Page 1 of 2 12 LastLast
Results 1 to 10 of 13
  1. #1
    Member
    Join Date
    Feb 2016
    Posts
    8
    Points
    0

    Default Checking my HJT for issues

    Hello, sometime ago I had to download an extension from a video site; and I did not notice I said yes to a thing called yessearches under the idea it was the extension install thing.

    Well after help from someone else. I managed to remove it but I do believe there could still be problems, here is the latest HJT log file. Hope it helps.

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 07:46:19 p. m., on 31/01/2016
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.9600.18123)

    FIREFOX: 44.0 (x86 es-MX)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
    C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\NAV.exe
    C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
    C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
    C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
    C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
    C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
    C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
    C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
    C:\Users\EdgarOmar\Downloads\HijackThis.exe
    C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
    C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Inicio - Bienvenido a Bienvenido a Toshiba
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Inicio - Bienvenido a Bienvenido a Toshiba
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Inicio - Bienvenido a Bienvenido a Toshiba
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Inicio - Bienvenido a Bienvenido a Toshiba
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by TOSHIBA
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\coIEPlg.dll
    O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.6.0.27\IPS\IPSBHO.DLL (file missing)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
    O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\coIEPlg.dll
    O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    O4 - HKLM\..\Run: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
    O4 - HKLM\..\Run: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
    O4 - HKLM\..\Run: [Avira System Speedup User Starter] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe"
    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
    O4 - HKCU\..\Run: [BingSvc] C:\Users\EdgarOmar\AppData\Local\Microsoft\BingSvc\BingSvc.exe
    O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
    O4 - HKCU\..\Run: [OneDrive] "C:\Users\EdgarOmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --enable-touch-events --flag-switches-begin --flag-switches-end --restore-last-session
    O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Descargar con Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Descargar la selección con Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Descargar todo con Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Descargar video con Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
    O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
    O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: http://*.hola.org
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
    O23 - Service: Avira Programador (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
    O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
    O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\UtcResources.dll,-3001 (DiagTrack) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
    O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: GtkFree Update (GtkFree) - Unknown owner - C:\Program Files (x86)\GtkFree\GtkFree Update\GtkFree.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: Hola Better Internet Engine (hola_svc) - Hola Networks Ltd. - C:\Program Files\Hola\app\hola_svc.exe
    O23 - Service: Hola Better Internet Updater (hola_updater) - Hola Networks Ltd. - C:\Program Files\Hola\app\hola_updater.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\GeofenceMonitorService.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: Norton Anti-Theft (NAT) - Symantec Corporation - C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\NAV.exe
    O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
    O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: Avira System Speedup (SpeedupService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: TOSHIBA HDD Accelerator Service (THAccelSvc) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
    O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\Toshiba\Teco\TecoService.exe
    O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vmicres.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe
    O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

    --
    End of file - 32949 bytes

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hi! My name is zep516 and Welcome to Help2Go!
    I'll do the best I can to resolve your computer issue
    Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

    We would like to see a different scan that will show us a bit more about the computer. You should download the 64Bit version of Farber recovery scan tool.

    Also I see signs of two Anti Virus programs running. Not recommend.
    Norton Anti Virus
    Avira Antivirus

    Please uninstall one of them.

    Next

    Everything gets download to the desktop and tools are "Run as administrator."

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system . If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. You should use the 64Bit Version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
    Last edited by zep516; 02-02-2016 at 03:48 PM.

  3. #3
    Member
    Join Date
    Feb 2016
    Posts
    8
    Points
    0

    Default

    Before that more info, I was working on downloading some videos at tubeoffline for a certain site; they asked me to instal a plug-in. However I must had agreed for something else as some programs say, and got smartsearches. Got rid of it quickly following a Spanish guide to get rid of it, but noticed some problems. Went to Yuku's Computer Help Club, asked for help, placed a HJT log and after some things, they told me to come here and check if my pc still had problems. Norton was no longer working, so I installed Avira but suppoused there was no reason to unistall Norton as it is not working. (Norton came with my PC and recently expired, was reclutant to download a free anti-virus after in 2011 AVG crashed one of my laptops).

    Anyway, here are the log files:

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
    Ran by EdgarOmar (administrator) on COMPUPRINCIPAL (04-02-2016 16:41:58)
    Running from C:\Users\EdgarOmar\Downloads
    Loaded Profiles: EdgarOmar (Available Profiles: EdgarOmar)
    Platform: Windows 8.1 (X64) Language: Inglés (Estados Unidos)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
    (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
    (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
    (Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
    (Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
    (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
    (Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
    (Pokki) C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
    (Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TosTogKeyMon.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
    (TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
    (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    (Hola Networks Ltd.) C:\Program Files\Hola\app\hola.exe
    (SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
    () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
    (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
    (Pokki) C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe
    (TOSHIBA CORPORATION) C:\Program Files\Toshiba\HDD Accelerator\THAccelSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Pokki) C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
    (Pokki) C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)
    HKLM\...\Run: [SRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.)
    HKLM\...\Run: [TosTogKeyMon] => C:\Program Files\TOSHIBA\Hotkey\TosTogKeyMon.exe [2365792 2013-03-29] (TOSHIBA Corporation)
    HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
    HKLM\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [743336 2012-07-31] (TOSHIBA Corporation)
    HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
    HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
    HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
    HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
    HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
    HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2031232 2016-02-01] (Hola Networks Ltd.)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
    HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
    HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2016-01-19] ()
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1611160 2011-03-28] (CANON INC.)
    HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
    HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-04] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [14960 2016-01-12] (Avira Operations GmbH & Co. KG)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2015-12-28] (SlySoft, Inc.)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [BingSvc] => C:\Users\EdgarOmar\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-22] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-21] (SUPERAntiSpyware)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\RunOnce: [Application Restart #2] => C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7874560 2015-12-11] (Pokki)
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    BootExecute: autocheck autochk * sdnclean64.exe
    GroupPolicy: Restriction - Chrome <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{946EB574-F6DB-45B8-8F15-24183430BB30}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://bienvenido.toshiba.com?cid=J13
    hxxp://bienvenido.toshiba.com?cid=J13
    hxxp://bienvenido.toshiba.com?cid=J13
    hxxp://toshiba13.msn.com?pc=TNJB
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> DefaultScope {D97A3765-90CB-4092-829C-A6A621301399} URL =
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {93E576BA-E687-4697-9359-EE2AC0251EA5} URL = hxxps://mx.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {D97A3765-90CB-4092-829C-A6A621301399} URL =
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {E6E6D071-9B6F-4910-A4D7-4DA3811AA1E2} URL = hxxps://mx.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\20.6.0.27\IPS\IPSBHO.DLL => No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-31] (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-08-07] (FreeDownloadManager.ORG)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-31] (Oracle Corporation)

    FireFox:
    ========
    FF ProfilePath: C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
    FF DefaultSearchEngine: Google
    FF SearchEngineOrder.3: Bing
    FF Homepage: about:home
    FF Session Restore: -> is enabled.
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-31] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-31] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-11] ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
    FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\EdgarOmar\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-02-01] ()
    FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\EdgarOmar\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-02-01] (Hola)
    FF Plugin HKU\S-1-5-21-2814885961-1482200991-1285302695-1001: @hola.org/FlashPlayer -> C:\Users\EdgarOmar\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-02-01] ()
    FF Plugin HKU\S-1-5-21-2814885961-1482200991-1285302695-1001: @hola.org/vlc -> C:\Users\EdgarOmar\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-02-01] (Hola)
    FF SearchPlugin: C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\searchplugins\bing-.xml [2015-11-22]
    FF SearchPlugin: C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\searchplugins\yahoo-ysp.xml [2016-01-21]
    FF Extension: DownThemAll! - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06]
    FF Extension: S3.Google Translator - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\s3google@translator.xpi [2015-12-18]
    FF Extension: Ank Pixiv Tool - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\ankpixiv@snca.net.xpi [2015-12-23]
    FF Extension: Greasemonkey - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-01-10]
    FF Extension: Avira Browser Safety - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\abs@avira.com.xpi [2016-01-31]
    FF Extension: Ank Pixiv Tool - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\ankpixiv@snca.net.xpi [2015-12-23]
    FF Extension: Bing Search - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-22]
    FF Extension: Hola Better Internet - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2016-01-18]
    FF Extension: S3.Google Translator - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\s3google@translator.xpi [2015-12-18]
    FF Extension: Adblock Plus - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
    FF Extension: DownThemAll! - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06]
    FF Extension: Greasemonkey - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-01-10]
    FF Extension: Bing Search - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-22]
    FF Extension: Toshiba Defaults - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\defaults@toshiba.com [2016-01-28]
    FF Extension: Hola Better Internet - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2016-01-27]
    FF Extension: Adblock Plus - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
    FF Extension: New Tab by Yahoo - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-11-23] [not signed]
    FF HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.1
    FF Extension: Free Download Manager extension - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.1 [2016-01-28]

    Chrome:
    =======
    CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=es-es
    CHR NewTab: Default -> "chrome-extension://dfekdjmdikicceaiokcmmchenpilglhn/newtab.html"
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Presentaciones de Google) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-28]
    CHR Extension: (Rutor De Búsqueda De Archivos Torrent) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\agencljbacpfnclcbanachomfbeoilaa [2016-01-04]
    CHR Extension: (Google Docs) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-28]
    CHR Extension: (Google Drive) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
    CHR Extension: (Batch Image Downloader(ZIG Lite)) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedbigoemkinkepgmcmgnapjcahnedmn [2016-01-28]
    CHR Extension: (YouTube) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-28]
    CHR Extension: (Norton Security Toolbar) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-01-28]
    CHR Extension: (Búsqueda de Google) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
    CHR Extension: (Mainichi) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfekdjmdikicceaiokcmmchenpilglhn [2016-01-24]
    CHR Extension: (Tampermonkey) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-01-23]
    CHR Extension: (Hojas de cálculo de Google) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-28]
    CHR Extension: (Pixiv Downloader Free) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbkeopcpjainobjebddfcnnknmfipid [2016-01-25]
    CHR Extension: (Documentos de Google sin conexión) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
    CHR Extension: (Norton Identity Safe) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-11-11]
    CHR Extension: (Ugoira2GIF) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ionmgpeclkmpjkmfejilaihdegkjehfj [2016-01-03]
    CHR Extension: (IPA furigana) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnnbgnfnncobhklficfkdnclohaklifi [2016-01-04]
    CHR Extension: (PictureMate - View hidden pictures) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmlalkcjmglpgdkmkmmgjcajahkoigj [2015-11-11]
    CHR Extension: (Pixiv Downloader) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpfhmlbjibbcinophhcbmapjbhboodd [2015-12-19]
    CHR Extension: (Japanese Kanji Flashcards) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nadhjgmbonakiidhnbiijhbkgejpfhol [2016-01-24]
    CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-28]
    CHR Extension: (Gmail) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-28]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-04] (Avira Operations GmbH & Co. KG)
    S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
    R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-01-19] (Freemake) [File not signed]
    R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-01-19] (Ellora Assets Corp.) [File not signed]
    S2 GtkFree; C:\Program Files (x86)\GtkFree\GtkFree Update\GtkFree.exe [294072 2016-01-12] ()
    R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [8126592 2016-02-01] (Hola Networks Ltd.)
    R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8126592 2015-12-28] (Hola Networks Ltd.)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
    R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
    R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe [123320 2012-07-23] (Symantec Corporation)
    R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe [126392 2012-07-23] (Symantec Corporation)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [24224 2016-01-12] (Avira Operations GmbH & Co. KG)
    R2 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [214928 2013-10-17] (TOSHIBA CORPORATION)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-10-26] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-10-26] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
    R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
    R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-04] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-04] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-04] (Avira Operations GmbH & Co. KG)
    R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-10-26] (Microsoft Corporation)
    R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32768 2014-11-21] (Microsoft Corporation)
    R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
    R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
    R3 hidshim; C:\Windows\system32\DRIVERS\hidshim.sys [6656 2012-06-19] (Windows (R) Win 7 DDK provider)
    R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
    R3 nuvotonhidcir; C:\Windows\system32\DRIVERS\nuvotonhidcir.sys [32256 2012-06-19] (Nuvoton Technology Corporation)
    R3 RtkBtFilter2; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [48856 2013-09-06] (Realtek Microelectronics)
    R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation )
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
    R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-10-26] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-10-26] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-10-26] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-04 16:41 - 2016-02-04 16:42 - 00033187 _____ C:\Users\EdgarOmar\Downloads\FRST.txt
    2016-02-04 16:41 - 2016-02-04 16:41 - 00000000 ____D C:\FRST
    2016-02-04 16:34 - 2016-02-04 16:34 - 02370560 _____ (Farbar) C:\Users\EdgarOmar\Downloads\FRST64.exe
    2016-02-04 13:38 - 2016-01-31 14:50 - 00450902 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160204-133825.backup
    2016-02-04 12:56 - 2016-02-04 13:58 - 00248664 _____ C:\WINDOWS\ntbtlog.txt
    2016-02-04 12:50 - 2016-02-04 12:51 - 06828320 _____ (Piriform Ltd) C:\Users\EdgarOmar\Downloads\ccsetup514.exe
    2016-02-03 22:09 - 2016-02-03 22:09 - 00000000 ____D C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com
    2016-02-02 20:47 - 2016-02-02 20:47 - 00014960 _____ C:\WINDOWS\System32\Tasks\Browser Updater Task(Core)
    2016-02-02 20:47 - 2016-02-02 20:47 - 00000000 ____D C:\Program Files (x86)\WinTaske
    2016-02-02 20:47 - 2016-02-02 20:47 - 00000000 ____D C:\Program Files (x86)\Winsere
    2016-02-02 10:05 - 2016-02-03 22:07 - 1979711488 _____ C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com.part2.rar
    2016-02-01 02:05 - 2016-02-01 03:17 - 331191751 _____ C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com.part3.rar
    2016-01-31 14:50 - 2016-01-28 10:49 - 00450902 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160131-145040.backup
    2016-01-31 13:15 - 2016-01-31 13:15 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2016-01-31 13:15 - 2016-01-31 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-01-31 13:15 - 2016-01-31 13:15 - 00000000 ____D C:\Program Files (x86)\Java
    2016-01-31 13:06 - 2016-01-31 13:06 - 00643680 _____ (Oracle Corporation) C:\Users\EdgarOmar\Downloads\jxpiinstall.exe
    2016-01-31 12:59 - 2016-01-31 12:59 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Avira
    2016-01-31 03:42 - 2016-01-31 03:42 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Avira
    2016-01-31 02:40 - 2016-02-04 11:02 - 00000000 ____D C:\Users\Public\Speedup Sessions
    2016-01-31 02:40 - 2016-01-31 02:40 - 00003364 _____ C:\WINDOWS\System32\Tasks\Avira System Speedup Tray
    2016-01-31 02:40 - 2016-01-31 02:40 - 00001170 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
    2016-01-31 02:35 - 2015-12-04 07:38 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
    2016-01-31 02:35 - 2015-12-04 07:38 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
    2016-01-31 02:35 - 2015-12-04 07:38 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
    2016-01-31 02:35 - 2015-12-04 07:38 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
    2016-01-31 02:03 - 2016-01-31 02:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    2016-01-31 02:03 - 2016-01-31 02:03 - 00001241 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
    2016-01-31 02:02 - 2016-01-31 02:40 - 00000000 ____D C:\ProgramData\Avira
    2016-01-31 02:02 - 2016-01-31 02:40 - 00000000 ____D C:\Program Files (x86)\Avira
    2016-01-30 19:56 - 2016-01-30 19:58 - 05427168 _____ (Avira Operations GmbH & Co. KG) C:\Users\EdgarOmar\Downloads\avira_es_av_56ad699fbc940__ws1.exe
    2016-01-30 19:38 - 2016-01-31 13:28 - 00001988 _____ C:\Users\EdgarOmar\Desktop\SUPERAntiSpyware Free Edition.lnk
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\SUPERAntiSpyware.com
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2016-01-30 13:52 - 2016-01-30 13:57 - 24552952 _____ (SUPERAntiSpyware) C:\Users\EdgarOmar\Downloads\SUPERAntiSpyware.exe
    2016-01-30 11:08 - 2016-01-30 11:08 - 00010938 _____ C:\Users\EdgarOmar\Documents\Monjas maria.wlmp
    2016-01-30 00:57 - 2016-01-30 00:57 - 00000000 ____D C:\ProgramData\GRETECH
    2016-01-30 00:43 - 2016-01-30 00:52 - 00013205 _____ C:\Users\EdgarOmar\Documents\Yoko Tsuno 000.wlmp
    2016-01-29 07:00 - 2016-01-29 07:05 - 00001783 _____ C:\Users\EdgarOmar\Documents\links ugentes.txt
    2016-01-29 01:15 - 2016-01-30 13:27 - 1979711488 _____ C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com.part1.rar
    2016-01-28 23:36 - 2016-01-28 23:36 - 00001281 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
    2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
    2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
    2016-01-28 23:33 - 2016-01-28 23:33 - 00001228 _____ C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
    2016-01-28 23:33 - 2016-01-28 23:33 - 00001204 _____ C:\Users\Public\Desktop\GOM Player.lnk
    2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\GRETECH
    2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
    2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\Program Files (x86)\GRETECH
    2016-01-28 23:25 - 2016-01-28 23:26 - 01710680 _____ C:\Users\EdgarOmar\Downloads\SetupVirtualCloneDrive5500.exe
    2016-01-28 23:22 - 2016-01-28 23:27 - 23021376 _____ (Gretech Corporation) C:\Users\EdgarOmar\Downloads\GOMPLAYERESSETUP.EXE
    2016-01-28 23:17 - 2016-01-28 23:17 - 00000000 ____D C:\Users\EdgarOmar\Downloads\sddm-003_jav-only.com
    2016-01-28 22:16 - 2016-01-28 23:17 - 277042267 _____ C:\Users\EdgarOmar\Downloads\sddm-003_jav-only.com.rar
    2016-01-28 21:50 - 2016-01-30 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2016-01-28 21:04 - 2016-01-28 21:11 - 00000000 ____D C:\Users\EdgarOmar\Documents\Session back ups mientras
    2016-01-28 20:30 - 2016-01-30 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2016-01-28 20:30 - 2016-01-28 20:30 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2016-01-28 20:30 - 2016-01-28 20:30 - 00001174 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2016-01-28 20:22 - 2016-01-28 20:28 - 43160576 _____ C:\Users\EdgarOmar\Downloads\Firefox-Setup-42.0-2-toshiba-download-MX.exe
    2016-01-28 10:49 - 2016-01-23 12:34 - 00450849 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160128-104900.backup
    2016-01-28 00:34 - 2016-02-04 12:52 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2016-01-28 00:34 - 2016-01-28 00:34 - 00002810 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
    2016-01-28 00:34 - 2016-01-28 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2016-01-28 00:34 - 2016-01-28 00:34 - 00000000 ____D C:\Program Files\CCleaner
    2016-01-28 00:13 - 2016-02-02 22:54 - 00003614 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2814885961-1482200991-1285302695-1001
    2016-01-28 00:08 - 2016-01-28 00:08 - 00000000 ____D C:\Users\EdgarOmar\Documents\Marcadores Chrome Enero 2016
    2016-01-28 00:07 - 2016-01-28 00:12 - 00000000 ____D C:\Users\EdgarOmar\Documents\Marcadores Firefox 28 Enero 2016
    2016-01-27 19:10 - 2016-01-30 01:16 - 00036018 _____ C:\Users\EdgarOmar\Documents\Monjas.wlmp
    2016-01-27 07:57 - 2016-01-27 07:57 - 00095870 _____ C:\Users\EdgarOmar\Downloads\SVDVD-514 金髪英語教師イジメ.torrent
    2016-01-27 07:40 - 2016-01-27 07:40 - 00001442 _____ C:\Users\EdgarOmar\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} [山野一] どぶさらい劇場.zip.torrent
    2016-01-27 07:38 - 2016-01-27 07:38 - 00041412 _____ C:\Users\EdgarOmar\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} Mitru - Black Lotus 1-6.zip.torrent
    2016-01-25 20:50 - 2016-01-25 20:52 - 06805440 _____ (Piriform Ltd) C:\Users\EdgarOmar\Downloads\ccsetup513.exe
    2016-01-23 15:34 - 2013-05-09 11:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\EdgarOmar\Downloads\HijackThis.exe
    2016-01-23 12:34 - 2016-01-23 12:33 - 00450849 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160123-123441.backup
    2016-01-23 12:33 - 2016-01-12 23:58 - 00450771 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160123-123353.backup
    2016-01-23 09:47 - 2016-01-23 09:47 - 00015086 _____ C:\WINDOWS\System32\Tasks\ACGPro Update
    2016-01-23 09:46 - 2016-01-23 09:46 - 00000000 ____D C:\Program Files (x86)\GtkFree
    2016-01-23 09:46 - 2016-01-23 09:46 - 00000000 ____D C:\Program Files (x86)\ACGPro
    2016-01-23 09:45 - 2016-02-02 20:48 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
    2016-01-23 09:45 - 2016-01-23 09:46 - 00000000 ____D C:\Users\Public\Documents\dmp
    2016-01-23 09:45 - 2016-01-23 09:45 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Setup Wizard
    2016-01-22 08:50 - 2016-01-22 09:04 - 00000000 ____D C:\Users\EdgarOmar\girls-from-the-back
    2016-01-22 08:35 - 2016-01-22 08:49 - 00000000 ____D C:\Users\EdgarOmar\homemade amateur anal
    2016-01-22 08:29 - 2016-01-22 08:32 - 00000000 ____D C:\Users\EdgarOmar\Pictures Ebony degrading bdsm
    2016-01-21 23:16 - 2016-01-21 23:16 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\YSearchUtil
    2016-01-21 20:12 - 2016-01-21 20:12 - 00371079 _____ C:\Users\EdgarOmar\Downloads\4325001_NACIONAL_20151218.pdf
    2016-01-21 20:07 - 2016-01-21 20:07 - 00423581 _____ C:\Users\EdgarOmar\Downloads\4325001_NACIONAL_20160120.pdf
    2016-01-19 20:12 - 2016-01-19 20:12 - 00000222 _____ C:\Users\EdgarOmar\Desktop\GUILTY GEAR XX ACCENT CORE PLUS R.url
    2016-01-19 20:11 - 2016-01-19 20:11 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Fairy Fencer F.url
    2016-01-19 09:33 - 2016-01-19 09:33 - 00000222 _____ C:\Users\EdgarOmar\Desktop\AKIBA'S TRIP Undead & Undressed.url
    2016-01-19 00:54 - 2016-01-19 00:54 - 00000220 _____ C:\Users\EdgarOmar\Desktop\BioShock Infinite.url
    2016-01-18 19:15 - 2016-01-18 19:15 - 00000222 _____ C:\Users\EdgarOmar\Desktop\NEKOPARA Vol. 1.url
    2016-01-18 18:18 - 2016-01-18 18:18 - 00000222 _____ C:\Users\EdgarOmar\Desktop\NEKOPARA Vol. 0.url
    2016-01-18 09:09 - 2016-01-18 09:11 - 12444088 _____ C:\Users\EdgarOmar\Downloads\testdisk-7.0.win.zip
    2016-01-18 09:05 - 2016-01-18 09:05 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Mugen Souls.url
    2016-01-16 16:59 - 2016-01-16 17:02 - 12593584 _____ C:\Users\EdgarOmar\Downloads\SetupAnyDVD7680.exe
    2016-01-16 15:00 - 2016-01-16 15:00 - 00000222 _____ C:\Users\EdgarOmar\Desktop\THE KING OF FIGHTERS XIII STEAM EDITION.url
    2016-01-16 11:38 - 2016-01-16 11:38 - 00000222 _____ C:\Users\EdgarOmar\Desktop\THE KING OF FIGHTERS 2002 UNLIMITED MATCH.url
    2016-01-15 23:05 - 2016-01-15 23:05 - 00000222 _____ C:\Users\EdgarOmar\Desktop\THE KING OF FIGHTERS '98 ULTIMATE MATCH FINAL EDITION.url
    2016-01-15 20:36 - 2016-01-15 20:36 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Mitsurugi Kamui Hikae.url
    2016-01-15 08:40 - 2016-01-15 08:40 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Vanguard Princess.url
    2016-01-15 00:43 - 2016-01-15 00:43 - 00000222 _____ C:\Users\EdgarOmar\Desktop\BlazBlue Calamity Trigger.url
    2016-01-14 19:19 - 2016-01-14 19:19 - 00000220 _____ C:\Users\EdgarOmar\Desktop\Garry's Mod.url
    2016-01-14 17:54 - 2016-01-14 17:54 - 00000222 _____ C:\Users\EdgarOmar\Desktop\SONIC THE HEDGEHOG 4 Episode II.url
    2016-01-14 16:00 - 2016-01-14 16:00 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Sakura Spirit.url
    2016-01-13 16:37 - 2016-01-13 16:37 - 00095848 _____ (Elaborate Bytes AG) C:\WINDOWS\SysWOW64\ElbyCDIO.dll
    2016-01-13 08:08 - 2015-12-10 22:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-01-13 08:08 - 2015-12-10 21:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-01-13 08:08 - 2015-12-10 21:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-01-13 08:08 - 2015-12-10 20:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2016-01-13 08:07 - 2015-12-10 22:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2016-01-13 08:07 - 2015-12-10 21:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2016-01-13 08:07 - 2015-12-10 21:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2016-01-13 08:07 - 2015-12-10 21:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2016-01-13 08:07 - 2015-12-10 21:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2016-01-13 08:07 - 2015-12-10 21:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2016-01-13 08:07 - 2015-12-10 21:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-01-13 08:07 - 2015-12-10 20:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-01-13 08:07 - 2015-12-10 20:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2016-01-13 08:07 - 2015-12-10 20:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-01-13 08:07 - 2015-12-10 20:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2016-01-13 08:07 - 2015-12-10 20:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-01-13 08:07 - 2015-12-10 20:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-01-13 08:07 - 2015-12-10 20:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2016-01-13 08:07 - 2015-12-10 20:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-01-13 08:07 - 2015-12-10 20:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-01-13 08:07 - 2015-12-10 20:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
    2016-01-13 08:05 - 2015-12-03 12:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
    2016-01-13 08:05 - 2015-12-03 12:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
    2016-01-13 08:05 - 2015-12-03 12:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
    2016-01-13 08:05 - 2015-12-03 12:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
    2016-01-13 08:05 - 2015-12-03 12:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
    2016-01-13 08:05 - 2015-12-03 11:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
    2016-01-13 08:05 - 2015-12-03 11:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
    2016-01-13 08:05 - 2015-12-03 11:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
    2016-01-13 08:05 - 2015-12-03 11:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
    2016-01-13 08:05 - 2015-12-03 11:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
    2016-01-13 08:05 - 2015-12-03 11:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
    2016-01-13 08:05 - 2015-12-03 11:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
    2016-01-13 08:05 - 2015-12-03 11:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
    2016-01-13 08:05 - 2015-12-03 11:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
    2016-01-13 08:05 - 2015-12-03 11:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
    2016-01-13 08:05 - 2015-12-03 10:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
    2016-01-13 08:05 - 2015-12-03 10:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
    2016-01-13 08:05 - 2015-12-02 09:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
    2016-01-13 08:05 - 2015-12-02 09:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
    2016-01-13 08:04 - 2015-12-30 13:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-01-13 08:04 - 2015-12-30 13:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2016-01-13 08:04 - 2015-12-30 13:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2016-01-13 08:04 - 2015-12-09 18:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-01-13 08:04 - 2015-12-07 04:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2016-01-13 08:04 - 2015-12-04 09:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2016-01-13 08:04 - 2015-12-03 13:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-01-13 08:04 - 2015-12-03 13:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2016-01-13 08:04 - 2015-12-03 13:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
    2016-01-13 08:04 - 2015-12-03 13:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
    2016-01-13 08:04 - 2015-12-03 13:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-01-13 08:04 - 2015-12-03 12:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2016-01-13 08:04 - 2015-12-03 12:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
    2016-01-13 08:04 - 2015-12-03 12:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
    2016-01-13 08:04 - 2015-12-03 12:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2016-01-13 08:04 - 2015-12-03 12:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2016-01-13 08:04 - 2015-12-03 11:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2016-01-13 08:04 - 2015-12-03 11:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
    2016-01-13 08:04 - 2015-12-03 11:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-01-13 08:04 - 2015-12-03 11:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2016-01-13 08:04 - 2015-12-03 10:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-01-13 08:00 - 2015-12-08 13:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
    2016-01-13 08:00 - 2015-12-08 13:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
    2016-01-12 23:58 - 2015-12-20 23:15 - 00450771 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160112-235846.backup
    2016-01-10 11:07 - 2016-01-10 13:02 - 419430400 _____ C:\Users\EdgarOmar\Downloads\quesn21.part1.rar
    2016-01-07 22:49 - 2016-01-07 22:49 - 00000000 ____D C:\WINDOWS\en
    2016-01-07 22:48 - 2016-01-07 22:48 - 00001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2016-01-07 22:48 - 2016-01-07 22:48 - 00000000 ____D C:\WINDOWS\es
    2016-01-07 22:47 - 2016-01-07 22:59 - 00005557 _____ C:\Users\EdgarOmar\Documents\My Movie.wlmp
    2016-01-07 22:35 - 2016-01-07 22:52 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Windows Live

