================