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-04 16:40 - 2015-11-10 10:37 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Free Download Manager
    2016-02-04 16:32 - 2015-10-26 11:35 - 00000000 ____D C:\Users\EdgarOmar\OneDrive
    2016-02-04 14:14 - 2015-10-25 18:49 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2814885961-1482200991-1285302695-1001
    2016-02-04 14:11 - 2015-10-29 08:27 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform
    2016-02-04 14:08 - 2015-11-09 09:32 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-02-04 14:07 - 2013-08-22 08:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-02-04 14:07 - 2013-08-22 07:25 - 02359296 ___SH C:\WINDOWS\system32\config\BBI
    2016-02-04 12:48 - 2015-11-09 18:43 - 00000000 ____D C:\ProgramData\TEMP
    2016-02-04 12:48 - 2015-11-09 18:43 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
    2016-02-04 12:45 - 2015-11-09 13:30 - 00808790 _____ C:\WINDOWS\system32\perfh00A.dat
    2016-02-04 12:45 - 2015-11-09 13:30 - 00166676 _____ C:\WINDOWS\system32\perfc00A.dat
    2016-02-04 12:45 - 2014-11-21 02:44 - 01833224 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-02-04 12:45 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Inf
    2016-02-04 12:38 - 2012-11-14 20:32 - 00000000 ____D C:\ProgramData\Norton
    2016-02-04 12:38 - 2012-11-14 20:32 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
    2016-02-04 12:09 - 2013-08-22 07:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
    2016-02-04 12:09 - 2012-07-26 02:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
    2016-02-04 11:05 - 2015-10-28 22:58 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E0E359C8-833A-4B56-A975-1D3CEE2940A4}
    2016-02-03 22:25 - 2015-12-02 23:23 - 00000000 ____D C:\ProgramData\CanonIJPLM
    2016-02-03 20:46 - 2015-12-06 00:55 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\CDisplayEx
    2016-02-02 20:37 - 2015-11-19 20:43 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\vlc
    2016-02-01 22:51 - 2015-12-28 14:08 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Hola
    2016-02-01 22:23 - 2015-10-29 08:57 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\CrashDumps
    2016-01-31 19:46 - 2015-11-09 01:24 - 29189120 ___SH C:\Users\EdgarOmar\Downloads\Thumbs.db
    2016-01-31 19:30 - 2015-11-17 20:09 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Azureus
    2016-01-31 13:17 - 2015-12-10 12:02 - 00000000 ____D C:\ProgramData\Oracle
    2016-01-31 12:54 - 2013-08-22 08:44 - 00482384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-01-31 02:02 - 2015-10-29 09:11 - 00000000 ____D C:\ProgramData\Package Cache
    2016-01-30 20:41 - 2015-11-15 19:59 - 00001351 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
    2016-01-30 20:41 - 2015-11-15 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
    2016-01-28 23:47 - 2015-11-15 20:06 - 00001363 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
    2016-01-28 12:01 - 2015-11-17 20:09 - 00000000 ____D C:\Users\EdgarOmar\Documents\Vuze Downloads
    2016-01-28 00:45 - 2015-10-28 23:34 - 00000000 ____D C:\Program Files (x86)\Google
    2016-01-28 00:39 - 2015-10-29 11:49 - 00000000 ____D C:\WINDOWS\Minidump
    2016-01-28 00:39 - 2015-10-26 11:51 - 00000000 ___DC C:\WINDOWS\Panther
    2016-01-27 21:58 - 2015-11-15 10:00 - 00000000 ____D C:\Users\EdgarOmar\Documents\Movie Studio Platinum - Steam Powered 13.0 Proyectos
    2016-01-27 18:23 - 2015-11-15 01:47 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-01-23 16:00 - 2015-11-09 21:16 - 00001312 _____ C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux Player.lnk
    2016-01-23 16:00 - 2015-11-09 21:16 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Flux Player
    2016-01-23 09:31 - 2015-11-22 11:06 - 00000000 ____D C:\Program Files (x86)\freac
    2016-01-23 09:30 - 2013-08-22 09:36 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-01-23 09:30 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-01-23 09:26 - 2015-11-16 19:15 - 00000000 ____D C:\Users\EdgarOmar\Documents\My Kindle Content
    2016-01-23 09:24 - 2015-11-24 10:41 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Audacity
    2016-01-23 09:03 - 2015-10-26 11:03 - 00000000 ____D C:\Users\EdgarOmar
    2016-01-21 23:16 - 2015-11-09 18:44 - 00000258 __RSH C:\ProgramData\ntuser.pol
    2016-01-21 23:14 - 2015-11-17 20:08 - 00000000 ____D C:\Users\EdgarOmar\.oracle_jre_usage
    2016-01-20 00:16 - 2015-11-09 09:32 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2016-01-19 20:12 - 2015-11-15 02:22 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2016-01-15 19:30 - 2015-10-29 12:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
    2016-01-13 20:50 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\rescache
    2016-01-13 20:48 - 2015-11-24 11:19 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2016-01-13 20:48 - 2015-11-24 11:19 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2016-01-13 18:07 - 2015-10-29 09:41 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-01-13 18:07 - 2014-11-21 09:56 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
    2016-01-13 18:07 - 2012-07-26 01:59 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-01-13 08:25 - 2015-11-22 11:26 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2016-01-13 08:25 - 2015-11-22 11:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2016-01-13 08:24 - 2015-11-22 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2016-01-13 08:21 - 2015-10-28 23:51 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-01-13 08:15 - 2015-10-28 23:51 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-01-13 08:15 - 2013-08-22 07:25 - 00000167 _____ C:\WINDOWS\win.ini
    2016-01-12 11:32 - 2012-07-26 02:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2016-01-11 00:48 - 2016-01-04 20:59 - 00000000 ____D C:\Users\EdgarOmar\Documents\Anki
    2016-01-09 03:01 - 2015-12-03 00:22 - 00001016 _____ C:\Users\EdgarOmar\Desktop\CDisplayEx.lnk
    2016-01-09 02:25 - 2015-11-15 09:54 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Sony
    2016-01-08 08:09 - 2015-11-17 20:09 - 00000000 ____D C:\Program Files\Vuze
    2016-01-07 22:48 - 2012-11-14 21:00 - 00001401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    2016-01-07 22:48 - 2012-11-14 21:00 - 00000000 ____D C:\Program Files (x86)\Windows Live
    2016-01-05 14:04 - 2014-11-21 10:03 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2016-01-05 14:04 - 2014-11-21 10:03 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

    ==================== Files in the root of some directories =======

    2015-12-18 23:48 - 2015-12-18 23:53 - 0007597 _____ () C:\Users\EdgarOmar\AppData\Local\Resmon.ResmonCfg
    2015-11-15 01:35 - 2015-11-15 01:35 - 0000040 ___SH () C:\ProgramData\.zreglib

    Some files in TEMP:
    ====================
    C:\Users\EdgarOmar\AppData\Local\Temp\avgnt.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-01-26 20:13

    ==================== End of FRST.txt ============================
    Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
    Ran by EdgarOmar (2016-02-04 16:43:02)
    Running from C:\Users\EdgarOmar\Downloads
    Windows 8.1 (X64) (2015-10-26 17:30:51)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2814885961-1482200991-1285302695-500 - Administrator - Disabled)
    EdgarOmar (S-1-5-21-2814885961-1482200991-1285302695-1001 - Administrator - Enabled) => C:\Users\EdgarOmar
    Guest (S-1-5-21-2814885961-1482200991-1285302695-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2814885961-1482200991-1285302695-1005 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 15.08 beta (HKLM-x32\...\7-Zip) (Version: 15.08 - Igor Pavlov)
    99 Spirits (HKLM-x32\...\Steam App 258090) (Version: - TORaIKI)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
    AKIBA'S TRIP: Undead & Undressed (HKLM-x32\...\Steam App 333980) (Version: - ACQUIRE Corp.)
    Amazon Kindle (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Amazon Kindle) (Version: 1.13.0.42039 - Amazon)
    Anki (HKLM-x32\...\Anki) (Version: - )
    AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.7.0 - SlySoft)
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.6 - Atheros Communications Inc.)
    Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
    Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
    Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
    Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
    BlazBlue: Calamity Trigger (HKLM-x32\...\Steam App 263300) (Version: - Arc System Works)
    Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
    Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
    Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - )
    Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
    Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
    Cheetah Audio Converter (HKLM-x32\...\{B1914510-38B5-4835-83D8-A188073E542F}) (Version: - )
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Double Dragon Trilogy (HKLM-x32\...\Steam App 314150) (Version: - DotEmu)
    Dragons of Atlantis (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Pokki_cfada041afdc4a11092a096cac66ab6a0945d92b) (Version: v1.1.7 - Pokki)
    Edgeworld (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Pokki_2e9d53cc2b402b6e65aa9551308ca17a19c4721a) (Version: v1.1.8 - Pokki)
    Fairy Fencer F (HKLM-x32\...\Steam App 347830) (Version: - Idea Factory)
    FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
    FINAL FANTASY III (HKLM-x32\...\Steam App 239120) (Version: - Square Enix)
    FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)
    FINAL FANTASY VIII (HKLM-x32\...\Steam App 39150) (Version: - SQUARE ENIX)
    Flux Player (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Flux Player) (Version: 4.6.3.4647 - )
    FLV-Media-Player (HKLM-x32\...\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}) (Version: 2.0.3.2520 - HYBRIDWEB.de)
    Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32 - WildTangent) Hidden
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
    GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.76.5239 - Gretech Corporation)
    Goodgame Empire (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Pokki_149b46d4a102c0304583931ceaa3f0bf19785ee3) (Version: v1.1.7 - Pokki)
    Guilty Gear X2 #Reload (HKLM-x32\...\Steam App 314030) (Version: - Arc System Works)
    GUILTY GEAR XX ACCENT CORE PLUS R (HKLM-x32\...\Steam App 348550) (Version: - Arc System Works)
    Hola™ 1.11.607 - Better Internet (HKLM\...\Hola) (Version: 1.11.607 - Hola Networks Ltd.)
    Host App Service (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\SweetLabs_AP) (Version: 0.269.7.840 - Pokki)
    If My Heart Had Wings (HKLM-x32\...\Steam App 326480) (Version: - Moenovel)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
    Magical Battle Festa (HKLM-x32\...\Steam App 292480) (Version: - Fly System)
    Mahjong Pretty Girls Battle (HKLM-x32\...\Steam App 338060) (Version: - Zoo Corporation)
    Mayjasmine episode01 What is God? 五月茉莉 (HKLM-x32\...\Steam App 417110) (Version: - Erotes studio)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
    Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mitsurugi Kamui Hikae (HKLM-x32\...\Steam App 263620) (Version: - Zenith Blue)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Movie Studio 13 Platinum - Steam Powered (HKLM-x32\...\Steam App 330070) (Version: - Sony Creative Software)
    Movie Studio Platinum 13.0 - Steam Powered (64-bit) (HKLM\...\{1F7DB38F-51AA-11E5-8729-001E4FC0A7E5}) (Version: 13.0.957 - Sony)
    Mozilla Firefox 44.0 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 es-MX)) (Version: 44.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.0.5866 - Mozilla)
    Mugen Souls (HKLM-x32\...\Steam App 389870) (Version: - Idea Factory)
    MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
    NEKOPARA Vol. 0 (HKLM-x32\...\Steam App 385800) (Version: - NEKO WORKs)
    NEKOPARA Vol. 1 (HKLM-x32\...\Steam App 333600) (Version: - NEKO WORKs)
    Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
    Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
    Norton PC Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.18.15 - Symantec Corporation)
    Norton Security Dashboard (HKLM-x32\...\NortonSD) (Version: 1.1.1.9 - Symantec Corporation)
    Nuvoton CIR Device Drivers (HKLM-x32\...\{096C6EA4-738C-4A01-BB98-45B93B6B9B34}) (Version: 8.60.5001 - Nuvoton Technology Corporation)
    NWZ-E340 WALKMAN Guide (HKLM-x32\...\{E33956B7-301C-429D-9E6C-2C12EACB8A62}) (Version: 2.0.00.07010 - Sony Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 9.0.15.60 - Electronic Arts, Inc.)
    Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Pirate Storm (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Pokki_17dd240efdb0c50e8a5015de26b6d100f1b1072c) (Version: v1.1.7 - Pokki)
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.28.2013.0912 - REALTEK Semiconductor Corp)
    Realtek Bluetooth Filter Driver Package (x32 Version: 12.28.2013.0912 - REALTEK Semiconductor Corp) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6743 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
    REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
    Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
    Sakura Angels (HKLM-x32\...\Steam App 342380) (Version: - Winged Cloud)
    Sakura Spirit (HKLM-x32\...\Steam App 313740) (Version: - Winged Cloud)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Skullgirls (HKLM-x32\...\Steam App 245170) (Version: - Lab Zero Games)
    Skullgirls ∞Endless Beta∞ (HKLM-x32\...\Steam App 208610) (Version: - )
    Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
    Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
    SONIC THE HEDGEHOG 4 Episode II (HKLM-x32\...\Steam App 203650) (Version: - SEGA)
    SP Player (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\3332097300.wspr.webstream.ne.jp) (Version: - wspr.webstream.ne.jp)
    SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
    Start Menu (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\SweetLabs_Start_Menu) (Version: 0.269.7.840 - Pokki)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com)
    The Godfather (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Pokki_923d0f1d35897f6a6a73ba838623cda94c4ab689) (Version: v1.2.5 - Pokki)
    THE KING OF FIGHTERS 2002 UNLIMITED MATCH (HKLM-x32\...\Steam App 222440) (Version: - Code Mystics)
    THE KING OF FIGHTERS '98 ULTIMATE MATCH FINAL EDITION (HKLM-x32\...\Steam App 222420) (Version: - Code Mystics)
    THE KING OF FIGHTERS XIII STEAM EDITION (HKLM-x32\...\Steam App 222940) (Version: - SNK Playmore)
    The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
    Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
    TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
    Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
    TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
    TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
    TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
    TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.2.0000 - Toshiba Corporation)
    TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v1.0.0.11 - TOSHIBA Corporation)
    TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
    TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
    TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
    TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1013.0 - TOSHIBA CORPORATION)
    TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)
    TOSHIBA Service Station (HKLM\...\{63E575B6-BEF3-4DE7-823E-508837914157}) (Version: 2.6.16.0 - Toshiba Corporation)
    TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
    TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
    TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
    TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.49.124 - Toshiba Corporation)
    TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
    Transfer Utility LE (HKLM-x32\...\{F2C2709B-FB3D-458C-B12E-9AAA5EDCA670}) (Version: 1.02.126 - PIXELA)
    Tsukumogami (HKLM-x32\...\Steam App 262300) (Version: - TORaIKI)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
    Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version: - SEGA)
    Vanguard Princess (HKLM-x32\...\Steam App 262150) (Version: - Tomoaki Sugeno)
    Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
    VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.0.0 - Azureus Software, Inc.)
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
    WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Winged Sakura: Mindy's Arc (HKLM-x32\...\Steam App 331390) (Version: - WINGED SAKURA GAMES)
    WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
    WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
    zkanji v0.731 (HKLM-x32\...\zkanji) (Version: 0.731 - Sólyom Zoltán)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0B66AC13-A7D3-4619-8CD0-7B75EF4946B4} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
    Task: {10F3F659-4D6D-44EF-BE5A-96F59EE39289} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
    Task: {34D73491-BBFD-4BD2-9B29-2EEAC6E759CA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
    Task: {4DA46886-ED67-4B3C-BF66-B275D5924C28} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {4E76AAE9-6AA7-4D38-AE9D-BA258E324177} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\SearchesToYesbnd\BrowserUpdate.exe [2016-01-21] (Tencent)
    Task: {53F6790C-E9B6-4F18-9EE0-FD71AFFDD354} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {69414A02-5B98-41DA-A9D7-1134DFB331C2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
    Task: {6F622176-1D81-49F7-8BA3-BC5B06FB1A55} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
    Task: {71A07191-D008-42B6-B858-55ABE4D39319} - System32\Tasks\ACGPro Update => C:\Program Files (x86)\ACGPro\ACGPro Update\ACGPro.exe [2016-01-12] ()
    Task: {73F915B8-2867-412C-96CE-01C3534FB79D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {8FA2E5C1-E289-4F06-BED6-E6CC3D68DA01} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
    Task: {9D2E5675-CFCA-4793-A45B-E6FAB5E7743E} - System32\Tasks\SweetLabs App Platform => C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2015-12-11] (Pokki)
    Task: {A878EEF9-D882-4EDF-9223-CC59B001575B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
    Task: {A95883A2-1930-4CF2-853C-3E0105626C16} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2814885961-1482200991-1285302695-1001 => C:\Users\EdgarOmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-27] (Microsoft Corporation)
    Task: {AB1EF200-AD74-4A5E-A602-55CB562D0B40} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2814885961-1482200991-1285302695-1001
    Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
    Task: {CC917555-E6BE-4D2F-8169-3BD9C1315A0A} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2016-01-12] (Avira Operations GmbH & Co. KG)
    Task: {E1176BD7-B13E-4197-A939-C20B648812EA} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
    Task: {E68AADD1-99BF-4781-8BE9-DF5891F22F16} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
    Task: {E79E6EDA-6CE9-4504-AE1C-0F7D030D33A9} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2016-01-06] (Symantec Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2013-11-04 20:22 - 2013-11-04 20:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2012-03-16 17:24 - 2012-03-16 17:24 - 00091520 _____ () C:\Program Files\Toshiba\Hotkey\fsHid.dll
    2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
    2014-09-29 18:51 - 2014-09-29 18:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
    2015-11-15 19:59 - 2016-01-19 16:51 - 00073216 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
    2016-01-15 14:45 - 2016-01-15 14:45 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
    2015-11-24 09:43 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2015-11-24 09:43 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2015-11-24 09:43 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2015-11-24 09:43 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2015-11-24 09:43 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2015-10-25 18:30 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2015-04-28 14:15 - 2015-04-28 14:15 - 00569856 _____ () C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ppGoogleNaClPluginChrome.dll
    2015-04-28 14:15 - 2015-04-28 14:15 - 01400846 _____ () C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\avcodec-54.dll
    2015-04-28 14:15 - 2015-04-28 14:15 - 00151054 _____ () C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\avutil-51.dll
    2015-04-28 14:15 - 2015-04-28 14:15 - 00222734 _____ () C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\avformat-54.dll
    2015-11-09 20:16 - 2015-08-07 16:48 - 04932712 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
    2015-11-09 20:16 - 2015-07-23 18:08 - 00324096 _____ () C:\Program Files (x86)\Free Download Manager\ytparser.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1 Domains Technology Blog |
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> 1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> 123Movies - Watch Free Movies Streaming Online Now
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> WebMD - Better information. Better health.

    There are 7871 more sites.

    IE trusted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\hola.org -> hxxp://hola.org
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0411dd.com -> 0411dd.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0511zfhl.com -> 0511zfhl.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0632qyw.com -> 0632qyw.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0scan.com -> 0scan.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\1-2005-search.com -> www.1-2005-search.com

    There are 12688 more sites.


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 07:25 - 2016-02-04 13:38 - 00450954 ____R C:\WINDOWS\system32\Drivers\etc\hosts

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com
    127.0.0.1 123Movies - Watch Free Movies Streaming Online Now

    There are 15469 more lines.


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\EdgarOmar\Pictures\ふたなり尼さん&シスター噴水化 - 盲 - mekuranoookami - 盲 (43663952) .png
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
    HKLM\...\StartupApproved\Run: => "TRCMan"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "Free Download Manager"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "Steam"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "BingSvc"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{8B1E83F2-8938-4D69-9892-B46557ED97A4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{BF17192A-69C1-46A6-8845-73AF0CDABA61}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{FD4FD112-E952-4DB1-A9A6-5D7D7979728A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{21AD685C-C04D-46CC-9E35-6E0E17FD3CD0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{D2A62EE1-6218-41CD-B858-052FFEB272B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Dragon Trilogy\ddtrilogy.exe
    FirewallRules: [{BBFE0A6D-43D4-4690-B74C-03DD2AAF7004}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Dragon Trilogy\ddtrilogy.exe
    FirewallRules: [{05FFDD24-12C8-4E78-8770-88D7ADAB0E03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\99 Spirits.eXe
    FirewallRules: [{F664761F-9C4B-4954-9F5C-1AFB8802D4BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\99 Spirits.eXe
    FirewallRules: [{AF7F4627-7BFD-43A7-BF67-5998637E0135}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\English\Cage of Night.eXe
    FirewallRules: [{652E0083-A01A-4DF4-9736-2D54B8104E56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\English\Cage of Night.eXe
    FirewallRules: [{88162000-2730-4BDB-8947-87C672C1E79E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\Japanese\Cage of Night.eXe
    FirewallRules: [{987C4DB4-386B-465B-A9B0-F406D7D56D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\Japanese\Cage of Night.eXe
    FirewallRules: [{2D663A92-4654-446E-A6EE-066C4B013F3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\English\Weeping Demon's Bell.exe
    FirewallRules: [{1740F828-61F8-4AF8-8727-1E102E27A84A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\English\Weeping Demon's Bell.exe
    FirewallRules: [{371F1338-7070-4FB1-A5A6-EDC82403D35F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\Japanese\Weeping Demon's Bell.eXe
    FirewallRules: [{AB0D7300-ED76-4496-BD02-A07A05AFA09D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\Japanese\Weeping Demon's Bell.eXe
    FirewallRules: [TCP Query User{406715A4-57CF-4809-960C-9FE57C1F4936}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
    FirewallRules: [UDP Query User{AEBEC90A-AD0B-4B28-AC41-6A1EADCCE616}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
    FirewallRules: [{8371D454-323F-479D-B329-659486679A7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Winged Sakura Mindy's Arc\Winged Sakura Mindy's Arc.exe
    FirewallRules: [{37A1660E-8423-45C3-AD3A-6F8E67FE1655}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Winged Sakura Mindy's Arc\Winged Sakura Mindy's Arc.exe
    FirewallRules: [{4CCE3B66-6178-47FE-B13E-7BC6EBD6E29E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\ggx2.exe
    FirewallRules: [{396B0823-BED0-44B6-BE3C-6590E47ACA92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\ggx2.exe
    FirewallRules: [{433AA74E-3B88-44E8-A1A7-7A4194572516}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\config.exe
    FirewallRules: [{59226E7A-90A0-4C7B-BF97-B5BA8DDB3E8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\config.exe
    FirewallRules: [{8B661167-DBFF-4705-960D-0BF610CD8B02}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{95E0B624-2F9C-460B-B190-13E3693B5A90}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{54D11142-D95A-450E-AA48-FA800F77BE9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
    FirewallRules: [{BBD62464-0660-4B29-8213-71C0AF931E6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
    FirewallRules: [{5E181127-4239-4358-A50D-7F28D6F2D73B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\If My Heart Had Wings\AdvHD.exe
    FirewallRules: [{F3D8FFF9-89CD-4E25-A4B9-4F858CF155CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\If My Heart Had Wings\AdvHD.exe
    FirewallRules: [{D9475FE4-E7A8-41EE-A8CA-7144F7E2BC2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe
    FirewallRules: [{27D966B1-CDA3-404F-BCED-B9CBF9ECAB6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe
    FirewallRules: [{E3F67565-E217-4294-AB17-C1E97C3573D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magical Battle Festa\MBF.exe
    FirewallRules: [{214FBB4A-1C74-4905-A613-82B621131E4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magical Battle Festa\MBF.exe
    FirewallRules: [{EB569148-4339-4F62-85D4-A138966EB6B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MahJong Nagomi\MahjongPrettyGirlsBattle.exe
    FirewallRules: [{78064255-6A96-43A6-9DBF-1CE5E90C3E6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MahJong Nagomi\MahjongPrettyGirlsBattle.exe
    FirewallRules: [{616BFCD6-85E6-4429-9308-68A86E2AEF8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Angels\Sakura Angels.exe
    FirewallRules: [{AFB64DA5-53DA-4A16-A917-300C98BB95C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Angels\Sakura Angels.exe
    FirewallRules: [{51E3B544-AD37-4033-8D56-AFD0AED36D22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tsukumogami\99 Spirits.eXe
    FirewallRules: [{3409CA83-75E4-4A38-8924-BD555B96DCBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tsukumogami\99 Spirits.eXe
    FirewallRules: [{89EFAED1-54D7-483B-A1AE-50AF2DC69E49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe
    FirewallRules: [{F476C585-A9BE-46D3-9443-59A971DA3680}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe
    FirewallRules: [{1D115DDB-0338-4DDB-8FD6-172F05A002BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
    FirewallRules: [{B49777DB-0C3F-419E-A8BE-4548FA886EE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
    FirewallRules: [{8BFCAA61-2162-401F-A63E-75EA7AD4162B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
    FirewallRules: [{8A49A800-0E30-4642-A327-7A08FFB2323C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
    FirewallRules: [{C0190BF5-85BD-489B-ADAA-1CBD4251AB37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
    FirewallRules: [{24D6DFED-126A-401C-814C-159ED75D841A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
    FirewallRules: [{C6ADC445-B60A-412E-8E08-BCF97504AA56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\FF3_Launcher.exe
    FirewallRules: [{FEB757E0-DCA2-442C-AD0C-251F3B07D765}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\FF3_Launcher.exe
    FirewallRules: [{35FB39D5-6ED1-497E-884A-C806635866E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VIII\FF8_Launcher.exe
    FirewallRules: [{1C5B2C5D-CA2D-437F-BBB8-C8F091788980}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VIII\FF8_Launcher.exe
    FirewallRules: [{48634DAC-DB4A-477D-9D7B-4AA38F4B4BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
    FirewallRules: [{375E61A0-F3DD-46A4-9E82-4550B68ECB42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
    FirewallRules: [{984E1D84-7BF3-433C-A3F4-7664CEE2E888}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mayjasmine episode01 What is God\jasmine.eXe
    FirewallRules: [{D75A55C6-C6F5-4870-8FE2-EC231046275B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mayjasmine episode01 What is God\jasmine.eXe
    FirewallRules: [{00601D9D-2EBE-46A6-90F7-DCEE6044664A}] => (Allow) C:\Users\EdgarOmar\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{9F0B532E-58A4-4F7E-9021-9CAB34008662}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{CB0CD99B-25AB-4D04-85D9-656F24862DCE}] => (Allow) LPort=2869
    FirewallRules: [{6E31655B-4E6F-4780-9188-E0548AB09E31}] => (Allow) LPort=1900
    FirewallRules: [{D16E5456-C7EE-496D-95A2-1806EB5E8A9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Spirit\Sakura Spirit.exe
    FirewallRules: [{450A9D74-01F2-48B4-8D1F-90B1889073F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Spirit\Sakura Spirit.exe
    FirewallRules: [{490DC05A-9BBC-4321-A427-F6F950005AEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic the Hedgehog 4 - EP 2\Launcher.exe
    FirewallRules: [{083791C3-7014-4E34-B40F-7742F662ACF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic the Hedgehog 4 - EP 2\Launcher.exe
    FirewallRules: [{6735D8F3-B332-48D7-8D7E-7AC5507B1575}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
    FirewallRules: [{71922E39-D26D-45BC-971E-6486712A6613}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
    FirewallRules: [{1DF65432-43F2-4036-AF91-9B8AC02A983B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\vanguard-princess\vanpri.exe
    FirewallRules: [{AFA390FC-A30D-4158-810F-1A68CFE0D9A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\vanguard-princess\vanpri.exe
    FirewallRules: [{F7DBD141-08F7-4472-9D38-F56B54AE1667}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
    FirewallRules: [{7314BF00-1A86-470A-8CF9-EBCEA8FE9948}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
    FirewallRules: [{00E4DA3E-23E3-4DC6-9ABD-01A37745D6C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters'98 Ultimate Match\KingOfFighters98UM.exe
    FirewallRules: [{A3B6321F-5F37-4E7F-B003-52D02EFC7301}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters'98 Ultimate Match\KingOfFighters98UM.exe
    FirewallRules: [{78D7382A-641E-4215-A86E-B77638FFB46A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters 2002 Unlimited Match\KingOfFighters2002UM.exe
    FirewallRules: [{697FA79A-B301-4D3F-BB2D-73F8E8C6A1A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters 2002 Unlimited Match\KingOfFighters2002UM.exe
    FirewallRules: [{6BE971C1-61E6-4763-B4D0-E6DF051FBA19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Calamity Trigger\BBCT.exe
    FirewallRules: [{F6EEF78C-1033-41BC-AEEF-ADE7F7581802}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Calamity Trigger\BBCT.exe
    FirewallRules: [{8F22E63B-079E-4A45-AA1F-3DD575423A93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King of Fighters XIII\kofxiii.exe
    FirewallRules: [{E6479E69-168F-4C9D-93F9-4FD35A8F0131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King of Fighters XIII\kofxiii.exe
    FirewallRules: [{64B13CA7-C437-498B-AFED-41E6429D12C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mugen Souls\MugenSouls.exe
    FirewallRules: [{A6BF8F56-1589-4E39-AE70-53FDEA4F5FD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mugen Souls\MugenSouls.exe
    FirewallRules: [{E0E2F9B9-034E-4375-AD56-7D065C02ED58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 0\nekopara_vol0.exe
    FirewallRules: [{0CC40E14-B82B-48E2-9D90-B25C09C7EB38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 0\nekopara_vol0.exe
    FirewallRules: [{31CD37D8-56D3-4A08-A98C-7DA3410FC214}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe
    FirewallRules: [{3F5525C7-4672-4E49-A4EE-AA3E0F84B557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe
    FirewallRules: [{F15C9ECD-046D-4597-A70C-57AAB06AA7AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Akiba's Trip Undead & Undressed\AkibaUU.exe
    FirewallRules: [{A307197F-4FA0-4CFC-9B0C-77E5D900F3DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Akiba's Trip Undead & Undressed\AkibaUU.exe
    FirewallRules: [{59BB4DF1-7E08-4E10-9EB5-761555D97C3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear XX Accent Core Plus R\GGXXACPR_Win.exe
    FirewallRules: [{3B6E09DE-82B8-4353-AA8C-ABF05125A149}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear XX Accent Core Plus R\GGXXACPR_Win.exe
    FirewallRules: [{9DD68CD0-AD87-4EEB-A753-B37A2E200272}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
    FirewallRules: [{D51D8502-FD32-44AF-ADE3-7B0E2ECDE8A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
    FirewallRules: [{60A07B5E-E7FD-4366-A5F3-629A8F89954F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
    FirewallRules: [{D9ABEE87-D72F-4CCC-8301-825640834604}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
    FirewallRules: [{271D24AB-1637-4A96-AD2F-669CD3A0CC15}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{792D631F-EC0F-4EF1-AC37-4DF46473F928}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{CAF8273F-9736-4C0F-84D5-FDBD5E691071}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{3C4EBCAA-3756-4FAD-8487-E9928A586F54}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Restore Points =========================

    02-02-2016 08:59:58 Scheduled Checkpoint

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/04/2016 11:34:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: El programa backgroundTaskHost.exe, versión 6.3.9600.17415, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

    Identificador de proceso: 1054

    Hora de inicio: 01d15f71a2bf00d6

    Hora de finalización: 4294967295

    Ruta de acceso de la aplicación: C:\WINDOWS\system32\backgroundTaskHost.exe

    Identificador de informe: 96958ea1-cb65-11e5-beb2-c0d9622d7303

    Nombre completo de paquete con errores: Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t

    Identificador de aplicación relativa del paquete con errores: App

    Error: (02/04/2016 11:19:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: El programa backgroundTaskHost.exe, versión 6.3.9600.17415, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

    Identificador de proceso: 511c

    Hora de inicio: 01d15f6f8a6309f4

    Hora de finalización: 4294967295

    Ruta de acceso de la aplicación: C:\WINDOWS\system32\backgroundTaskHost.exe

    Identificador de informe: 7e0ed6eb-cb63-11e5-beb2-c0d9622d7303

    Nombre completo de paquete con errores: Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t

    Identificador de aplicación relativa del paquete con errores: App

    Error: (02/03/2016 10:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUPRINCIPAL)
    Description: No se pudo activar la aplicación Amazon.com.Amazon_343d40qqvtj1t!App debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

    Error: (02/03/2016 10:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUPRINCIPAL)
    Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

    Error: (02/03/2016 10:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUPRINCIPAL)
    Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

    Error: (02/02/2016 02:13:43 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: firefox.exe, versión: 44.0.0.5866, marca de tiempo: 0x56a4222c
    Nombre del módulo con errores: flvsniff.dll, versión: 1.0.1064.0, marca de tiempo: 0x56277a44
    Código de excepción: 0xc0000005
    Desplazamiento de errores: 0x0008b5bf
    Identificador del proceso con errores: 0x2454
    Hora de inicio de la aplicación con errores: 0xfirefox.exe0
    Ruta de acceso de la aplicación con errores: firefox.exe1
    Ruta de acceso del módulo con errores: firefox.exe2
    Identificador del informe: firefox.exe3
    Nombre completo del paquete con errores: firefox.exe4
    Identificador de aplicación relativa del paquete con errores: firefox.exe5

    Error: (02/01/2016 10:23:05 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: OneDrive.exe, versión: 17.3.6281.1202, marca de tiempo: 0x565fc8be
    Nombre del módulo con errores: KERNELBASE.dll, versión: 6.3.9600.18007, marca de tiempo: 0x55c4bcfc
    Código de excepción: 0x80000003
    Desplazamiento de errores: 0x000b8f62
    Identificador del proceso con errores: 0x2634
    Hora de inicio de la aplicación con errores: 0xOneDrive.exe0
    Ruta de acceso de la aplicación con errores: OneDrive.exe1
    Ruta de acceso del módulo con errores: OneDrive.exe2
    Identificador del informe: OneDrive.exe3
    Nombre completo del paquete con errores: OneDrive.exe4
    Identificador de aplicación relativa del paquete con errores: OneDrive.exe5

    Error: (01/30/2016 08:41:20 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: FreemakeUtilsService.exe, versión: 1.0.0.0, marca de tiempo: 0x569e3ec3
    Nombre del módulo con errores: KERNELBASE.dll, versión: 6.3.9600.18007, marca de tiempo: 0x55c4bcfc
    Código de excepción: 0xe0434352
    Desplazamiento de errores: 0x00015b68
    Identificador del proceso con errores: 0x1088
    Hora de inicio de la aplicación con errores: 0xFreemakeUtilsService.exe0
    Ruta de acceso de la aplicación con errores: FreemakeUtilsService.exe1
    Ruta de acceso del módulo con errores: FreemakeUtilsService.exe2
    Identificador del informe: FreemakeUtilsService.exe3
    Nombre completo del paquete con errores: FreemakeUtilsService.exe4
    Identificador de aplicación relativa del paquete con errores: FreemakeUtilsService.exe5

    Error: (01/30/2016 08:41:20 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: FreemakeUtilsService.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.ArgumentException
    Stack:
    at System.Security.Principal.SecurityIdentifier..ctor(System.String)
    at FreemakeUtilsService.Common.ToolbarInstallationChecker.GetSidToUsernameDictionary()
    at FreemakeUtilsService.Common.ToolbarInstallationChecker.CheckInfo(FreemakeUtilsService.Common.FreemakeToolbarsInfo)
    at FreemakeUtilsService.Statistics.Manager.StartToolbarInfoCheck()
    at FreemakeUtilsService.Statistics.Manager.SettingsSyncFailed(System.Object, System.EventArgs)
    at FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
    at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
    at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
    at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
    at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
    at System.Threading.ThreadPoolWorkQueue.Dispatch()
    at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

    Error: (01/28/2016 01:01:40 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: IEXPLORE.EXE, versión: 11.0.9600.18124, marca de tiempo: 0x5641278d
    Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.18185, marca de tiempo: 0x5683eff4
    Código de excepción: 0xc0000374
    Desplazamiento de errores: 0x000e5954
    Identificador del proceso con errores: 0x9dc
    Hora de inicio de la aplicación con errores: 0xIEXPLORE.EXE0
    Ruta de acceso de la aplicación con errores: IEXPLORE.EXE1
    Ruta de acceso del módulo con errores: IEXPLORE.EXE2
    Identificador del informe: IEXPLORE.EXE3
    Nombre completo del paquete con errores: IEXPLORE.EXE4
    Identificador de aplicación relativa del paquete con errores: IEXPLORE.EXE5


    System errors:
    =============
    Error: (02/04/2016 04:30:28 PM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

    Error: (02/04/2016 04:08:51 PM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

    Error: (02/04/2016 03:38:50 PM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

    Error: (02/04/2016 03:08:49 PM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

    Error: (02/04/2016 02:07:34 PM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

    Error: (02/04/2016 02:07:11 PM) (Source: DCOM) (EventID: 10005) (User: COMPUPRINCIPAL)
    Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

    Error: (02/04/2016 02:06:54 PM) (Source: DCOM) (EventID: 10005) (User: COMPUPRINCIPAL)
    Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

    Error: (02/04/2016 02:06:45 PM) (Source: DCOM) (EventID: 10005) (User: COMPUPRINCIPAL)
    Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

    Error: (02/04/2016 02:06:21 PM) (Source: DCOM) (EventID: 10005) (User: COMPUPRINCIPAL)
    Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

    Error: (02/04/2016 02:00:59 PM) (Source: DCOM) (EventID: 10005) (User: COMPUPRINCIPAL)
    Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
    Percentage of memory in use: 28%
    Total physical RAM: 6028.24 MB
    Available physical RAM: 4322.91 MB
    Total Virtual: 13964.24 MB
    Available Virtual: 11344.21 MB

    ==================== Drives ================================

    Drive c: (TI10657500D) (Fixed) (Total:919.88 GB) (Free:566.99 GB) NTFS

    ==================== MBR & Partition Table ==================

    ==================== End of Addition.txt ============================

  4. #4
    Member
    Join Date
    Feb 2016
    Posts
    8
    Points
    0

    Default

    Before that more info, I was working on downloading some videos at tubeoffline for a certain site; they asked me to instal a plug-in. However I must had agreed for something else as some programs say, and got smartsearches. Got rid of it quickly following a Spanish guide to get rid of it, but noticed some problems. Went to Yuku's Computer Help Club, asked for help, placed a HJT log and after some things, they told me to come here and check if my pc still had problems. Norton was no longer working, so I installed Avira but suppoused there was no reason to unistall Norton as it is not working. (Norton came with my PC and recently expired, was reclutant to download a free anti-virus after in 2011 AVG crashed one of my laptops).

    Anyway, here are the log files:

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
    Ran by EdgarOmar (administrator) on COMPUPRINCIPAL (04-02-2016 16:41:58)
    Running from C:\Users\EdgarOmar\Downloads
    Loaded Profiles: EdgarOmar (Available Profiles: EdgarOmar)
    Platform: Windows 8.1 (X64) Language: Inglés (Estados Unidos)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
    (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
    (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
    (Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
    (Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
    (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
    (Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
    (Pokki) C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
    (Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TosTogKeyMon.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
    (TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
    (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    (Hola Networks Ltd.) C:\Program Files\Hola\app\hola.exe
    (SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
    () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
    (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
    (Pokki) C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe
    (TOSHIBA CORPORATION) C:\Program Files\Toshiba\HDD Accelerator\THAccelSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Pokki) C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
    (Pokki) C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)
    HKLM\...\Run: [SRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.)
    HKLM\...\Run: [TosTogKeyMon] => C:\Program Files\TOSHIBA\Hotkey\TosTogKeyMon.exe [2365792 2013-03-29] (TOSHIBA Corporation)
    HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
    HKLM\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [743336 2012-07-31] (TOSHIBA Corporation)
    HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
    HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
    HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
    HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
    HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
    HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2031232 2016-02-01] (Hola Networks Ltd.)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
    HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
    HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2016-01-19] ()
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1611160 2011-03-28] (CANON INC.)
    HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
    HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-04] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [14960 2016-01-12] (Avira Operations GmbH & Co. KG)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2015-12-28] (SlySoft, Inc.)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [BingSvc] => C:\Users\EdgarOmar\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-22] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-21] (SUPERAntiSpyware)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\RunOnce: [Application Restart #2] => C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7874560 2015-12-11] (Pokki)
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    BootExecute: autocheck autochk * sdnclean64.exe
    GroupPolicy: Restriction - Chrome <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{946EB574-F6DB-45B8-8F15-24183430BB30}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://bienvenido.toshiba.com?cid=J13
    hxxp://bienvenido.toshiba.com?cid=J13
    hxxp://bienvenido.toshiba.com?cid=J13
    hxxp://toshiba13.msn.com?pc=TNJB
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> DefaultScope {D97A3765-90CB-4092-829C-A6A621301399} URL =
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {93E576BA-E687-4697-9359-EE2AC0251EA5} URL = hxxps://mx.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {D97A3765-90CB-4092-829C-A6A621301399} URL =
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {E6E6D071-9B6F-4910-A4D7-4DA3811AA1E2} URL = hxxps://mx.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\20.6.0.27\IPS\IPSBHO.DLL => No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-31] (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-08-07] (FreeDownloadManager.ORG)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-31] (Oracle Corporation)

    FireFox:
    ========
    FF ProfilePath: C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
    FF DefaultSearchEngine: Google
    FF SearchEngineOrder.3: Bing
    FF Homepage: about:home
    FF Session Restore: -> is enabled.
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-31] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-31] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-11] ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
    FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\EdgarOmar\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-02-01] ()
    FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\EdgarOmar\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-02-01] (Hola)
    FF Plugin HKU\S-1-5-21-2814885961-1482200991-1285302695-1001: @hola.org/FlashPlayer -> C:\Users\EdgarOmar\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-02-01] ()
    FF Plugin HKU\S-1-5-21-2814885961-1482200991-1285302695-1001: @hola.org/vlc -> C:\Users\EdgarOmar\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-02-01] (Hola)
    FF SearchPlugin: C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\searchplugins\bing-.xml [2015-11-22]
    FF SearchPlugin: C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\searchplugins\yahoo-ysp.xml [2016-01-21]
    FF Extension: DownThemAll! - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06]
    FF Extension: S3.Google Translator - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\s3google@translator.xpi [2015-12-18]
    FF Extension: Ank Pixiv Tool - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\ankpixiv@snca.net.xpi [2015-12-23]
    FF Extension: Greasemonkey - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-01-10]
    FF Extension: Avira Browser Safety - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\abs@avira.com.xpi [2016-01-31]
    FF Extension: Ank Pixiv Tool - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\ankpixiv@snca.net.xpi [2015-12-23]
    FF Extension: Bing Search - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-22]
    FF Extension: Hola Better Internet - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2016-01-18]
    FF Extension: S3.Google Translator - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\s3google@translator.xpi [2015-12-18]
    FF Extension: Adblock Plus - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
    FF Extension: DownThemAll! - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06]
    FF Extension: Greasemonkey - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-01-10]
    FF Extension: Bing Search - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-22]
    FF Extension: Toshiba Defaults - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\defaults@toshiba.com [2016-01-28]
    FF Extension: Hola Better Internet - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2016-01-27]
    FF Extension: Adblock Plus - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
    FF Extension: New Tab by Yahoo - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-11-23] [not signed]
    FF HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.1
    FF Extension: Free Download Manager extension - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.1 [2016-01-28]

    Chrome:
    =======
    CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=es-es
    CHR NewTab: Default -> "chrome-extension://dfekdjmdikicceaiokcmmchenpilglhn/newtab.html"
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Presentaciones de Google) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-28]
    CHR Extension: (Rutor De Búsqueda De Archivos Torrent) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\agencljbacpfnclcbanachomfbeoilaa [2016-01-04]
    CHR Extension: (Google Docs) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-28]
    CHR Extension: (Google Drive) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
    CHR Extension: (Batch Image Downloader(ZIG Lite)) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedbigoemkinkepgmcmgnapjcahnedmn [2016-01-28]
    CHR Extension: (YouTube) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-28]
    CHR Extension: (Norton Security Toolbar) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-01-28]
    CHR Extension: (Búsqueda de Google) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
    CHR Extension: (Mainichi) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfekdjmdikicceaiokcmmchenpilglhn [2016-01-24]
    CHR Extension: (Tampermonkey) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-01-23]
    CHR Extension: (Hojas de cálculo de Google) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-28]
    CHR Extension: (Pixiv Downloader Free) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbkeopcpjainobjebddfcnnknmfipid [2016-01-25]
    CHR Extension: (Documentos de Google sin conexión) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
    CHR Extension: (Norton Identity Safe) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-11-11]
    CHR Extension: (Ugoira2GIF) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ionmgpeclkmpjkmfejilaihdegkjehfj [2016-01-03]
    CHR Extension: (IPA furigana) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnnbgnfnncobhklficfkdnclohaklifi [2016-01-04]
    CHR Extension: (PictureMate - View hidden pictures) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmlalkcjmglpgdkmkmmgjcajahkoigj [2015-11-11]
    CHR Extension: (Pixiv Downloader) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpfhmlbjibbcinophhcbmapjbhboodd [2015-12-19]
    CHR Extension: (Japanese Kanji Flashcards) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nadhjgmbonakiidhnbiijhbkgejpfhol [2016-01-24]
    CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-28]
    CHR Extension: (Gmail) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-28]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-04] (Avira Operations GmbH & Co. KG)
    S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
    R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-01-19] (Freemake) [File not signed]
    R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-01-19] (Ellora Assets Corp.) [File not signed]
    S2 GtkFree; C:\Program Files (x86)\GtkFree\GtkFree Update\GtkFree.exe [294072 2016-01-12] ()
    R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [8126592 2016-02-01] (Hola Networks Ltd.)
    R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8126592 2015-12-28] (Hola Networks Ltd.)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
    R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
    R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe [123320 2012-07-23] (Symantec Corporation)
    R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe [126392 2012-07-23] (Symantec Corporation)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [24224 2016-01-12] (Avira Operations GmbH & Co. KG)
    R2 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [214928 2013-10-17] (TOSHIBA CORPORATION)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-10-26] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-10-26] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
    R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
    R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-04] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-04] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-04] (Avira Operations GmbH & Co. KG)
    R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-10-26] (Microsoft Corporation)
    R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32768 2014-11-21] (Microsoft Corporation)
    R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
    R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
    R3 hidshim; C:\Windows\system32\DRIVERS\hidshim.sys [6656 2012-06-19] (Windows (R) Win 7 DDK provider)
    R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
    R3 nuvotonhidcir; C:\Windows\system32\DRIVERS\nuvotonhidcir.sys [32256 2012-06-19] (Nuvoton Technology Corporation)
    R3 RtkBtFilter2; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [48856 2013-09-06] (Realtek Microelectronics)
    R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation )
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
    R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-10-26] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-10-26] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-10-26] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-04 16:41 - 2016-02-04 16:42 - 00033187 _____ C:\Users\EdgarOmar\Downloads\FRST.txt
    2016-02-04 16:41 - 2016-02-04 16:41 - 00000000 ____D C:\FRST
    2016-02-04 16:34 - 2016-02-04 16:34 - 02370560 _____ (Farbar) C:\Users\EdgarOmar\Downloads\FRST64.exe
    2016-02-04 13:38 - 2016-01-31 14:50 - 00450902 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160204-133825.backup
    2016-02-04 12:56 - 2016-02-04 13:58 - 00248664 _____ C:\WINDOWS\ntbtlog.txt
    2016-02-04 12:50 - 2016-02-04 12:51 - 06828320 _____ (Piriform Ltd) C:\Users\EdgarOmar\Downloads\ccsetup514.exe
    2016-02-03 22:09 - 2016-02-03 22:09 - 00000000 ____D C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com
    2016-02-02 20:47 - 2016-02-02 20:47 - 00014960 _____ C:\WINDOWS\System32\Tasks\Browser Updater Task(Core)
    2016-02-02 20:47 - 2016-02-02 20:47 - 00000000 ____D C:\Program Files (x86)\WinTaske
    2016-02-02 20:47 - 2016-02-02 20:47 - 00000000 ____D C:\Program Files (x86)\Winsere
    2016-02-02 10:05 - 2016-02-03 22:07 - 1979711488 _____ C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com.part2.rar
    2016-02-01 02:05 - 2016-02-01 03:17 - 331191751 _____ C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com.part3.rar
    2016-01-31 14:50 - 2016-01-28 10:49 - 00450902 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160131-145040.backup
    2016-01-31 13:15 - 2016-01-31 13:15 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2016-01-31 13:15 - 2016-01-31 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-01-31 13:15 - 2016-01-31 13:15 - 00000000 ____D C:\Program Files (x86)\Java
    2016-01-31 13:06 - 2016-01-31 13:06 - 00643680 _____ (Oracle Corporation) C:\Users\EdgarOmar\Downloads\jxpiinstall.exe
    2016-01-31 12:59 - 2016-01-31 12:59 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Avira
    2016-01-31 03:42 - 2016-01-31 03:42 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Avira
    2016-01-31 02:40 - 2016-02-04 11:02 - 00000000 ____D C:\Users\Public\Speedup Sessions
    2016-01-31 02:40 - 2016-01-31 02:40 - 00003364 _____ C:\WINDOWS\System32\Tasks\Avira System Speedup Tray
    2016-01-31 02:40 - 2016-01-31 02:40 - 00001170 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
    2016-01-31 02:35 - 2015-12-04 07:38 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
    2016-01-31 02:35 - 2015-12-04 07:38 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
    2016-01-31 02:35 - 2015-12-04 07:38 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
    2016-01-31 02:35 - 2015-12-04 07:38 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
    2016-01-31 02:03 - 2016-01-31 02:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    2016-01-31 02:03 - 2016-01-31 02:03 - 00001241 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
    2016-01-31 02:02 - 2016-01-31 02:40 - 00000000 ____D C:\ProgramData\Avira
    2016-01-31 02:02 - 2016-01-31 02:40 - 00000000 ____D C:\Program Files (x86)\Avira
    2016-01-30 19:56 - 2016-01-30 19:58 - 05427168 _____ (Avira Operations GmbH & Co. KG) C:\Users\EdgarOmar\Downloads\avira_es_av_56ad699fbc940__ws1.exe
    2016-01-30 19:38 - 2016-01-31 13:28 - 00001988 _____ C:\Users\EdgarOmar\Desktop\SUPERAntiSpyware Free Edition.lnk
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\SUPERAntiSpyware.com
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2016-01-30 13:52 - 2016-01-30 13:57 - 24552952 _____ (SUPERAntiSpyware) C:\Users\EdgarOmar\Downloads\SUPERAntiSpyware.exe
    2016-01-30 11:08 - 2016-01-30 11:08 - 00010938 _____ C:\Users\EdgarOmar\Documents\Monjas maria.wlmp
    2016-01-30 00:57 - 2016-01-30 00:57 - 00000000 ____D C:\ProgramData\GRETECH
    2016-01-30 00:43 - 2016-01-30 00:52 - 00013205 _____ C:\Users\EdgarOmar\Documents\Yoko Tsuno 000.wlmp
    2016-01-29 07:00 - 2016-01-29 07:05 - 00001783 _____ C:\Users\EdgarOmar\Documents\links ugentes.txt
    2016-01-29 01:15 - 2016-01-30 13:27 - 1979711488 _____ C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com.part1.rar
    2016-01-28 23:36 - 2016-01-28 23:36 - 00001281 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
    2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
    2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
    2016-01-28 23:33 - 2016-01-28 23:33 - 00001228 _____ C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
    2016-01-28 23:33 - 2016-01-28 23:33 - 00001204 _____ C:\Users\Public\Desktop\GOM Player.lnk
    2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\GRETECH
    2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
    2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\Program Files (x86)\GRETECH
    2016-01-28 23:25 - 2016-01-28 23:26 - 01710680 _____ C:\Users\EdgarOmar\Downloads\SetupVirtualCloneDrive5500.exe
    2016-01-28 23:22 - 2016-01-28 23:27 - 23021376 _____ (Gretech Corporation) C:\Users\EdgarOmar\Downloads\GOMPLAYERESSETUP.EXE
    2016-01-28 23:17 - 2016-01-28 23:17 - 00000000 ____D C:\Users\EdgarOmar\Downloads\sddm-003_jav-only.com
    2016-01-28 22:16 - 2016-01-28 23:17 - 277042267 _____ C:\Users\EdgarOmar\Downloads\sddm-003_jav-only.com.rar
    2016-01-28 21:50 - 2016-01-30 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2016-01-28 21:04 - 2016-01-28 21:11 - 00000000 ____D C:\Users\EdgarOmar\Documents\Session back ups mientras
    2016-01-28 20:30 - 2016-01-30 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2016-01-28 20:30 - 2016-01-28 20:30 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2016-01-28 20:30 - 2016-01-28 20:30 - 00001174 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2016-01-28 20:22 - 2016-01-28 20:28 - 43160576 _____ C:\Users\EdgarOmar\Downloads\Firefox-Setup-42.0-2-toshiba-download-MX.exe
    2016-01-28 10:49 - 2016-01-23 12:34 - 00450849 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160128-104900.backup
    2016-01-28 00:34 - 2016-02-04 12:52 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2016-01-28 00:34 - 2016-01-28 00:34 - 00002810 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
    2016-01-28 00:34 - 2016-01-28 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2016-01-28 00:34 - 2016-01-28 00:34 - 00000000 ____D C:\Program Files\CCleaner
    2016-01-28 00:13 - 2016-02-02 22:54 - 00003614 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2814885961-1482200991-1285302695-1001
    2016-01-28 00:08 - 2016-01-28 00:08 - 00000000 ____D C:\Users\EdgarOmar\Documents\Marcadores Chrome Enero 2016
    2016-01-28 00:07 - 2016-01-28 00:12 - 00000000 ____D C:\Users\EdgarOmar\Documents\Marcadores Firefox 28 Enero 2016
    2016-01-27 19:10 - 2016-01-30 01:16 - 00036018 _____ C:\Users\EdgarOmar\Documents\Monjas.wlmp
    2016-01-27 07:57 - 2016-01-27 07:57 - 00095870 _____ C:\Users\EdgarOmar\Downloads\SVDVD-514 金髪英語教師イジメ.torrent
    2016-01-27 07:40 - 2016-01-27 07:40 - 00001442 _____ C:\Users\EdgarOmar\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} [山野一] どぶさらい劇場.zip.torrent
    2016-01-27 07:38 - 2016-01-27 07:38 - 00041412 _____ C:\Users\EdgarOmar\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} Mitru - Black Lotus 1-6.zip.torrent
    2016-01-25 20:50 - 2016-01-25 20:52 - 06805440 _____ (Piriform Ltd) C:\Users\EdgarOmar\Downloads\ccsetup513.exe
    2016-01-23 15:34 - 2013-05-09 11:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\EdgarOmar\Downloads\HijackThis.exe
    2016-01-23 12:34 - 2016-01-23 12:33 - 00450849 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160123-123441.backup
    2016-01-23 12:33 - 2016-01-12 23:58 - 00450771 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160123-123353.backup
    2016-01-23 09:47 - 2016-01-23 09:47 - 00015086 _____ C:\WINDOWS\System32\Tasks\ACGPro Update
    2016-01-23 09:46 - 2016-01-23 09:46 - 00000000 ____D C:\Program Files (x86)\GtkFree
    2016-01-23 09:46 - 2016-01-23 09:46 - 00000000 ____D C:\Program Files (x86)\ACGPro
    2016-01-23 09:45 - 2016-02-02 20:48 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
    2016-01-23 09:45 - 2016-01-23 09:46 - 00000000 ____D C:\Users\Public\Documents\dmp
    2016-01-23 09:45 - 2016-01-23 09:45 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Setup Wizard
    2016-01-22 08:50 - 2016-01-22 09:04 - 00000000 ____D C:\Users\EdgarOmar\girls-from-the-back
    2016-01-22 08:35 - 2016-01-22 08:49 - 00000000 ____D C:\Users\EdgarOmar\homemade amateur anal
    2016-01-22 08:29 - 2016-01-22 08:32 - 00000000 ____D C:\Users\EdgarOmar\Pictures Ebony degrading bdsm
    2016-01-21 23:16 - 2016-01-21 23:16 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\YSearchUtil
    2016-01-21 20:12 - 2016-01-21 20:12 - 00371079 _____ C:\Users\EdgarOmar\Downloads\4325001_NACIONAL_20151218.pdf
    2016-01-21 20:07 - 2016-01-21 20:07 - 00423581 _____ C:\Users\EdgarOmar\Downloads\4325001_NACIONAL_20160120.pdf
    2016-01-19 20:12 - 2016-01-19 20:12 - 00000222 _____ C:\Users\EdgarOmar\Desktop\GUILTY GEAR XX ACCENT CORE PLUS R.url
    2016-01-19 20:11 - 2016-01-19 20:11 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Fairy Fencer F.url
    2016-01-19 09:33 - 2016-01-19 09:33 - 00000222 _____ C:\Users\EdgarOmar\Desktop\AKIBA'S TRIP Undead & Undressed.url
    2016-01-19 00:54 - 2016-01-19 00:54 - 00000220 _____ C:\Users\EdgarOmar\Desktop\BioShock Infinite.url
    2016-01-18 19:15 - 2016-01-18 19:15 - 00000222 _____ C:\Users\EdgarOmar\Desktop\NEKOPARA Vol. 1.url
    2016-01-18 18:18 - 2016-01-18 18:18 - 00000222 _____ C:\Users\EdgarOmar\Desktop\NEKOPARA Vol. 0.url
    2016-01-18 09:09 - 2016-01-18 09:11 - 12444088 _____ C:\Users\EdgarOmar\Downloads\testdisk-7.0.win.zip
    2016-01-18 09:05 - 2016-01-18 09:05 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Mugen Souls.url
    2016-01-16 16:59 - 2016-01-16 17:02 - 12593584 _____ C:\Users\EdgarOmar\Downloads\SetupAnyDVD7680.exe
    2016-01-16 15:00 - 2016-01-16 15:00 - 00000222 _____ C:\Users\EdgarOmar\Desktop\THE KING OF FIGHTERS XIII STEAM EDITION.url
    2016-01-16 11:38 - 2016-01-16 11:38 - 00000222 _____ C:\Users\EdgarOmar\Desktop\THE KING OF FIGHTERS 2002 UNLIMITED MATCH.url
    2016-01-15 23:05 - 2016-01-15 23:05 - 00000222 _____ C:\Users\EdgarOmar\Desktop\THE KING OF FIGHTERS '98 ULTIMATE MATCH FINAL EDITION.url
    2016-01-15 20:36 - 2016-01-15 20:36 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Mitsurugi Kamui Hikae.url
    2016-01-15 08:40 - 2016-01-15 08:40 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Vanguard Princess.url
    2016-01-15 00:43 - 2016-01-15 00:43 - 00000222 _____ C:\Users\EdgarOmar\Desktop\BlazBlue Calamity Trigger.url
    2016-01-14 19:19 - 2016-01-14 19:19 - 00000220 _____ C:\Users\EdgarOmar\Desktop\Garry's Mod.url
    2016-01-14 17:54 - 2016-01-14 17:54 - 00000222 _____ C:\Users\EdgarOmar\Desktop\SONIC THE HEDGEHOG 4 Episode II.url
    2016-01-14 16:00 - 2016-01-14 16:00 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Sakura Spirit.url
    2016-01-13 16:37 - 2016-01-13 16:37 - 00095848 _____ (Elaborate Bytes AG) C:\WINDOWS\SysWOW64\ElbyCDIO.dll
    2016-01-13 08:08 - 2015-12-10 22:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-01-13 08:08 - 2015-12-10 21:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-01-13 08:08 - 2015-12-10 21:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-01-13 08:08 - 2015-12-10 20:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2016-01-13 08:07 - 2015-12-10 22:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2016-01-13 08:07 - 2015-12-10 21:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2016-01-13 08:07 - 2015-12-10 21:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2016-01-13 08:07 - 2015-12-10 21:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2016-01-13 08:07 - 2015-12-10 21:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2016-01-13 08:07 - 2015-12-10 21:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2016-01-13 08:07 - 2015-12-10 21:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-01-13 08:07 - 2015-12-10 20:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-01-13 08:07 - 2015-12-10 20:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2016-01-13 08:07 - 2015-12-10 20:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-01-13 08:07 - 2015-12-10 20:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2016-01-13 08:07 - 2015-12-10 20:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-01-13 08:07 - 2015-12-10 20:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-01-13 08:07 - 2015-12-10 20:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2016-01-13 08:07 - 2015-12-10 20:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-01-13 08:07 - 2015-12-10 20:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-01-13 08:07 - 2015-12-10 20:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
    2016-01-13 08:05 - 2015-12-03 12:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
    2016-01-13 08:05 - 2015-12-03 12:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
    2016-01-13 08:05 - 2015-12-03 12:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
    2016-01-13 08:05 - 2015-12-03 12:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
    2016-01-13 08:05 - 2015-12-03 12:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
    2016-01-13 08:05 - 2015-12-03 11:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
    2016-01-13 08:05 - 2015-12-03 11:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
    2016-01-13 08:05 - 2015-12-03 11:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
    2016-01-13 08:05 - 2015-12-03 11:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
    2016-01-13 08:05 - 2015-12-03 11:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
    2016-01-13 08:05 - 2015-12-03 11:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
    2016-01-13 08:05 - 2015-12-03 11:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
    2016-01-13 08:05 - 2015-12-03 11:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
    2016-01-13 08:05 - 2015-12-03 11:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
    2016-01-13 08:05 - 2015-12-03 11:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
    2016-01-13 08:05 - 2015-12-03 10:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
    2016-01-13 08:05 - 2015-12-03 10:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
    2016-01-13 08:05 - 2015-12-02 09:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
    2016-01-13 08:05 - 2015-12-02 09:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
    2016-01-13 08:04 - 2015-12-30 13:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-01-13 08:04 - 2015-12-30 13:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2016-01-13 08:04 - 2015-12-30 13:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2016-01-13 08:04 - 2015-12-09 18:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-01-13 08:04 - 2015-12-07 04:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2016-01-13 08:04 - 2015-12-04 09:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2016-01-13 08:04 - 2015-12-03 13:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-01-13 08:04 - 2015-12-03 13:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2016-01-13 08:04 - 2015-12-03 13:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
    2016-01-13 08:04 - 2015-12-03 13:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
    2016-01-13 08:04 - 2015-12-03 13:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-01-13 08:04 - 2015-12-03 12:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2016-01-13 08:04 - 2015-12-03 12:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
    2016-01-13 08:04 - 2015-12-03 12:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
    2016-01-13 08:04 - 2015-12-03 12:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2016-01-13 08:04 - 2015-12-03 12:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2016-01-13 08:04 - 2015-12-03 11:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2016-01-13 08:04 - 2015-12-03 11:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
    2016-01-13 08:04 - 2015-12-03 11:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-01-13 08:04 - 2015-12-03 11:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2016-01-13 08:04 - 2015-12-03 10:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-01-13 08:00 - 2015-12-08 13:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
    2016-01-13 08:00 - 2015-12-08 13:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
    2016-01-12 23:58 - 2015-12-20 23:15 - 00450771 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160112-235846.backup
    2016-01-10 11:07 - 2016-01-10 13:02 - 419430400 _____ C:\Users\EdgarOmar\Downloads\quesn21.part1.rar
    2016-01-07 22:49 - 2016-01-07 22:49 - 00000000 ____D C:\WINDOWS\en
    2016-01-07 22:48 - 2016-01-07 22:48 - 00001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2016-01-07 22:48 - 2016-01-07 22:48 - 00000000 ____D C:\WINDOWS\es
    2016-01-07 22:47 - 2016-01-07 22:59 - 00005557 _____ C:\Users\EdgarOmar\Documents\My Movie.wlmp
    2016-01-07 22:35 - 2016-01-07 22:52 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Windows Live

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-04 16:40 - 2015-11-10 10:37 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Free Download Manager
    2016-02-04 16:32 - 2015-10-26 11:35 - 00000000 ____D C:\Users\EdgarOmar\OneDrive
    2016-02-04 14:14 - 2015-10-25 18:49 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2814885961-1482200991-1285302695-1001
    2016-02-04 14:11 - 2015-10-29 08:27 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform
    2016-02-04 14:08 - 2015-11-09 09:32 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-02-04 14:07 - 2013-08-22 08:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-02-04 14:07 - 2013-08-22 07:25 - 02359296 ___SH C:\WINDOWS\system32\config\BBI
    2016-02-04 12:48 - 2015-11-09 18:43 - 00000000 ____D C:\ProgramData\TEMP
    2016-02-04 12:48 - 2015-11-09 18:43 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
    2016-02-04 12:45 - 2015-11-09 13:30 - 00808790 _____ C:\WINDOWS\system32\perfh00A.dat
    2016-02-04 12:45 - 2015-11-09 13:30 - 00166676 _____ C:\WINDOWS\system32\perfc00A.dat
    2016-02-04 12:45 - 2014-11-21 02:44 - 01833224 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-02-04 12:45 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Inf
    2016-02-04 12:38 - 2012-11-14 20:32 - 00000000 ____D C:\ProgramData\Norton
    2016-02-04 12:38 - 2012-11-14 20:32 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
    2016-02-04 12:09 - 2013-08-22 07:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
    2016-02-04 12:09 - 2012-07-26 02:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
    2016-02-04 11:05 - 2015-10-28 22:58 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E0E359C8-833A-4B56-A975-1D3CEE2940A4}
    2016-02-03 22:25 - 2015-12-02 23:23 - 00000000 ____D C:\ProgramData\CanonIJPLM
    2016-02-03 20:46 - 2015-12-06 00:55 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\CDisplayEx
    2016-02-02 20:37 - 2015-11-19 20:43 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\vlc
    2016-02-01 22:51 - 2015-12-28 14:08 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Hola
    2016-02-01 22:23 - 2015-10-29 08:57 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\CrashDumps
    2016-01-31 19:46 - 2015-11-09 01:24 - 29189120 ___SH C:\Users\EdgarOmar\Downloads\Thumbs.db
    2016-01-31 19:30 - 2015-11-17 20:09 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Azureus
    2016-01-31 13:17 - 2015-12-10 12:02 - 00000000 ____D C:\ProgramData\Oracle
    2016-01-31 12:54 - 2013-08-22 08:44 - 00482384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-01-31 02:02 - 2015-10-29 09:11 - 00000000 ____D C:\ProgramData\Package Cache
    2016-01-30 20:41 - 2015-11-15 19:59 - 00001351 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
    2016-01-30 20:41 - 2015-11-15 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
    2016-01-28 23:47 - 2015-11-15 20:06 - 00001363 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
    2016-01-28 12:01 - 2015-11-17 20:09 - 00000000 ____D C:\Users\EdgarOmar\Documents\Vuze Downloads
    2016-01-28 00:45 - 2015-10-28 23:34 - 00000000 ____D C:\Program Files (x86)\Google
    2016-01-28 00:39 - 2015-10-29 11:49 - 00000000 ____D C:\WINDOWS\Minidump
    2016-01-28 00:39 - 2015-10-26 11:51 - 00000000 ___DC C:\WINDOWS\Panther
    2016-01-27 21:58 - 2015-11-15 10:00 - 00000000 ____D C:\Users\EdgarOmar\Documents\Movie Studio Platinum - Steam Powered 13.0 Proyectos
    2016-01-27 18:23 - 2015-11-15 01:47 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-01-23 16:00 - 2015-11-09 21:16 - 00001312 _____ C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux Player.lnk
    2016-01-23 16:00 - 2015-11-09 21:16 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Flux Player
    2016-01-23 09:31 - 2015-11-22 11:06 - 00000000 ____D C:\Program Files (x86)\freac
    2016-01-23 09:30 - 2013-08-22 09:36 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-01-23 09:30 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-01-23 09:26 - 2015-11-16 19:15 - 00000000 ____D C:\Users\EdgarOmar\Documents\My Kindle Content
    2016-01-23 09:24 - 2015-11-24 10:41 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Audacity
    2016-01-23 09:03 - 2015-10-26 11:03 - 00000000 ____D C:\Users\EdgarOmar
    2016-01-21 23:16 - 2015-11-09 18:44 - 00000258 __RSH C:\ProgramData\ntuser.pol
    2016-01-21 23:14 - 2015-11-17 20:08 - 00000000 ____D C:\Users\EdgarOmar\.oracle_jre_usage
    2016-01-20 00:16 - 2015-11-09 09:32 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2016-01-19 20:12 - 2015-11-15 02:22 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2016-01-15 19:30 - 2015-10-29 12:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
    2016-01-13 20:50 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\rescache
    2016-01-13 20:48 - 2015-11-24 11:19 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2016-01-13 20:48 - 2015-11-24 11:19 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2016-01-13 18:07 - 2015-10-29 09:41 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-01-13 18:07 - 2014-11-21 09:56 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
    2016-01-13 18:07 - 2012-07-26 01:59 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-01-13 08:25 - 2015-11-22 11:26 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2016-01-13 08:25 - 2015-11-22 11:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2016-01-13 08:24 - 2015-11-22 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2016-01-13 08:21 - 2015-10-28 23:51 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-01-13 08:15 - 2015-10-28 23:51 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-01-13 08:15 - 2013-08-22 07:25 - 00000167 _____ C:\WINDOWS\win.ini
    2016-01-12 11:32 - 2012-07-26 02:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2016-01-11 00:48 - 2016-01-04 20:59 - 00000000 ____D C:\Users\EdgarOmar\Documents\Anki
    2016-01-09 03:01 - 2015-12-03 00:22 - 00001016 _____ C:\Users\EdgarOmar\Desktop\CDisplayEx.lnk
    2016-01-09 02:25 - 2015-11-15 09:54 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Sony
    2016-01-08 08:09 - 2015-11-17 20:09 - 00000000 ____D C:\Program Files\Vuze
    2016-01-07 22:48 - 2012-11-14 21:00 - 00001401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    2016-01-07 22:48 - 2012-11-14 21:00 - 00000000 ____D C:\Program Files (x86)\Windows Live
    2016-01-05 14:04 - 2014-11-21 10:03 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2016-01-05 14:04 - 2014-11-21 10:03 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

    ==================== Files in the root of some directories =======

    2015-12-18 23:48 - 2015-12-18 23:53 - 0007597 _____ () C:\Users\EdgarOmar\AppData\Local\Resmon.ResmonCfg
    2015-11-15 01:35 - 2015-11-15 01:35 - 0000040 ___SH () C:\ProgramData\.zreglib

    Some files in TEMP:
    ====================
    C:\Users\EdgarOmar\AppData\Local\Temp\avgnt.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-01-26 20:13

    ==================== End of FRST.txt ============================
    Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
    Ran by EdgarOmar (2016-02-04 16:43:02)
    Running from C:\Users\EdgarOmar\Downloads
    Windows 8.1 (X64) (2015-10-26 17:30:51)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2814885961-1482200991-1285302695-500 - Administrator - Disabled)
    EdgarOmar (S-1-5-21-2814885961-1482200991-1285302695-1001 - Administrator - Enabled) => C:\Users\EdgarOmar
    Guest (S-1-5-21-2814885961-1482200991-1285302695-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2814885961-1482200991-1285302695-1005 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 15.08 beta (HKLM-x32\...\7-Zip) (Version: 15.08 - Igor Pavlov)
    99 Spirits (HKLM-x32\...\Steam App 258090) (Version: - TORaIKI)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
    AKIBA'S TRIP: Undead & Undressed (HKLM-x32\...\Steam App 333980) (Version: - ACQUIRE Corp.)
    Amazon Kindle (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Amazon Kindle) (Version: 1.13.0.42039 - Amazon)
    Anki (HKLM-x32\...\Anki) (Version: - )
    AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.7.0 - SlySoft)
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.6 - Atheros Communications Inc.)
    Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
    Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
    Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
    Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
    BlazBlue: Calamity Trigger (HKLM-x32\...\Steam App 263300) (Version: - Arc System Works)
    Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
    Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
    Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - )
    Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
    Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
    Cheetah Audio Converter (HKLM-x32\...\{B1914510-38B5-4835-83D8-A188073E542F}) (Version: - )
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Double Dragon Trilogy (HKLM-x32\...\Steam App 314150) (Version: - DotEmu)
    Dragons of Atlantis (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Pokki_cfada041afdc4a11092a096cac66ab6a0945d92b) (Version: v1.1.7 - Pokki)
    Edgeworld (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Pokki_2e9d53cc2b402b6e65aa9551308ca17a19c4721a) (Version: v1.1.8 - Pokki)
    Fairy Fencer F (HKLM-x32\...\Steam App 347830) (Version: - Idea Factory)
    FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
    FINAL FANTASY III (HKLM-x32\...\Steam App 239120) (Version: - Square Enix)
    FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)
    FINAL FANTASY VIII (HKLM-x32\...\Steam App 39150) (Version: - SQUARE ENIX)
    Flux Player (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Flux Player) (Version: 4.6.3.4647 - )
    FLV-Media-Player (HKLM-x32\...\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}) (Version: 2.0.3.2520 - HYBRIDWEB.de)
    Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32 - WildTangent) Hidden
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
    GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.76.5239 - Gretech Corporation)
    Goodgame Empire (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Pokki_149b46d4a102c0304583931ceaa3f0bf19785ee3) (Version: v1.1.7 - Pokki)
    Guilty Gear X2 #Reload (HKLM-x32\...\Steam App 314030) (Version: - Arc System Works)
    GUILTY GEAR XX ACCENT CORE PLUS R (HKLM-x32\...\Steam App 348550) (Version: - Arc System Works)
    Hola™ 1.11.607 - Better Internet (HKLM\...\Hola) (Version: 1.11.607 - Hola Networks Ltd.)
    Host App Service (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\SweetLabs_AP) (Version: 0.269.7.840 - Pokki)
    If My Heart Had Wings (HKLM-x32\...\Steam App 326480) (Version: - Moenovel)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
    Magical Battle Festa (HKLM-x32\...\Steam App 292480) (Version: - Fly System)
    Mahjong Pretty Girls Battle (HKLM-x32\...\Steam App 338060) (Version: - Zoo Corporation)
    Mayjasmine episode01 What is God? 五月茉莉 (HKLM-x32\...\Steam App 417110) (Version: - Erotes studio)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
    Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mitsurugi Kamui Hikae (HKLM-x32\...\Steam App 263620) (Version: - Zenith Blue)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Movie Studio 13 Platinum - Steam Powered (HKLM-x32\...\Steam App 330070) (Version: - Sony Creative Software)
    Movie Studio Platinum 13.0 - Steam Powered (64-bit) (HKLM\...\{1F7DB38F-51AA-11E5-8729-001E4FC0A7E5}) (Version: 13.0.957 - Sony)
    Mozilla Firefox 44.0 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 es-MX)) (Version: 44.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.0.5866 - Mozilla)
    Mugen Souls (HKLM-x32\...\Steam App 389870) (Version: - Idea Factory)
    MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
    NEKOPARA Vol. 0 (HKLM-x32\...\Steam App 385800) (Version: - NEKO WORKs)
    NEKOPARA Vol. 1 (HKLM-x32\...\Steam App 333600) (Version: - NEKO WORKs)
    Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
    Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
    Norton PC Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.18.15 - Symantec Corporation)
    Norton Security Dashboard (HKLM-x32\...\NortonSD) (Version: 1.1.1.9 - Symantec Corporation)
    Nuvoton CIR Device Drivers (HKLM-x32\...\{096C6EA4-738C-4A01-BB98-45B93B6B9B34}) (Version: 8.60.5001 - Nuvoton Technology Corporation)
    NWZ-E340 WALKMAN Guide (HKLM-x32\...\{E33956B7-301C-429D-9E6C-2C12EACB8A62}) (Version: 2.0.00.07010 - Sony Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 9.0.15.60 - Electronic Arts, Inc.)
    Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Pirate Storm (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Pokki_17dd240efdb0c50e8a5015de26b6d100f1b1072c) (Version: v1.1.7 - Pokki)
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.28.2013.0912 - REALTEK Semiconductor Corp)
    Realtek Bluetooth Filter Driver Package (x32 Version: 12.28.2013.0912 - REALTEK Semiconductor Corp) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6743 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
    REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
    Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
    Sakura Angels (HKLM-x32\...\Steam App 342380) (Version: - Winged Cloud)
    Sakura Spirit (HKLM-x32\...\Steam App 313740) (Version: - Winged Cloud)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Skullgirls (HKLM-x32\...\Steam App 245170) (Version: - Lab Zero Games)
    Skullgirls ∞Endless Beta∞ (HKLM-x32\...\Steam App 208610) (Version: - )
    Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
    Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
    SONIC THE HEDGEHOG 4 Episode II (HKLM-x32\...\Steam App 203650) (Version: - SEGA)
    SP Player (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\3332097300.wspr.webstream.ne.jp) (Version: - wspr.webstream.ne.jp)
    SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
    Start Menu (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\SweetLabs_Start_Menu) (Version: 0.269.7.840 - Pokki)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com)
    The Godfather (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Pokki_923d0f1d35897f6a6a73ba838623cda94c4ab689) (Version: v1.2.5 - Pokki)
    THE KING OF FIGHTERS 2002 UNLIMITED MATCH (HKLM-x32\...\Steam App 222440) (Version: - Code Mystics)
    THE KING OF FIGHTERS '98 ULTIMATE MATCH FINAL EDITION (HKLM-x32\...\Steam App 222420) (Version: - Code Mystics)
    THE KING OF FIGHTERS XIII STEAM EDITION (HKLM-x32\...\Steam App 222940) (Version: - SNK Playmore)
    The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
    Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
    TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
    Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
    TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
    TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
    TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
    TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.2.0000 - Toshiba Corporation)
    TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v1.0.0.11 - TOSHIBA Corporation)
    TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
    TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
    TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
    TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1013.0 - TOSHIBA CORPORATION)
    TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)
    TOSHIBA Service Station (HKLM\...\{63E575B6-BEF3-4DE7-823E-508837914157}) (Version: 2.6.16.0 - Toshiba Corporation)
    TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
    TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
    TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
    TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.49.124 - Toshiba Corporation)
    TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
    Transfer Utility LE (HKLM-x32\...\{F2C2709B-FB3D-458C-B12E-9AAA5EDCA670}) (Version: 1.02.126 - PIXELA)
    Tsukumogami (HKLM-x32\...\Steam App 262300) (Version: - TORaIKI)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
    Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version: - SEGA)
    Vanguard Princess (HKLM-x32\...\Steam App 262150) (Version: - Tomoaki Sugeno)
    Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
    VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.0.0 - Azureus Software, Inc.)
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
    WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Winged Sakura: Mindy's Arc (HKLM-x32\...\Steam App 331390) (Version: - WINGED SAKURA GAMES)
    WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
    WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
    zkanji v0.731 (HKLM-x32\...\zkanji) (Version: 0.731 - Sólyom Zoltán)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0B66AC13-A7D3-4619-8CD0-7B75EF4946B4} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
    Task: {10F3F659-4D6D-44EF-BE5A-96F59EE39289} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
    Task: {34D73491-BBFD-4BD2-9B29-2EEAC6E759CA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
    Task: {4DA46886-ED67-4B3C-BF66-B275D5924C28} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {4E76AAE9-6AA7-4D38-AE9D-BA258E324177} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\SearchesToYesbnd\BrowserUpdate.exe [2016-01-21] (Tencent)
    Task: {53F6790C-E9B6-4F18-9EE0-FD71AFFDD354} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {69414A02-5B98-41DA-A9D7-1134DFB331C2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
    Task: {6F622176-1D81-49F7-8BA3-BC5B06FB1A55} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
    Task: {71A07191-D008-42B6-B858-55ABE4D39319} - System32\Tasks\ACGPro Update => C:\Program Files (x86)\ACGPro\ACGPro Update\ACGPro.exe [2016-01-12] ()
    Task: {73F915B8-2867-412C-96CE-01C3534FB79D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {8FA2E5C1-E289-4F06-BED6-E6CC3D68DA01} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
    Task: {9D2E5675-CFCA-4793-A45B-E6FAB5E7743E} - System32\Tasks\SweetLabs App Platform => C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2015-12-11] (Pokki)
    Task: {A878EEF9-D882-4EDF-9223-CC59B001575B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
    Task: {A95883A2-1930-4CF2-853C-3E0105626C16} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2814885961-1482200991-1285302695-1001 => C:\Users\EdgarOmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-27] (Microsoft Corporation)
    Task: {AB1EF200-AD74-4A5E-A602-55CB562D0B40} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2814885961-1482200991-1285302695-1001
    Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
    Task: {CC917555-E6BE-4D2F-8169-3BD9C1315A0A} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2016-01-12] (Avira Operations GmbH & Co. KG)
    Task: {E1176BD7-B13E-4197-A939-C20B648812EA} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
    Task: {E68AADD1-99BF-4781-8BE9-DF5891F22F16} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
    Task: {E79E6EDA-6CE9-4504-AE1C-0F7D030D33A9} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2016-01-06] (Symantec Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2013-11-04 20:22 - 2013-11-04 20:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2012-03-16 17:24 - 2012-03-16 17:24 - 00091520 _____ () C:\Program Files\Toshiba\Hotkey\fsHid.dll
    2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
    2014-09-29 18:51 - 2014-09-29 18:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
    2015-11-15 19:59 - 2016-01-19 16:51 - 00073216 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
    2016-01-15 14:45 - 2016-01-15 14:45 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
    2015-11-24 09:43 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2015-11-24 09:43 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2015-11-24 09:43 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2015-11-24 09:43 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2015-11-24 09:43 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2015-10-25 18:30 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2015-04-28 14:15 - 2015-04-28 14:15 - 00569856 _____ () C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ppGoogleNaClPluginChrome.dll
    2015-04-28 14:15 - 2015-04-28 14:15 - 01400846 _____ () C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\avcodec-54.dll
    2015-04-28 14:15 - 2015-04-28 14:15 - 00151054 _____ () C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\avutil-51.dll
    2015-04-28 14:15 - 2015-04-28 14:15 - 00222734 _____ () C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\avformat-54.dll
    2015-11-09 20:16 - 2015-08-07 16:48 - 04932712 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
    2015-11-09 20:16 - 2015-07-23 18:08 - 00324096 _____ () C:\Program Files (x86)\Free Download Manager\ytparser.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com*-*This website is for sale!*-*0scan Resources and Information.
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1 Domains Technology Blog |
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> 1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> 123Movies - Watch Free Movies Streaming Online Now
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> WebMD - Better information. Better health.

    There are 7871 more sites.

    IE trusted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\hola.org -> hxxp://hola.org
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0411dd.com -> 0411dd.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0511zfhl.com -> 0511zfhl.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0632qyw.com -> 0632qyw.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0scan.com -> 0scan.com*-*This website is for sale!*-*0scan Resources and Information.
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\1-2005-search.com -> www.1-2005-search.com

    There are 12688 more sites.


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 07:25 - 2016-02-04 13:38 - 00450954 ____R C:\WINDOWS\system32\Drivers\etc\hosts

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 0scan.com*-*This website is for sale!*-*0scan Resources and Information.
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com
    127.0.0.1 123Movies - Watch Free Movies Streaming Online Now

    There are 15469 more lines.


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\EdgarOmar\Pictures\ふたなり尼さん&シスター噴水化 - 盲 - mekuranoookami - 盲 (43663952) .png
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
    HKLM\...\StartupApproved\Run: => "TRCMan"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "Free Download Manager"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "Steam"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "BingSvc"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{8B1E83F2-8938-4D69-9892-B46557ED97A4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{BF17192A-69C1-46A6-8845-73AF0CDABA61}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{FD4FD112-E952-4DB1-A9A6-5D7D7979728A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{21AD685C-C04D-46CC-9E35-6E0E17FD3CD0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{D2A62EE1-6218-41CD-B858-052FFEB272B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Dragon Trilogy\ddtrilogy.exe
    FirewallRules: [{BBFE0A6D-43D4-4690-B74C-03DD2AAF7004}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Dragon Trilogy\ddtrilogy.exe
    FirewallRules: [{05FFDD24-12C8-4E78-8770-88D7ADAB0E03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\99 Spirits.eXe
    FirewallRules: [{F664761F-9C4B-4954-9F5C-1AFB8802D4BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\99 Spirits.eXe
    FirewallRules: [{AF7F4627-7BFD-43A7-BF67-5998637E0135}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\English\Cage of Night.eXe
    FirewallRules: [{652E0083-A01A-4DF4-9736-2D54B8104E56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\English\Cage of Night.eXe
    FirewallRules: [{88162000-2730-4BDB-8947-87C672C1E79E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\Japanese\Cage of Night.eXe
    FirewallRules: [{987C4DB4-386B-465B-A9B0-F406D7D56D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\Japanese\Cage of Night.eXe
    FirewallRules: [{2D663A92-4654-446E-A6EE-066C4B013F3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\English\Weeping Demon's Bell.exe
    FirewallRules: [{1740F828-61F8-4AF8-8727-1E102E27A84A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\English\Weeping Demon's Bell.exe
    FirewallRules: [{371F1338-7070-4FB1-A5A6-EDC82403D35F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\Japanese\Weeping Demon's Bell.eXe
    FirewallRules: [{AB0D7300-ED76-4496-BD02-A07A05AFA09D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\Japanese\Weeping Demon's Bell.eXe
    FirewallRules: [TCP Query User{406715A4-57CF-4809-960C-9FE57C1F4936}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
    FirewallRules: [UDP Query User{AEBEC90A-AD0B-4B28-AC41-6A1EADCCE616}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
    FirewallRules: [{8371D454-323F-479D-B329-659486679A7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Winged Sakura Mindy's Arc\Winged Sakura Mindy's Arc.exe
    FirewallRules: [{37A1660E-8423-45C3-AD3A-6F8E67FE1655}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Winged Sakura Mindy's Arc\Winged Sakura Mindy's Arc.exe
    FirewallRules: [{4CCE3B66-6178-47FE-B13E-7BC6EBD6E29E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\ggx2.exe
    FirewallRules: [{396B0823-BED0-44B6-BE3C-6590E47ACA92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\ggx2.exe
    FirewallRules: [{433AA74E-3B88-44E8-A1A7-7A4194572516}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\config.exe
    FirewallRules: [{59226E7A-90A0-4C7B-BF97-B5BA8DDB3E8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\config.exe
    FirewallRules: [{8B661167-DBFF-4705-960D-0BF610CD8B02}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{95E0B624-2F9C-460B-B190-13E3693B5A90}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{54D11142-D95A-450E-AA48-FA800F77BE9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
    FirewallRules: [{BBD62464-0660-4B29-8213-71C0AF931E6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
    FirewallRules: [{5E181127-4239-4358-A50D-7F28D6F2D73B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\If My Heart Had Wings\AdvHD.exe
    FirewallRules: [{F3D8FFF9-89CD-4E25-A4B9-4F858CF155CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\If My Heart Had Wings\AdvHD.exe
    FirewallRules: [{D9475FE4-E7A8-41EE-A8CA-7144F7E2BC2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe
    FirewallRules: [{27D966B1-CDA3-404F-BCED-B9CBF9ECAB6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe
    FirewallRules: [{E3F67565-E217-4294-AB17-C1E97C3573D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magical Battle Festa\MBF.exe
    FirewallRules: [{214FBB4A-1C74-4905-A613-82B621131E4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magical Battle Festa\MBF.exe
    FirewallRules: [{EB569148-4339-4F62-85D4-A138966EB6B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MahJong Nagomi\MahjongPrettyGirlsBattle.exe
    FirewallRules: [{78064255-6A96-43A6-9DBF-1CE5E90C3E6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MahJong Nagomi\MahjongPrettyGirlsBattle.exe
    FirewallRules: [{616BFCD6-85E6-4429-9308-68A86E2AEF8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Angels\Sakura Angels.exe
    FirewallRules: [{AFB64DA5-53DA-4A16-A917-300C98BB95C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Angels\Sakura Angels.exe
    FirewallRules: [{51E3B544-AD37-4033-8D56-AFD0AED36D22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tsukumogami\99 Spirits.eXe
    FirewallRules: [{3409CA83-75E4-4A38-8924-BD555B96DCBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tsukumogami\99 Spirits.eXe
    FirewallRules: [{89EFAED1-54D7-483B-A1AE-50AF2DC69E49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe
    FirewallRules: [{F476C585-A9BE-46D3-9443-59A971DA3680}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe
    FirewallRules: [{1D115DDB-0338-4DDB-8FD6-172F05A002BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
    FirewallRules: [{B49777DB-0C3F-419E-A8BE-4548FA886EE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
    FirewallRules: [{8BFCAA61-2162-401F-A63E-75EA7AD4162B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
    FirewallRules: [{8A49A800-0E30-4642-A327-7A08FFB2323C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
    FirewallRules: [{C0190BF5-85BD-489B-ADAA-1CBD4251AB37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
    FirewallRules: [{24D6DFED-126A-401C-814C-159ED75D841A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
    FirewallRules: [{C6ADC445-B60A-412E-8E08-BCF97504AA56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\FF3_Launcher.exe
    FirewallRules: [{FEB757E0-DCA2-442C-AD0C-251F3B07D765}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\FF3_Launcher.exe
    FirewallRules: [{35FB39D5-6ED1-497E-884A-C806635866E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VIII\FF8_Launcher.exe
    FirewallRules: [{1C5B2C5D-CA2D-437F-BBB8-C8F091788980}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VIII\FF8_Launcher.exe
    FirewallRules: [{48634DAC-DB4A-477D-9D7B-4AA38F4B4BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
    FirewallRules: [{375E61A0-F3DD-46A4-9E82-4550B68ECB42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
    FirewallRules: [{984E1D84-7BF3-433C-A3F4-7664CEE2E888}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mayjasmine episode01 What is God\jasmine.eXe
    FirewallRules: [{D75A55C6-C6F5-4870-8FE2-EC231046275B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mayjasmine episode01 What is God\jasmine.eXe
    FirewallRules: [{00601D9D-2EBE-46A6-90F7-DCEE6044664A}] => (Allow) C:\Users\EdgarOmar\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{9F0B532E-58A4-4F7E-9021-9CAB34008662}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{CB0CD99B-25AB-4D04-85D9-656F24862DCE}] => (Allow) LPort=2869
    FirewallRules: [{6E31655B-4E6F-4780-9188-E0548AB09E31}] => (Allow) LPort=1900
    FirewallRules: [{D16E5456-C7EE-496D-95A2-1806EB5E8A9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Spirit\Sakura Spirit.exe
    FirewallRules: [{450A9D74-01F2-48B4-8D1F-90B1889073F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Spirit\Sakura Spirit.exe
    FirewallRules: [{490DC05A-9BBC-4321-A427-F6F950005AEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic the Hedgehog 4 - EP 2\Launcher.exe
    FirewallRules: [{083791C3-7014-4E34-B40F-7742F662ACF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic the Hedgehog 4 - EP 2\Launcher.exe
    FirewallRules: [{6735D8F3-B332-48D7-8D7E-7AC5507B1575}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
    FirewallRules: [{71922E39-D26D-45BC-971E-6486712A6613}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
    FirewallRules: [{1DF65432-43F2-4036-AF91-9B8AC02A983B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\vanguard-princess\vanpri.exe
    FirewallRules: [{AFA390FC-A30D-4158-810F-1A68CFE0D9A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\vanguard-princess\vanpri.exe
    FirewallRules: [{F7DBD141-08F7-4472-9D38-F56B54AE1667}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
    FirewallRules: [{7314BF00-1A86-470A-8CF9-EBCEA8FE9948}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
    FirewallRules: [{00E4DA3E-23E3-4DC6-9ABD-01A37745D6C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters'98 Ultimate Match\KingOfFighters98UM.exe
    FirewallRules: [{A3B6321F-5F37-4E7F-B003-52D02EFC7301}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters'98 Ultimate Match\KingOfFighters98UM.exe
    FirewallRules: [{78D7382A-641E-4215-A86E-B77638FFB46A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters 2002 Unlimited Match\KingOfFighters2002UM.exe
    FirewallRules: [{697FA79A-B301-4D3F-BB2D-73F8E8C6A1A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters 2002 Unlimited Match\KingOfFighters2002UM.exe
    FirewallRules: [{6BE971C1-61E6-4763-B4D0-E6DF051FBA19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Calamity Trigger\BBCT.exe
    FirewallRules: [{F6EEF78C-1033-41BC-AEEF-ADE7F7581802}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Calamity Trigger\BBCT.exe
    FirewallRules: [{8F22E63B-079E-4A45-AA1F-3DD575423A93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King of Fighters XIII\kofxiii.exe
    FirewallRules: [{E6479E69-168F-4C9D-93F9-4FD35A8F0131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King of Fighters XIII\kofxiii.exe
    FirewallRules: [{64B13CA7-C437-498B-AFED-41E6429D12C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mugen Souls\MugenSouls.exe
    FirewallRules: [{A6BF8F56-1589-4E39-AE70-53FDEA4F5FD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mugen Souls\MugenSouls.exe
    FirewallRules: [{E0E2F9B9-034E-4375-AD56-7D065C02ED58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 0\nekopara_vol0.exe
    FirewallRules: [{0CC40E14-B82B-48E2-9D90-B25C09C7EB38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 0\nekopara_vol0.exe
    FirewallRules: [{31CD37D8-56D3-4A08-A98C-7DA3410FC214}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe
    FirewallRules: [{3F5525C7-4672-4E49-A4EE-AA3E0F84B557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe
    FirewallRules: [{F15C9ECD-046D-4597-A70C-57AAB06AA7AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Akiba's Trip Undead & Undressed\AkibaUU.exe
    FirewallRules: [{A307197F-4FA0-4CFC-9B0C-77E5D900F3DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Akiba's Trip Undead & Undressed\AkibaUU.exe
    FirewallRules: [{59BB4DF1-7E08-4E10-9EB5-761555D97C3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear XX Accent Core Plus R\GGXXACPR_Win.exe
    FirewallRules: [{3B6E09DE-82B8-4353-AA8C-ABF05125A149}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear XX Accent Core Plus R\GGXXACPR_Win.exe
    FirewallRules: [{9DD68CD0-AD87-4EEB-A753-B37A2E200272}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
    FirewallRules: [{D51D8502-FD32-44AF-ADE3-7B0E2ECDE8A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
    FirewallRules: [{60A07B5E-E7FD-4366-A5F3-629A8F89954F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
    FirewallRules: [{D9ABEE87-D72F-4CCC-8301-825640834604}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
    FirewallRules: [{271D24AB-1637-4A96-AD2F-669CD3A0CC15}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{792D631F-EC0F-4EF1-AC37-4DF46473F928}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{CAF8273F-9736-4C0F-84D5-FDBD5E691071}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{3C4EBCAA-3756-4FAD-8487-E9928A586F54}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Restore Points =========================

    02-02-2016 08:59:58 Scheduled Checkpoint

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/04/2016 11:34:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: El programa backgroundTaskHost.exe, versión 6.3.9600.17415, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

    Identificador de proceso: 1054

    Hora de inicio: 01d15f71a2bf00d6

    Hora de finalización: 4294967295

    Ruta de acceso de la aplicación: C:\WINDOWS\system32\backgroundTaskHost.exe

    Identificador de informe: 96958ea1-cb65-11e5-beb2-c0d9622d7303

    Nombre completo de paquete con errores: Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t

    Identificador de aplicación relativa del paquete con errores: App

    Error: (02/04/2016 11:19:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: El programa backgroundTaskHost.exe, versión 6.3.9600.17415, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

    Identificador de proceso: 511c

    Hora de inicio: 01d15f6f8a6309f4

    Hora de finalización: 4294967295

    Ruta de acceso de la aplicación: C:\WINDOWS\system32\backgroundTaskHost.exe

    Identificador de informe: 7e0ed6eb-cb63-11e5-beb2-c0d9622d7303

    Nombre completo de paquete con errores: Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t

    Identificador de aplicación relativa del paquete con errores: App

    Error: (02/03/2016 10:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUPRINCIPAL)
    Description: No se pudo activar la aplicación Amazon.com.Amazon_343d40qqvtj1t!App debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

    Error: (02/03/2016 10:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUPRINCIPAL)
    Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

    Error: (02/03/2016 10:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUPRINCIPAL)
    Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

    Error: (02/02/2016 02:13:43 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: firefox.exe, versión: 44.0.0.5866, marca de tiempo: 0x56a4222c
    Nombre del módulo con errores: flvsniff.dll, versión: 1.0.1064.0, marca de tiempo: 0x56277a44
    Código de excepción: 0xc0000005
    Desplazamiento de errores: 0x0008b5bf
    Identificador del proceso con errores: 0x2454
    Hora de inicio de la aplicación con errores: 0xfirefox.exe0
    Ruta de acceso de la aplicación con errores: firefox.exe1
    Ruta de acceso del módulo con errores: firefox.exe2
    Identificador del informe: firefox.exe3
    Nombre completo del paquete con errores: firefox.exe4
    Identificador de aplicación relativa del paquete con errores: firefox.exe5

    Error: (02/01/2016 10:23:05 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: OneDrive.exe, versión: 17.3.6281.1202, marca de tiempo: 0x565fc8be
    Nombre del módulo con errores: KERNELBASE.dll, versión: 6.3.9600.18007, marca de tiempo: 0x55c4bcfc
    Código de excepción: 0x80000003
    Desplazamiento de errores: 0x000b8f62
    Identificador del proceso con errores: 0x2634
    Hora de inicio de la aplicación con errores: 0xOneDrive.exe0
    Ruta de acceso de la aplicación con errores: OneDrive.exe1
    Ruta de acceso del módulo con errores: OneDrive.exe2
    Identificador del informe: OneDrive.exe3
    Nombre completo del paquete con errores: OneDrive.exe4
    Identificador de aplicación relativa del paquete con errores: OneDrive.exe5

    Error: (01/30/2016 08:41:20 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: FreemakeUtilsService.exe, versión: 1.0.0.0, marca de tiempo: 0x569e3ec3
    Nombre del módulo con errores: KERNELBASE.dll, versión: 6.3.9600.18007, marca de tiempo: 0x55c4bcfc
    Código de excepción: 0xe0434352
    Desplazamiento de errores: 0x00015b68
    Identificador del proceso con errores: 0x1088
    Hora de inicio de la aplicación con errores: 0xFreemakeUtilsService.exe0
    Ruta de acceso de la aplicación con errores: FreemakeUtilsService.exe1
    Ruta de acceso del módulo con errores: FreemakeUtilsService.exe2
    Identificador del informe: FreemakeUtilsService.exe3
    Nombre completo del paquete con errores: FreemakeUtilsService.exe4
    Identificador de aplicación relativa del paquete con errores: FreemakeUtilsService.exe5

    Error: (01/30/2016 08:41:20 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: FreemakeUtilsService.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.ArgumentException
    Stack:
    at System.Security.Principal.SecurityIdentifier..ctor(System.String)
    at FreemakeUtilsService.Common.ToolbarInstallationChecker.GetSidToUsernameDictionary()
    at FreemakeUtilsService.Common.ToolbarInstallationChecker.CheckInfo(FreemakeUtilsService.Common.FreemakeToolbarsInfo)
    at FreemakeUtilsService.Statistics.Manager.StartToolbarInfoCheck()
    at FreemakeUtilsService.Statistics.Manager.SettingsSyncFailed(System.Object, System.EventArgs)
    at FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
    at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
    at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
    at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
    at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
    at System.Threading.ThreadPoolWorkQueue.Dispatch()
    at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

    Error: (01/28/2016 01:01:40 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: IEXPLORE.EXE, versión: 11.0.9600.18124, marca de tiempo: 0x5641278d
    Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.18185, marca de tiempo: 0x5683eff4
    Código de excepción: 0xc0000374
    Desplazamiento de errores: 0x000e5954
    Identificador del proceso con errores: 0x9dc
    Hora de inicio de la aplicación con errores: 0xIEXPLORE.EXE0
    Ruta de acceso de la aplicación con errores: IEXPLORE.EXE1
    Ruta de acceso del módulo con errores: IEXPLORE.EXE2
    Identificador del informe: IEXPLORE.EXE3
    Nombre completo del paquete con errores: IEXPLORE.EXE4
    Identificador de aplicación relativa del paquete con errores: IEXPLORE.EXE5


    System errors:
    =============
    Error: (02/04/2016 04:30:28 PM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

    Error: (02/04/2016 04:08:51 PM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

    Error: (02/04/2016 03:38:50 PM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

    Error: (02/04/2016 03:08:49 PM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

    Error: (02/04/2016 02:07:34 PM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

    Error: (02/04/2016 02:07:11 PM) (Source: DCOM) (EventID: 10005) (User: COMPUPRINCIPAL)
    Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

    Error: (02/04/2016 02:06:54 PM) (Source: DCOM) (EventID: 10005) (User: COMPUPRINCIPAL)
    Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

    Error: (02/04/2016 02:06:45 PM) (Source: DCOM) (EventID: 10005) (User: COMPUPRINCIPAL)
    Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

    Error: (02/04/2016 02:06:21 PM) (Source: DCOM) (EventID: 10005) (User: COMPUPRINCIPAL)
    Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

    Error: (02/04/2016 02:00:59 PM) (Source: DCOM) (EventID: 10005) (User: COMPUPRINCIPAL)
    Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
    Percentage of memory in use: 28%
    Total physical RAM: 6028.24 MB
    Available physical RAM: 4322.91 MB
    Total Virtual: 13964.24 MB
    Available Virtual: 11344.21 MB

    ==================== Drives ================================

    Drive c: (TI10657500D) (Fixed) (Total:919.88 GB) (Free:566.99 GB) NTFS

    ==================== MBR & Partition Table ==================

    ==================== End of Addition.txt ============================

  5. #5
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hello,

    Don't put the logs in code boxes, makes them hard to read.
    When an Anti Virus program stops working it's still suggested to uninstall it because they leave numerous files that still may load at boot time.

    Next

    Please download AdwCleaner by Xplode onto your Desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the logfile button and the log will open in Notepad.
    • Click on the Clean button follow the prompts.
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • The report will be saved in the C:\AdwCleaner folder.


    Next

    Please download Junkware Removal Tool to your Desktop.
    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    In your next reply post;

    • The AdwCleaner [SO].txt Log
    • The JRT.txt Log

  6. #6
    Member
    Join Date
    Feb 2016
    Posts
    8
    Points
    0

    Default

    OK here we go.

    This is the AdwCleaner log.

    # AdwCleaner v5.033 - Logfile created 08/02/2016 at 10:53:53
    # Updated 07/02/2016 by Xplode
    # Database : 2016-02-07.2 [Server]
    # Operating system : Windows 8.1 (x64)
    # Username : EdgarOmar - COMPUPRINCIPAL
    # Running from : C:\Users\EdgarOmar\Downloads\AdwCleaner v5.033\adwcleaner_5.033.exe
    # Option : Scan
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****

    Service Found : hola_svc
    Service Found : hola_updater
    Service Found : GtkFree

    ***** [ Folders ] *****

    Folder Found : C:\Program Files\Hola
    Folder Found : C:\Program Files (x86)\SearchesToYesbnd
    Folder Found : C:\Program Files (x86)\ACGPro
    Folder Found : C:\Program Files (x86)\GtkFree
    Folder Found : C:\Program Files (x86)\Winsere
    Folder Found : C:\Program Files (x86)\WinTaske
    Folder Found : C:\Users\EdgarOmar\AppData\Local\Hola
    Folder Found : C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform
    Folder Found : C:\Users\EdgarOmar\AppData\Local\YSearchUtil
    Folder Found : C:\Users\EdgarOmar\AppData\Roaming\Hola
    Folder Found : C:\Users\EdgarOmar\Favorites\StumbleUpon
    Folder Found : C:\Users\EdgarOmar\Favorites\StumbleUpon
    Folder Found : C:\WINDOWS\SysNative\Tasks\SweetLabs App Platform
    Folder Found : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

    ***** [ Files ] *****

    File Found : C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goodgame Empire.lnk
    File Found : C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

    ***** [ DLL ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****

    Task Found : SweetLabs App Platform
    Task Found : ACGPro Update

    ***** [ Registry ] *****

    Key Found : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
    Key Found : HKCU\Software\Classes\Directory\shell\pokki
    Key Found : HKCU\Software\Classes\Drive\shell\pokki
    Key Found : HKCU\Software\Classes\lnkfile\shell\pokki
    Key Found : HKCU\Software\MozillaPlugins\@hola.org/FlashPlayer
    Key Found : HKCU\Software\MozillaPlugins\@hola.org/vlc
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_149b46d4a102c0304583931ceaa3f0bf19785ee3
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_17dd240efdb0c50e8a5015de26b6d100f1b1072c
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_2e9d53cc2b402b6e65aa9551308ca17a19c4721a
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_923d0f1d35897f6a6a73ba838623cda94c4ab689
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_cfada041afdc4a11092a096cac66ab6a0945d92b
    Key Found : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{0DC81A74-1FBD-4EF6-82B2-DE3FA05E8233}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{1B26E4A2-7F09-4365-9AB8-13E6891E42CB}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{21402197-BB5B-476C-AA1D-3FFED8ED813A}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{42E8D680-A18B-4CAA-ACE0-18EA05E4A056}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{454A4044-16EC-4D64-9069-C5B8832B7B55}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4FEB1BAD-35AD-4A08-B6EC-E6D832F1ED4D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{8F2B3016-17D4-447A-B207-FFA8957A834A}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E66B63B0-49F8-47E3-A9BA-799287B59E87}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{F8FA5B48-B7A2-4BC6-8389-9587643A4660}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0DC81A74-1FBD-4EF6-82B2-DE3FA05E8233}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1B26E4A2-7F09-4365-9AB8-13E6891E42CB}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{21402197-BB5B-476C-AA1D-3FFED8ED813A}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{42E8D680-A18B-4CAA-ACE0-18EA05E4A056}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{454A4044-16EC-4D64-9069-C5B8832B7B55}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4FEB1BAD-35AD-4A08-B6EC-E6D832F1ED4D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8F2B3016-17D4-447A-B207-FFA8957A834A}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E66B63B0-49F8-47E3-A9BA-799287B59E87}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F8FA5B48-B7A2-4BC6-8389-9587643A4660}
    Key Found : HKCU\Software\Hola
    Key Found : HKCU\Software\Pokki
    Key Found : HKCU\Software\SweetLabs App Platform
    Key Found : HKCU\Software\AppDataLow\Software\Settings Manager
    Key Found : HKLM\SOFTWARE\Pokki
    Key Found : HKLM\SOFTWARE\yessearchesSoftware
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
    Key Found : [x64] HKLM\SOFTWARE\Hola
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hola
    Key Found : HKU\.DEFAULT\Software\Hola
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{93E576BA-E687-4697-9359-EE2AC0251EA5}
    Value Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [hola]

    ***** [ Web browsers ] *****

    [C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : fcfenmboojpjinhpgggodefccipikbpd

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5703 bytes] ##########


    ------------------------------

    JRT log

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.2 (01.06.2016)
    Operating System: Windows 8.1 x64
    Ran by EdgarOmar (Administrator) on 08/02/2016 at 11:00:46.93
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 4

    Successfully deleted: C:\Users\EdgarOmar\AppData\Local\ysearchutil (Folder)
    Successfully deleted: C:\Users\EdgarOmar\Start Menu\Programs\goodgame empire.lnk (Shortcut)
    Successfully deleted: C:\Users\EdgarOmar\Start Menu\Programs\pc app store.lnk (Shortcut)
    Successfully deleted: C:\WINDOWS\system32\Tasks\Avira System Speedup Tray (Task)



    Registry: 3

    Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\hola_svc (Registry Key)
    Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\hola_updater (Registry Key)
    Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D97A3765-90CB-4092-829C-A6A621301399} (Registry Key)




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 08/02/2016 at 11:02:51.18
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Last edited by Preguntador; 02-08-2016 at 12:09 PM. Reason: Placed logs

  7. #7
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hello,

    RE: adwCleaner log, please make sure you actually run the Clean option, this option removes the files.

    Next

    A few items to fix
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    Open notepad (Start =>All Programs => Accessories => Notepad).
    Copy/Paste the contents of the code box below into Notepad.

    Just what's in the code box not the word code. You're making a fixlist. You need to put it in your Downloads folder. Once fixlist is in the download folder, right click on FRST "Run as adminstrator" click fix, and a log will be made in the downloads folder post it.

    Code:
    start
    CloseProcesses:
    CreateRestorePoint:
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File 
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    BootExecute: autocheck autochk * sdnclean64.exe
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> DefaultScope {D97A3765-90CB-4092-829C-A6A621301399} URL =
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {93E576BA-E687-4697-9359-EE2AC0251EA5} URL = hxxps://mx.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {D97A3765-90CB-4092-829C-A6A621301399} URL =
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {E6E6D071-9B6F-4910-A4D7-4DA3811AA1E2} URL = hxxps://mx.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
    2016-01-21 23:16 - 2016-01-21 23:16 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\YSearchUtil
    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
    2016-01-23 09:47 - 2016-01-23 09:47 - 00015086 _____ C:\WINDOWS\System32\Tasks\ACGPro Update
    2016-01-23 09:46 - 2016-01-23 09:46 - 00000000 ____D C:\Program Files (x86)\GtkFree
    2016-01-23 09:46 - 2016-01-23 09:46 - 00000000 ____D C:\Program Files (x86)\ACGPro
    2016-01-23 09:45 - 2016-02-02 20:48 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
    Task: {E79E6EDA-6CE9-4504-AE1C-0F7D030D33A9} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2016-01-06] (Symantec Corporation)
    C:\Program Files\Common Files\AV\Norton AntiVirus
    CMD: bitsadmin /reset /allusers
    CMD: ipconfig /flushdns
    RemoveProxy:
    Emptytemp:
    • Click Format and ensure Wordwrap is unchecked.
    • Save as Fixlist.txt to your C:\Users\EdgarOmar\=>Downloads<= (Must be in this location) or it will not work !
    • Run FRST/FRST64 and press the Fix button just once and wait.
    • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    • The tool will make a log in your C:\Users\EdgarOmar\Downloads folder (Fixlog.txt). Please post it to your reply.


    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    Next

    • Please download Malwarebytes Anti-Malware to your desktop.
    • Double-click mbam-setup-version.exe and follow the prompts to install the program.
    • Launch Malwarebytes Anti-Malware
    • Then click Finish.
    • If an update is found, you will be prompted to download and install the latest version.
    • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
    • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
    • Reboot your computer if prompted.



    Posting the Malwarebytes log.

    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • post that saved log to your next reply.


    If there are any browser issues after this please reset them. See link below to do that,
    How to Reset Your Web Browser To Its Default Settings


    Then

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.


    Thanks
    Joe
    Last edited by zep516; 02-08-2016 at 08:36 PM.

  8. #8
    Member
    Join Date
    Feb 2016
    Posts
    8
    Points
    0

    Default

    Ok here we go. This is the fixlog first:

    Fix result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
    Ran by EdgarOmar (2016-02-09 00:11:25) Run:1
    Running from C:\Users\EdgarOmar\Downloads
    Loaded Profiles: EdgarOmar (Available Profiles: EdgarOmar)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    start
    CloseProcesses:
    CreateRestorePoint:
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    BootExecute: autocheck autochk * sdnclean64.exe
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> DefaultScope {D97A3765-90CB-4092-829C-A6A621301399} URL =
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {93E576BA-E687-4697-9359-EE2AC0251EA5} URL = hxxps://mx.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {D97A3765-90CB-4092-829C-A6A621301399} URL =
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {E6E6D071-9B6F-4910-A4D7-4DA3811AA1E2} URL = hxxps://mx.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
    2016-01-21 23:16 - 2016-01-21 23:16 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\YSearchUtil
    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
    CMD: bitsadmin /reset /allusers
    CMD: ipconfig /flushdns
    RemoveProxy:
    Emptytemp:
    *****************

    Processes closed successfully.
    Restore point was successfully created.
    "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
    HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
    HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
    HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
    HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
    HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
    HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
    hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
    C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
    C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
    C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{93E576BA-E687-4697-9359-EE2AC0251EA5} => key not found.
    HKCR\CLSID\{93E576BA-E687-4697-9359-EE2AC0251EA5} => key not found.
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D97A3765-90CB-4092-829C-A6A621301399} => key not found.
    HKCR\CLSID\{D97A3765-90CB-4092-829C-A6A621301399} => key not found.
    "HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E6E6D071-9B6F-4910-A4D7-4DA3811AA1E2}" => key removed successfully
    HKCR\CLSID\{E6E6D071-9B6F-4910-A4D7-4DA3811AA1E2} => key not found.
    "C:\Users\EdgarOmar\AppData\Local\YSearchUtil" => not found.
    C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.

    ========= bitsadmin /reset /allusers =========


    BITSADMIN version 3.0 [ 7.7.9600 ]
    BITS administration utility.
    (C) Copyright 2000-2006 Microsoft Corp.

    BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
    Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

    {2DD0565F-E1C8-43CD-8AB4-EA8C17C4BBF2} canceled.
    1 out of 1 jobs canceled.

    ========= End of CMD: =========


    ========= ipconfig /flushdns =========


    Configuraci�n IP de Windows

    Se vaci� correctamente la cach� de resoluci�n de DNS.

    ========= End of CMD: =========


    ========= RemoveProxy: =========

    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


    ========= End of RemoveProxy: =========

    EmptyTemp: => 759.6 MB temporary data Removed.


    The system needed a reboot.

    ==== End of Fixlog 00:15:09 ====

    -------------------------------------------------------------------------

    Got 2 Malware log files:

    ---------------------------

    Malwarebytes Anti-Malware
    www.malwarebytes.org


    Update, 09/02/2016 12:52 a. m., SYSTEM, COMPUPRINCIPAL, Manual, Remediation Database, 2015.9.16.1, 2016.2.5.2,
    Update, 09/02/2016 12:52 a. m., SYSTEM, COMPUPRINCIPAL, Manual, Rootkit Database, 2015.9.18.1, 2016.2.8.1,
    Update, 09/02/2016 12:52 a. m., SYSTEM, COMPUPRINCIPAL, Manual, IP Database, 2015.9.21.2, 2016.2.8.1,
    Update, 09/02/2016 12:52 a. m., SYSTEM, COMPUPRINCIPAL, Manual, Domain Database, 2015.9.22.3, 2016.2.9.1,
    Update, 09/02/2016 12:53 a. m., SYSTEM, COMPUPRINCIPAL, Manual, Malware Database, 2015.9.22.5, 2016.2.8.5,
    Scan, 09/02/2016 01:18 a. m., SYSTEM, COMPUPRINCIPAL, Manual, Inicio:09/02/2016 12:54 a. m., Duración:21 min, 21 seg, Análisis de amenazas, Completado, Detecciones de malware de 0, Detecciones de códigos no de malware de 2,
    Error, 09/02/2016 01:21 a. m., SYSTEM, COMPUPRINCIPAL, Protection, IsLicensed, 13,
    Protection, 09/02/2016 01:21 a. m., SYSTEM, COMPUPRINCIPAL, Protection, Malware Protection, Stopping,
    Protection, 09/02/2016 01:21 a. m., SYSTEM, COMPUPRINCIPAL, Protection, Malware Protection, Stopped,

    (end)

    ------------------------------------------------

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Fecha del análisis: 09/02/2016
    Hora del análisis: 12:54 a. m.
    Archivo de registro: Malaware 2.txt
    Administrador: Sí

    Versión: 2.2.0.1024
    Base de datos de malwares: v2016.02.08.05
    Base de datos de rootkits: v2016.02.08.01
    Licencia: Gratis
    Protección contra el malware: Desactivado
    Protección contra sitios web maliciosos: Desactivado
    Autoprotección: Desactivado

    SO: Windows 8.1
    CPU: x64
    Sistema de archivos: NTFS
    Usuario: EdgarOmar

    Tipo de análisis: Análisis de amenazas
    Resultado: Completado
    Objetos analizados: 356307
    Tiempo transcurrido: 21 min, 21 seg

    Memoria: Activado
    Inicio: Activado
    Sistema de archivos: Activado
    Archivo: Activado
    Rootkits: Desactivado
    Heurística: Activado
    PUP: Activado
    PUM: Activado

    Procesos: 0
    (No hay elementos maliciosos detectados)

    Módulos: 0
    (No hay elementos maliciosos detectados)

    Claves del registro: 0
    (No hay elementos maliciosos detectados)

    Valores del registro: 0
    (No hay elementos maliciosos detectados)

    Datos del registro: 0
    (No hay elementos maliciosos detectados)

    Carpetas: 0
    (No hay elementos maliciosos detectados)

    Archivos: 2
    PUP.Optional.Wajam, C:\Users\EdgarOmar\AppData\Local\Setup Wizard\c593948d-cc90-4439-933e-6995731de1cf\wwe_1.58.1.36.exe, En cuarentena, [1f26114d4a4f96a07ccd528b99683ac6],
    PUP.Optional.WinYahoo, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi, En cuarentena, [e95c60fe2e6bc86e42479eb0da2a52ae],

    Sectores físicos: 0
    (No hay elementos maliciosos detectados)


    (end)

    ------------------------------------

    FRST log

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
    Ran by EdgarOmar (administrator) on COMPUPRINCIPAL (09-02-2016 01:35:03)
    Running from C:\Users\EdgarOmar\Downloads
    Loaded Profiles: EdgarOmar (Available Profiles: EdgarOmar)
    Platform: Windows 8.1 (X64) Language: Inglés (Estados Unidos)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
    (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
    (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
    (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
    (Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TosTogKeyMon.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
    (TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
    (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    (SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
    () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
    (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe
    (TOSHIBA CORPORATION) C:\Program Files\Toshiba\HDD Accelerator\THAccelSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)
    HKLM\...\Run: [SRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.)
    HKLM\...\Run: [TosTogKeyMon] => C:\Program Files\TOSHIBA\Hotkey\TosTogKeyMon.exe [2365792 2013-03-29] (TOSHIBA Corporation)
    HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
    HKLM\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [743336 2012-07-31] (TOSHIBA Corporation)
    HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
    HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
    HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
    HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
    HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
    HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
    HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2016-01-19] ()
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1611160 2011-03-28] (CANON INC.)
    HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
    HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-04] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [14960 2016-01-12] (Avira Operations GmbH & Co. KG)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2015-12-28] (SlySoft, Inc.)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [BingSvc] => C:\Users\EdgarOmar\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-22] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-21] (SUPERAntiSpyware)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\RunOnce: [Application Restart #2] => C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-re (the data entry has 613 more characters).

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{946EB574-F6DB-45B8-8F15-24183430BB30}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://bienvenido.toshiba.com?cid=J13
    hxxp://bienvenido.toshiba.com?cid=J13
    hxxp://bienvenido.toshiba.com?cid=J13
    hxxp://toshiba13.msn.com?pc=TNJB
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\20.6.0.27\IPS\IPSBHO.DLL => No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-31] (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-08-07] (FreeDownloadManager.ORG)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-31] (Oracle Corporation)

    FireFox:
    ========
    FF ProfilePath: C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
    FF DefaultSearchEngine: Google
    FF SearchEngineOrder.3: Bing
    FF Homepage: about:home
    FF Session Restore: -> is enabled.
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-31] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-31] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-11] ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
    FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\EdgarOmar\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]
    FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\EdgarOmar\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]
    FF SearchPlugin: C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\searchplugins\bing-.xml [2015-11-22]
    FF SearchPlugin: C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\searchplugins\yahoo-ysp.xml [2016-01-21]
    FF Extension: DownThemAll! - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06]
    FF Extension: S3.Google Translator - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\s3google@translator.xpi [2015-12-18]
    FF Extension: Greasemonkey - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-01-10]
    FF Extension: Ank Pixiv Tool - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\ankpixiv@snca.net.xpi [2016-02-08]
    FF Extension: Avira Browser Safety - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\abs@avira.com.xpi [2016-01-31]
    FF Extension: Ank Pixiv Tool - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\ankpixiv@snca.net.xpi [2015-12-23]
    FF Extension: Bing Search - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-22]
    FF Extension: Hola Better Internet - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2016-01-18]
    FF Extension: S3.Google Translator - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\s3google@translator.xpi [2015-12-18]
    FF Extension: Adblock Plus - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
    FF Extension: DownThemAll! - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06]
    FF Extension: Greasemonkey - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-01-10]
    FF Extension: Bing Search - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-22]
    FF Extension: Toshiba Defaults - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\defaults@toshiba.com [2016-01-28]
    FF Extension: Hola Better Internet - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2016-01-27]
    FF Extension: Adblock Plus - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
    FF HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.1
    FF Extension: Free Download Manager extension - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.1 [2016-01-28]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.google.co.jp/
    CHR NewTab: Default -> "chrome-extension://dfekdjmdikicceaiokcmmchenpilglhn/newtab.html"
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Presentaciones de Google) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-28]
    CHR Extension: (Rutor De Búsqueda De Archivos Torrent) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\agencljbacpfnclcbanachomfbeoilaa [2016-01-04]
    CHR Extension: (Google Docs) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-28]
    CHR Extension: (Google Drive) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
    CHR Extension: (Batch Image Downloader(ZIG Lite)) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedbigoemkinkepgmcmgnapjcahnedmn [2016-01-28]
    CHR Extension: (YouTube) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-28]
    CHR Extension: (Norton Security Toolbar) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-01-28]
    CHR Extension: (Búsqueda de Google) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
    CHR Extension: (Mainichi) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfekdjmdikicceaiokcmmchenpilglhn [2016-01-24]
    CHR Extension: (Tampermonkey) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-01-23]
    CHR Extension: (Hojas de cálculo de Google) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-28]
    CHR Extension: (Pixiv Downloader Free) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbkeopcpjainobjebddfcnnknmfipid [2016-01-25]
    CHR Extension: (Documentos de Google sin conexión) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
    CHR Extension: (Norton Identity Safe) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-11-11]
    CHR Extension: (Ugoira2GIF) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ionmgpeclkmpjkmfejilaihdegkjehfj [2016-01-03]
    CHR Extension: (IPA furigana) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnnbgnfnncobhklficfkdnclohaklifi [2016-01-04]
    CHR Extension: (PictureMate - View hidden pictures) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmlalkcjmglpgdkmkmmgjcajahkoigj [2015-11-11]
    CHR Extension: (Pixiv Downloader) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpfhmlbjibbcinophhcbmapjbhboodd [2015-12-19]
    CHR Extension: (Japanese Kanji Flashcards) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nadhjgmbonakiidhnbiijhbkgejpfhol [2016-01-24]
    CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-28]
    CHR Extension: (Gmail) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-28]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-04] (Avira Operations GmbH & Co. KG)
    S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
    R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-01-19] (Freemake) [File not signed]
    R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-01-19] (Ellora Assets Corp.) [File not signed]
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
    R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
    R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe [123320 2012-07-23] (Symantec Corporation)
    R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe [126392 2012-07-23] (Symantec Corporation)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [24224 2016-01-12] (Avira Operations GmbH & Co. KG)
    R2 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [214928 2013-10-17] (TOSHIBA CORPORATION)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-10-26] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-10-26] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
    R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
    R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-04] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-04] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-04] (Avira Operations GmbH & Co. KG)
    R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-10-26] (Microsoft Corporation)
    R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32768 2014-11-21] (Microsoft Corporation)
    R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
    R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
    R3 hidshim; C:\Windows\system32\DRIVERS\hidshim.sys [6656 2012-06-19] (Windows (R) Win 7 DDK provider)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
    R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
    R3 nuvotonhidcir; C:\Windows\system32\DRIVERS\nuvotonhidcir.sys [32256 2012-06-19] (Nuvoton Technology Corporation)
    R3 RtkBtFilter2; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [48856 2013-09-06] (Realtek Microelectronics)
    R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation )
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
    R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-10-26] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-10-26] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-10-26] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-09 01:35 - 2016-02-09 01:35 - 00030329 _____ C:\Users\EdgarOmar\Downloads\FRST.txt
    2016-02-09 01:30 - 2016-02-09 01:31 - 00000000 ____D C:\Users\EdgarOmar\Documents\Bookmarks 09 02 2016
    2016-02-09 01:30 - 2016-02-09 01:30 - 04105823 _____ C:\Users\EdgarOmar\Documents\bookmarks-2016-02-09.json
    2016-02-09 01:29 - 2016-02-09 01:29 - 00001599 _____ C:\Users\EdgarOmar\Documents\Malaware 2.txt
    2016-02-09 01:28 - 2016-02-09 01:28 - 00001121 _____ C:\Users\EdgarOmar\Documents\Malaware 1.txt
    2016-02-09 00:51 - 2016-02-09 01:26 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2016-02-09 00:51 - 2016-02-09 00:51 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-02-09 00:51 - 2016-02-09 00:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-02-09 00:51 - 2016-02-09 00:51 - 00000000 ____D C:\ProgramData\Malwarebytes
    2016-02-09 00:51 - 2016-02-09 00:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-02-09 00:51 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2016-02-09 00:51 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2016-02-09 00:51 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2016-02-09 00:44 - 2016-02-09 00:50 - 00000000 ____D C:\Users\EdgarOmar\Downloads\Nueva carpeta
    2016-02-09 00:11 - 2016-02-09 00:15 - 00006196 _____ C:\Users\EdgarOmar\Downloads\Fixlog.txt
    2016-02-08 23:58 - 2016-02-08 23:58 - 00001681 _____ C:\Users\EdgarOmar\Documents\adw.txt
    2016-02-08 18:55 - 2016-02-08 18:57 - 13817924 _____ C:\Users\EdgarOmar\Downloads\testdisk-7.1-WIP.win.zip
    2016-02-08 18:52 - 2016-02-08 18:54 - 08338384 _____ (The Eraser Project) C:\Users\EdgarOmar\Downloads\Eraser 6.2.0.2970.exe
    2016-02-08 11:23 - 2016-02-08 11:23 - 00164944 _____ C:\Users\EdgarOmar\Downloads\922370E2CF387E94D0212ED025C36C1D33BC64AE.torrent
    2016-02-08 11:03 - 2016-02-08 11:03 - 00001202 _____ C:\Users\EdgarOmar\Documents\JRT.txt
    2016-02-08 11:02 - 2016-02-08 11:02 - 00001202 _____ C:\Users\EdgarOmar\Desktop\JRT.txt
    2016-02-08 10:53 - 2016-02-09 00:00 - 00000000 ____D C:\AdwCleaner
    2016-02-08 10:22 - 2016-02-08 10:24 - 00000000 ____D C:\Users\EdgarOmar\Downloads\Junkware Removal Tool 8.0.2.0 Download
    2016-02-08 10:22 - 2016-02-08 10:22 - 00001131 _____ C:\Users\EdgarOmar\Documents\ank.txt
    2016-02-08 10:19 - 2016-02-08 10:20 - 00000000 ____D C:\Users\EdgarOmar\Downloads\AdwCleaner v5.033
    2016-02-07 02:17 - 2016-02-07 02:17 - 00018842 _____ C:\Users\EdgarOmar\Downloads\04381B5AA2FE660C5E4D31829CC732FFAF19CD12.torrent
    2016-02-07 02:08 - 2016-02-07 02:08 - 00030606 _____ C:\Users\EdgarOmar\Downloads\396A80C3ABC5615CEF06DDBA93AA791AD2119D11.torrent
    2016-02-06 20:04 - 2016-02-06 20:04 - 00012014 _____ C:\Users\EdgarOmar\Downloads\3FEFFA02A31B26A9AFFCDC2570AE587DD346F6AF.torrent
    2016-02-06 15:05 - 2016-02-06 15:05 - 00029180 _____ C:\Users\EdgarOmar\Downloads\C9B68B319B7BEBBAD4BF259B486C6F85A16C0D37.torrent
    2016-02-06 07:10 - 2016-02-06 07:10 - 00056388 _____ C:\Users\EdgarOmar\Downloads\4271F0AF89690CBC07AA0B752E0074DE6AC5D1C7.torrent
    2016-02-05 21:48 - 2016-02-05 21:48 - 00080347 _____ C:\Users\EdgarOmar\Downloads\9D7222D56904E0A56778A50EE9E548BE8F947C95.torrent
    2016-02-05 17:22 - 2016-02-05 17:22 - 00425833 _____ C:\Users\EdgarOmar\Downloads\[ENCRYPTED] message.pdf
    2016-02-05 08:33 - 2016-02-05 08:33 - 00022083 _____ C:\Users\EdgarOmar\Downloads\1C054491BCAB55502B3FE6BCBB68F8E95395242E.torrent
    2016-02-04 16:43 - 2016-02-04 16:45 - 00057201 _____ C:\Users\EdgarOmar\Downloads\Addition.txt
    2016-02-04 16:41 - 2016-02-09 01:35 - 00000000 ____D C:\FRST
    2016-02-04 16:41 - 2016-02-04 16:45 - 00066474 _____ C:\Users\EdgarOmar\Documents\FRST.txt
    2016-02-04 16:34 - 2016-02-04 16:34 - 02370560 _____ (Farbar) C:\Users\EdgarOmar\Downloads\FRST64.exe
    2016-02-04 13:38 - 2016-01-31 14:50 - 00450902 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160204-133825.backup
    2016-02-04 12:56 - 2016-02-08 10:49 - 00432030 _____ C:\WINDOWS\ntbtlog.txt
    2016-02-04 12:50 - 2016-02-04 12:51 - 06828320 _____ (Piriform Ltd) C:\Users\EdgarOmar\Downloads\ccsetup514.exe
    2016-02-03 22:09 - 2016-02-03 22:09 - 00000000 ____D C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com
    2016-02-02 20:47 - 2016-02-02 20:47 - 00014960 _____ C:\WINDOWS\System32\Tasks\Browser Updater Task(Core)
    2016-02-02 10:05 - 2016-02-03 22:07 - 1979711488 _____ C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com.part2.rar
    2016-02-01 02:05 - 2016-02-01 03:17 - 331191751 _____ C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com.part3.rar
    2016-01-31 14:50 - 2016-01-28 10:49 - 00450902 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160131-145040.backup
    2016-01-31 13:15 - 2016-01-31 13:15 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2016-01-31 13:15 - 2016-01-31 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-01-31 13:15 - 2016-01-31 13:15 - 00000000 ____D C:\Program Files (x86)\Java
    2016-01-31 13:06 - 2016-01-31 13:06 - 00643680 _____ (Oracle Corporation) C:\Users\EdgarOmar\Downloads\jxpiinstall.exe
    2016-01-31 12:59 - 2016-01-31 12:59 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Avira
    2016-01-31 03:42 - 2016-01-31 03:42 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Avira
    2016-01-31 02:40 - 2016-02-08 09:25 - 00000000 ____D C:\Users\Public\Speedup Sessions
    2016-01-31 02:40 - 2016-01-31 02:40 - 00001170 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
    2016-01-31 02:35 - 2015-12-04 07:38 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
    2016-01-31 02:35 - 2015-12-04 07:38 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
    2016-01-31 02:35 - 2015-12-04 07:38 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
    2016-01-31 02:35 - 2015-12-04 07:38 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
    2016-01-31 02:03 - 2016-01-31 02:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    2016-01-31 02:03 - 2016-01-31 02:03 - 00001241 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
    2016-01-31 02:02 - 2016-01-31 02:40 - 00000000 ____D C:\ProgramData\Avira
    2016-01-31 02:02 - 2016-01-31 02:40 - 00000000 ____D C:\Program Files (x86)\Avira
    2016-01-30 19:56 - 2016-01-30 19:58 - 05427168 _____ (Avira Operations GmbH & Co. KG) C:\Users\EdgarOmar\Downloads\avira_es_av_56ad699fbc940__ws1.exe
    2016-01-30 19:38 - 2016-01-31 13:28 - 00001988 _____ C:\Users\EdgarOmar\Desktop\SUPERAntiSpyware Free Edition.lnk
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\SUPERAntiSpyware.com
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2016-01-30 13:52 - 2016-01-30 13:57 - 24552952 _____ (SUPERAntiSpyware) C:\Users\EdgarOmar\Downloads\SUPERAntiSpyware.exe
    2016-01-30 11:08 - 2016-01-30 11:08 - 00010938 _____ C:\Users\EdgarOmar\Documents\Monjas maria.wlmp
    2016-01-30 00:57 - 2016-01-30 00:57 - 00000000 ____D C:\ProgramData\GRETECH
    2016-01-30 00:43 - 2016-01-30 00:52 - 00013205 _____ C:\Users\EdgarOmar\Documents\Yoko Tsuno 000.wlmp
    2016-01-29 07:00 - 2016-01-29 07:05 - 00001783 _____ C:\Users\EdgarOmar\Documents\links ugentes.txt
    2016-01-29 01:15 - 2016-01-30 13:27 - 1979711488 _____ C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com.part1.rar
    2016-01-28 23:36 - 2016-01-28 23:36 - 00001281 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
    2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
    2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
    2016-01-28 23:33 - 2016-01-28 23:33 - 00001228 _____ C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
    2016-01-28 23:33 - 2016-01-28 23:33 - 00001204 _____ C:\Users\Public\Desktop\GOM Player.lnk
    2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\GRETECH
    2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
    2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\Program Files (x86)\GRETECH
    2016-01-28 23:25 - 2016-01-28 23:26 - 01710680 _____ C:\Users\EdgarOmar\Downloads\SetupVirtualCloneDrive5500.exe
    2016-01-28 23:22 - 2016-01-28 23:27 - 23021376 _____ (Gretech Corporation) C:\Users\EdgarOmar\Downloads\GOMPLAYERESSETUP.EXE
    2016-01-28 23:17 - 2016-01-28 23:17 - 00000000 ____D C:\Users\EdgarOmar\Downloads\sddm-003_jav-only.com
    2016-01-28 22:16 - 2016-01-28 23:17 - 277042267 _____ C:\Users\EdgarOmar\Downloads\sddm-003_jav-only.com.rar
    2016-01-28 21:50 - 2016-01-30 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2016-01-28 21:04 - 2016-01-28 21:11 - 00000000 ____D C:\Users\EdgarOmar\Documents\Session back ups mientras
    2016-01-28 20:30 - 2016-01-30 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2016-01-28 20:30 - 2016-01-28 20:30 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2016-01-28 20:30 - 2016-01-28 20:30 - 00001174 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2016-01-28 20:22 - 2016-01-28 20:28 - 43160576 _____ C:\Users\EdgarOmar\Downloads\Firefox-Setup-42.0-2-toshiba-download-MX.exe
    2016-01-28 10:49 - 2016-01-23 12:34 - 00450849 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160128-104900.backup
    2016-01-28 00:34 - 2016-02-04 12:52 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2016-01-28 00:34 - 2016-01-28 00:34 - 00002810 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
    2016-01-28 00:34 - 2016-01-28 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2016-01-28 00:34 - 2016-01-28 00:34 - 00000000 ____D C:\Program Files\CCleaner
    2016-01-28 00:13 - 2016-02-08 22:32 - 00003614 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2814885961-1482200991-1285302695-1001
    2016-01-28 00:08 - 2016-01-28 00:08 - 00000000 ____D C:\Users\EdgarOmar\Documents\Marcadores Chrome Enero 2016
    2016-01-28 00:07 - 2016-01-28 00:12 - 00000000 ____D C:\Users\EdgarOmar\Documents\Marcadores Firefox 28 Enero 2016
    2016-01-27 19:10 - 2016-01-30 01:16 - 00036018 _____ C:\Users\EdgarOmar\Documents\Monjas.wlmp
    2016-01-27 07:57 - 2016-01-27 07:57 - 00095870 _____ C:\Users\EdgarOmar\Downloads\SVDVD-514 金髪英語教師イジメ.torrent
    2016-01-27 07:40 - 2016-01-27 07:40 - 00001442 _____ C:\Users\EdgarOmar\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} [山野一] どぶさらい劇場.zip.torrent
    2016-01-27 07:38 - 2016-01-27 07:38 - 00041412 _____ C:\Users\EdgarOmar\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} Mitru - Black Lotus 1-6.zip.torrent
    2016-01-25 20:50 - 2016-01-25 20:52 - 06805440 _____ (Piriform Ltd) C:\Users\EdgarOmar\Downloads\ccsetup513.exe
    2016-01-23 15:34 - 2013-05-09 11:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\EdgarOmar\Downloads\HijackThis.exe
    2016-01-23 12:34 - 2016-01-23 12:33 - 00450849 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160123-123441.backup
    2016-01-23 12:33 - 2016-01-12 23:58 - 00450771 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160123-123353.backup
    2016-01-23 09:45 - 2016-01-23 09:46 - 00000000 ____D C:\Users\Public\Documents\dmp
    2016-01-23 09:45 - 2016-01-23 09:45 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Setup Wizard
    2016-01-22 08:50 - 2016-01-22 09:04 - 00000000 ____D C:\Users\EdgarOmar\girls-from-the-back
    2016-01-22 08:35 - 2016-01-22 08:49 - 00000000 ____D C:\Users\EdgarOmar\homemade amateur anal
    2016-01-22 08:29 - 2016-01-22 08:32 - 00000000 ____D C:\Users\EdgarOmar\Pictures Ebony degrading bdsm
    2016-01-21 20:12 - 2016-01-21 20:12 - 00371079 _____ C:\Users\EdgarOmar\Downloads\4325001_NACIONAL_20151218.pdf
    2016-01-21 20:07 - 2016-01-21 20:07 - 00423581 _____ C:\Users\EdgarOmar\Downloads\4325001_NACIONAL_20160120.pdf
    2016-01-19 20:12 - 2016-01-19 20:12 - 00000222 _____ C:\Users\EdgarOmar\Desktop\GUILTY GEAR XX ACCENT CORE PLUS R.url
    2016-01-19 20:11 - 2016-01-19 20:11 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Fairy Fencer F.url
    2016-01-19 09:33 - 2016-01-19 09:33 - 00000222 _____ C:\Users\EdgarOmar\Desktop\AKIBA'S TRIP Undead & Undressed.url
    2016-01-19 00:54 - 2016-01-19 00:54 - 00000220 _____ C:\Users\EdgarOmar\Desktop\BioShock Infinite.url
    2016-01-18 19:15 - 2016-01-18 19:15 - 00000222 _____ C:\Users\EdgarOmar\Desktop\NEKOPARA Vol. 1.url
    2016-01-18 18:18 - 2016-01-18 18:18 - 00000222 _____ C:\Users\EdgarOmar\Desktop\NEKOPARA Vol. 0.url
    2016-01-18 09:09 - 2016-01-18 09:11 - 12444088 _____ C:\Users\EdgarOmar\Downloads\testdisk-7.0.win.zip
    2016-01-18 09:05 - 2016-01-18 09:05 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Mugen Souls.url
    2016-01-16 16:59 - 2016-01-16 17:02 - 12593584 _____ C:\Users\EdgarOmar\Downloads\SetupAnyDVD7680.exe
    2016-01-16 15:00 - 2016-01-16 15:00 - 00000222 _____ C:\Users\EdgarOmar\Desktop\THE KING OF FIGHTERS XIII STEAM EDITION.url
    2016-01-16 11:38 - 2016-01-16 11:38 - 00000222 _____ C:\Users\EdgarOmar\Desktop\THE KING OF FIGHTERS 2002 UNLIMITED MATCH.url
    2016-01-15 23:05 - 2016-01-15 23:05 - 00000222 _____ C:\Users\EdgarOmar\Desktop\THE KING OF FIGHTERS '98 ULTIMATE MATCH FINAL EDITION.url
    2016-01-15 20:36 - 2016-01-15 20:36 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Mitsurugi Kamui Hikae.url
    2016-01-15 08:40 - 2016-01-15 08:40 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Vanguard Princess.url
    2016-01-15 00:43 - 2016-01-15 00:43 - 00000222 _____ C:\Users\EdgarOmar\Desktop\BlazBlue Calamity Trigger.url
    2016-01-14 19:19 - 2016-01-14 19:19 - 00000220 _____ C:\Users\EdgarOmar\Desktop\Garry's Mod.url
    2016-01-14 17:54 - 2016-01-14 17:54 - 00000222 _____ C:\Users\EdgarOmar\Desktop\SONIC THE HEDGEHOG 4 Episode II.url
    2016-01-14 16:00 - 2016-01-14 16:00 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Sakura Spirit.url
    2016-01-13 16:37 - 2016-01-13 16:37 - 00095848 _____ (Elaborate Bytes AG) C:\WINDOWS\SysWOW64\ElbyCDIO.dll
    2016-01-13 08:08 - 2015-12-10 22:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-01-13 08:08 - 2015-12-10 21:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-01-13 08:08 - 2015-12-10 21:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-01-13 08:08 - 2015-12-10 20:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2016-01-13 08:07 - 2015-12-10 22:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2016-01-13 08:07 - 2015-12-10 21:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2016-01-13 08:07 - 2015-12-10 21:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2016-01-13 08:07 - 2015-12-10 21:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2016-01-13 08:07 - 2015-12-10 21:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2016-01-13 08:07 - 2015-12-10 21:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2016-01-13 08:07 - 2015-12-10 21:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-01-13 08:07 - 2015-12-10 20:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-01-13 08:07 - 2015-12-10 20:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2016-01-13 08:07 - 2015-12-10 20:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-01-13 08:07 - 2015-12-10 20:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2016-01-13 08:07 - 2015-12-10 20:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-01-13 08:07 - 2015-12-10 20:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-01-13 08:07 - 2015-12-10 20:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2016-01-13 08:07 - 2015-12-10 20:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-01-13 08:07 - 2015-12-10 20:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-01-13 08:07 - 2015-12-10 20:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
    2016-01-13 08:05 - 2015-12-03 12:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
    2016-01-13 08:05 - 2015-12-03 12:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
    2016-01-13 08:05 - 2015-12-03 12:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
    2016-01-13 08:05 - 2015-12-03 12:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
    2016-01-13 08:05 - 2015-12-03 12:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
    2016-01-13 08:05 - 2015-12-03 11:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
    2016-01-13 08:05 - 2015-12-03 11:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
    2016-01-13 08:05 - 2015-12-03 11:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
    2016-01-13 08:05 - 2015-12-03 11:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
    2016-01-13 08:05 - 2015-12-03 11:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
    2016-01-13 08:05 - 2015-12-03 11:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
    2016-01-13 08:05 - 2015-12-03 11:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
    2016-01-13 08:05 - 2015-12-03 11:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
    2016-01-13 08:05 - 2015-12-03 11:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
    2016-01-13 08:05 - 2015-12-03 11:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
    2016-01-13 08:05 - 2015-12-03 10:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
    2016-01-13 08:05 - 2015-12-03 10:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
    2016-01-13 08:05 - 2015-12-02 09:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
    2016-01-13 08:05 - 2015-12-02 09:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
    2016-01-13 08:04 - 2015-12-30 13:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-01-13 08:04 - 2015-12-30 13:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2016-01-13 08:04 - 2015-12-30 13:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2016-01-13 08:04 - 2015-12-09 18:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-01-13 08:04 - 2015-12-07 04:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2016-01-13 08:04 - 2015-12-04 09:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2016-01-13 08:04 - 2015-12-03 13:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-01-13 08:04 - 2015-12-03 13:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2016-01-13 08:04 - 2015-12-03 13:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
    2016-01-13 08:04 - 2015-12-03 13:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
    2016-01-13 08:04 - 2015-12-03 13:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-01-13 08:04 - 2015-12-03 12:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2016-01-13 08:04 - 2015-12-03 12:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
    2016-01-13 08:04 - 2015-12-03 12:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
    2016-01-13 08:04 - 2015-12-03 12:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2016-01-13 08:04 - 2015-12-03 12:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2016-01-13 08:04 - 2015-12-03 11:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2016-01-13 08:04 - 2015-12-03 11:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
    2016-01-13 08:04 - 2015-12-03 11:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-01-13 08:04 - 2015-12-03 11:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2016-01-13 08:04 - 2015-12-03 10:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-01-13 08:00 - 2015-12-08 13:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
    2016-01-13 08:00 - 2015-12-08 13:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
    2016-01-12 23:58 - 2015-12-20 23:15 - 00450771 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160112-235846.backup
    2016-01-10 11:07 - 2016-01-10 13:02 - 419430400 _____ C:\Users\EdgarOmar\Downloads\quesn21.part1.rar

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-09 01:27 - 2015-10-25 18:49 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2814885961-1482200991-1285302695-1001
    2016-02-09 01:23 - 2015-10-26 11:35 - 00000000 ___RD C:\Users\EdgarOmar\OneDrive
    2016-02-09 01:21 - 2013-08-22 08:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-02-09 01:19 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\L2Schemas
    2016-02-09 01:19 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Inf
    2016-02-09 01:19 - 2013-08-22 07:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
    2016-02-09 01:08 - 2015-11-09 09:32 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-02-09 00:18 - 2015-11-09 18:44 - 00000008 __RSH C:\ProgramData\ntuser.pol
    2016-02-09 00:12 - 2015-12-19 16:15 - 00000000 ____D C:\Users\EdgarOmar\AppData\LocalLow\Temp
    2016-02-09 00:12 - 2013-08-22 09:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2016-02-09 00:12 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
    2016-02-08 22:27 - 2015-10-28 22:58 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E0E359C8-833A-4B56-A975-1D3CEE2940A4}
    2016-02-08 19:09 - 2015-11-09 13:30 - 00808790 _____ C:\WINDOWS\system32\perfh00A.dat
    2016-02-08 19:09 - 2015-11-09 13:30 - 00166676 _____ C:\WINDOWS\system32\perfc00A.dat
    2016-02-08 19:09 - 2014-11-21 02:44 - 01833224 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-02-08 18:36 - 2015-11-19 20:43 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\vlc
    2016-02-08 17:44 - 2015-11-15 01:47 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-02-08 17:13 - 2015-11-09 18:43 - 00000000 ____D C:\ProgramData\TEMP
    2016-02-08 17:13 - 2015-11-09 18:43 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
    2016-02-08 17:12 - 2015-11-17 20:09 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Azureus
    2016-02-08 11:24 - 2015-11-17 20:09 - 00000000 ____D C:\Users\EdgarOmar\Documents\Vuze Downloads
    2016-02-08 09:23 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-02-07 02:47 - 2015-11-10 10:37 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Free Download Manager
    2016-02-05 22:53 - 2015-12-02 23:23 - 00000000 ____D C:\ProgramData\CanonIJPLM
    2016-02-05 19:18 - 2015-10-29 08:57 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\CrashDumps
    2016-02-05 17:08 - 2015-12-27 10:06 - 00003116 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2814885961-1482200991-1285302695-1001
    2016-02-04 12:38 - 2012-11-14 20:32 - 00000000 ____D C:\ProgramData\Norton
    2016-02-04 12:38 - 2012-11-14 20:32 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
    2016-02-04 12:09 - 2013-08-22 07:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
    2016-02-04 12:09 - 2012-07-26 02:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
    2016-02-03 20:46 - 2015-12-06 00:55 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\CDisplayEx
    2016-01-31 19:46 - 2015-11-09 01:24 - 29189120 ___SH C:\Users\EdgarOmar\Downloads\Thumbs.db
    2016-01-31 13:17 - 2015-12-10 12:02 - 00000000 ____D C:\ProgramData\Oracle
    2016-01-31 12:54 - 2013-08-22 08:44 - 00482384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-01-31 02:02 - 2015-10-29 09:11 - 00000000 ____D C:\ProgramData\Package Cache
    2016-01-30 20:41 - 2015-11-15 19:59 - 00001351 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
    2016-01-30 20:41 - 2015-11-15 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
    2016-01-28 23:47 - 2015-11-15 20:06 - 00001363 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
    2016-01-28 00:45 - 2015-10-28 23:34 - 00000000 ____D C:\Program Files (x86)\Google
    2016-01-28 00:39 - 2015-10-29 11:49 - 00000000 ____D C:\WINDOWS\Minidump
    2016-01-28 00:39 - 2015-10-26 11:51 - 00000000 ___DC C:\WINDOWS\Panther
    2016-01-27 21:58 - 2015-11-15 10:00 - 00000000 ____D C:\Users\EdgarOmar\Documents\Movie Studio Platinum - Steam Powered 13.0 Proyectos
    2016-01-23 16:00 - 2015-11-09 21:16 - 00001312 _____ C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux Player.lnk
    2016-01-23 16:00 - 2015-11-09 21:16 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Flux Player
    2016-01-23 09:31 - 2015-11-22 11:06 - 00000000 ____D C:\Program Files (x86)\freac
    2016-01-23 09:30 - 2013-08-22 09:36 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-01-23 09:26 - 2015-11-16 19:15 - 00000000 ____D C:\Users\EdgarOmar\Documents\My Kindle Content
    2016-01-23 09:24 - 2015-11-24 10:41 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Audacity
    2016-01-23 09:03 - 2015-10-26 11:03 - 00000000 ____D C:\Users\EdgarOmar
    2016-01-21 23:14 - 2015-11-17 20:08 - 00000000 ____D C:\Users\EdgarOmar\.oracle_jre_usage
    2016-01-20 00:16 - 2015-11-09 09:32 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2016-01-19 20:12 - 2015-11-15 02:22 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2016-01-15 19:30 - 2015-10-29 12:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
    2016-01-13 20:50 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\rescache
    2016-01-13 20:48 - 2015-11-24 11:19 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2016-01-13 20:48 - 2015-11-24 11:19 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2016-01-13 18:07 - 2015-10-29 09:41 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-01-13 18:07 - 2014-11-21 09:56 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
    2016-01-13 18:07 - 2012-07-26 01:59 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-01-13 08:25 - 2015-11-22 11:26 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2016-01-13 08:25 - 2015-11-22 11:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2016-01-13 08:24 - 2015-11-22 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2016-01-13 08:21 - 2015-10-28 23:51 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-01-13 08:15 - 2015-10-28 23:51 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-01-13 08:15 - 2013-08-22 07:25 - 00000167 _____ C:\WINDOWS\win.ini
    2016-01-12 11:32 - 2012-07-26 02:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2016-01-11 00:48 - 2016-01-04 20:59 - 00000000 ____D C:\Users\EdgarOmar\Documents\Anki

    ==================== Files in the root of some directories =======

    2015-12-18 23:48 - 2015-12-18 23:53 - 0007597 _____ () C:\Users\EdgarOmar\AppData\Local\Resmon.ResmonCfg
    2015-11-15 01:35 - 2015-11-15 01:35 - 0000040 ___SH () C:\ProgramData\.zreglib

    Some files in TEMP:
    ====================
    C:\Users\EdgarOmar\AppData\Local\Temp\avgnt.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-02-05 08:40

    ==================== End of FRST.txt ============================

    -------------------------------------------------------

    Adddition log

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
    Ran by EdgarOmar (2016-02-09 01:35:53)
    Running from C:\Users\EdgarOmar\Downloads
    Windows 8.1 (X64) (2015-10-26 17:30:51)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2814885961-1482200991-1285302695-500 - Administrator - Disabled)
    EdgarOmar (S-1-5-21-2814885961-1482200991-1285302695-1001 - Administrator - Enabled) => C:\Users\EdgarOmar
    Guest (S-1-5-21-2814885961-1482200991-1285302695-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2814885961-1482200991-1285302695-1005 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 15.08 beta (HKLM-x32\...\7-Zip) (Version: 15.08 - Igor Pavlov)
    99 Spirits (HKLM-x32\...\Steam App 258090) (Version: - TORaIKI)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
    AKIBA'S TRIP: Undead & Undressed (HKLM-x32\...\Steam App 333980) (Version: - ACQUIRE Corp.)
    Amazon Kindle (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Amazon Kindle) (Version: 1.13.0.42039 - Amazon)
    Anki (HKLM-x32\...\Anki) (Version: - )
    AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.7.0 - SlySoft)
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.6 - Atheros Communications Inc.)
    Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
    Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
    Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
    Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
    BlazBlue: Calamity Trigger (HKLM-x32\...\Steam App 263300) (Version: - Arc System Works)
    Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
    Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
    Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - )
    Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
    Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
    Cheetah Audio Converter (HKLM-x32\...\{B1914510-38B5-4835-83D8-A188073E542F}) (Version: - )
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Double Dragon Trilogy (HKLM-x32\...\Steam App 314150) (Version: - DotEmu)
    Fairy Fencer F (HKLM-x32\...\Steam App 347830) (Version: - Idea Factory)
    FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
    FINAL FANTASY III (HKLM-x32\...\Steam App 239120) (Version: - Square Enix)
    FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)
    FINAL FANTASY VIII (HKLM-x32\...\Steam App 39150) (Version: - SQUARE ENIX)
    Flux Player (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Flux Player) (Version: 4.6.3.4647 - )
    FLV-Media-Player (HKLM-x32\...\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}) (Version: 2.0.3.2520 - HYBRIDWEB.de)
    Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32 - WildTangent) Hidden
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
    GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.76.5239 - Gretech Corporation)
    Guilty Gear X2 #Reload (HKLM-x32\...\Steam App 314030) (Version: - Arc System Works)
    GUILTY GEAR XX ACCENT CORE PLUS R (HKLM-x32\...\Steam App 348550) (Version: - Arc System Works)
    If My Heart Had Wings (HKLM-x32\...\Steam App 326480) (Version: - Moenovel)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
    Magical Battle Festa (HKLM-x32\...\Steam App 292480) (Version: - Fly System)
    Mahjong Pretty Girls Battle (HKLM-x32\...\Steam App 338060) (Version: - Zoo Corporation)
    Malwarebytes Anti-Malware versión 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Mayjasmine episode01 What is God? 五月茉莉 (HKLM-x32\...\Steam App 417110) (Version: - Erotes studio)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
    Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\OneDriveSetup.exe) (Version: 17.3.6301.0127 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mitsurugi Kamui Hikae (HKLM-x32\...\Steam App 263620) (Version: - Zenith Blue)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Movie Studio 13 Platinum - Steam Powered (HKLM-x32\...\Steam App 330070) (Version: - Sony Creative Software)
    Movie Studio Platinum 13.0 - Steam Powered (64-bit) (HKLM\...\{1F7DB38F-51AA-11E5-8729-001E4FC0A7E5}) (Version: 13.0.957 - Sony)
    Mozilla Firefox 44.0 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 es-MX)) (Version: 44.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.0.5866 - Mozilla)
    Mugen Souls (HKLM-x32\...\Steam App 389870) (Version: - Idea Factory)
    MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
    NEKOPARA Vol. 0 (HKLM-x32\...\Steam App 385800) (Version: - NEKO WORKs)
    NEKOPARA Vol. 1 (HKLM-x32\...\Steam App 333600) (Version: - NEKO WORKs)
    Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
    Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
    Norton PC Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.18.15 - Symantec Corporation)
    Norton Security Dashboard (HKLM-x32\...\NortonSD) (Version: 1.1.1.9 - Symantec Corporation)
    Nuvoton CIR Device Drivers (HKLM-x32\...\{096C6EA4-738C-4A01-BB98-45B93B6B9B34}) (Version: 8.60.5001 - Nuvoton Technology Corporation)
    NWZ-E340 WALKMAN Guide (HKLM-x32\...\{E33956B7-301C-429D-9E6C-2C12EACB8A62}) (Version: 2.0.00.07010 - Sony Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 9.0.15.60 - Electronic Arts, Inc.)
    Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.28.2013.0912 - REALTEK Semiconductor Corp)
    Realtek Bluetooth Filter Driver Package (x32 Version: 12.28.2013.0912 - REALTEK Semiconductor Corp) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6743 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
    REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
    Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
    Sakura Angels (HKLM-x32\...\Steam App 342380) (Version: - Winged Cloud)
    Sakura Spirit (HKLM-x32\...\Steam App 313740) (Version: - Winged Cloud)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Skullgirls (HKLM-x32\...\Steam App 245170) (Version: - Lab Zero Games)
    Skullgirls ∞Endless Beta∞ (HKLM-x32\...\Steam App 208610) (Version: - )
    Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
    Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
    SONIC THE HEDGEHOG 4 Episode II (HKLM-x32\...\Steam App 203650) (Version: - SEGA)
    SP Player (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\3332097300.wspr.webstream.ne.jp) (Version: - wspr.webstream.ne.jp)
    SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com)
    THE KING OF FIGHTERS 2002 UNLIMITED MATCH (HKLM-x32\...\Steam App 222440) (Version: - Code Mystics)
    THE KING OF FIGHTERS '98 ULTIMATE MATCH FINAL EDITION (HKLM-x32\...\Steam App 222420) (Version: - Code Mystics)
    THE KING OF FIGHTERS XIII STEAM EDITION (HKLM-x32\...\Steam App 222940) (Version: - SNK Playmore)
    The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
    Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
    TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
    Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
    TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
    TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
    TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
    TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.2.0000 - Toshiba Corporation)
    TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v1.0.0.11 - TOSHIBA Corporation)
    TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
    TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
    TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
    TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1013.0 - TOSHIBA CORPORATION)
    TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)
    TOSHIBA Service Station (HKLM\...\{63E575B6-BEF3-4DE7-823E-508837914157}) (Version: 2.6.16.0 - Toshiba Corporation)
    TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
    TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
    TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
    TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.49.124 - Toshiba Corporation)
    TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
    Transfer Utility LE (HKLM-x32\...\{F2C2709B-FB3D-458C-B12E-9AAA5EDCA670}) (Version: 1.02.126 - PIXELA)
    Tsukumogami (HKLM-x32\...\Steam App 262300) (Version: - TORaIKI)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
    Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version: - SEGA)
    Vanguard Princess (HKLM-x32\...\Steam App 262150) (Version: - Tomoaki Sugeno)
    Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
    VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.0.0 - Azureus Software, Inc.)
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
    WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Winged Sakura: Mindy's Arc (HKLM-x32\...\Steam App 331390) (Version: - WINGED SAKURA GAMES)
    WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
    WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
    zkanji v0.731 (HKLM-x32\...\zkanji) (Version: 0.731 - Sólyom Zoltán)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {04ADC3C3-E948-470E-A204-C8D7CEC8457B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
    Task: {0B66AC13-A7D3-4619-8CD0-7B75EF4946B4} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
    Task: {34D73491-BBFD-4BD2-9B29-2EEAC6E759CA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
    Task: {4DA46886-ED67-4B3C-BF66-B275D5924C28} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {4E76AAE9-6AA7-4D38-AE9D-BA258E324177} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\SearchesToYesbnd\BrowserUpdate.exe
    Task: {53F6790C-E9B6-4F18-9EE0-FD71AFFDD354} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {5A4C151D-0EA0-465C-B802-BFFFB620BE4F} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2814885961-1482200991-1285302695-1001 => C:\Users\EdgarOmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-05] (Microsoft Corporation)
    Task: {6D1E8C1C-D346-4F80-B02A-5A2B5F1EBA8C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
    Task: {6F622176-1D81-49F7-8BA3-BC5B06FB1A55} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
    Task: {73F915B8-2867-412C-96CE-01C3534FB79D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {86BB7B38-2C05-457D-958F-D4DFEF2A6AA0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
    Task: {8FA2E5C1-E289-4F06-BED6-E6CC3D68DA01} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
    Task: {AB1EF200-AD74-4A5E-A602-55CB562D0B40} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2814885961-1482200991-1285302695-1001
    Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
    Task: {E1176BD7-B13E-4197-A939-C20B648812EA} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
    Task: {E68AADD1-99BF-4781-8BE9-DF5891F22F16} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
    Task: {E79E6EDA-6CE9-4504-AE1C-0F7D030D33A9} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2016-01-06] (Symantec Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2013-11-04 20:22 - 2013-11-04 20:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2012-03-16 17:24 - 2012-03-16 17:24 - 00091520 _____ () C:\Program Files\Toshiba\Hotkey\fsHid.dll
    2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
    2016-01-15 14:45 - 2016-01-15 14:45 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
    2014-09-29 18:51 - 2014-09-29 18:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
    2015-11-15 19:59 - 2016-01-19 16:51 - 00073216 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
    2015-11-24 09:43 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2015-11-24 09:43 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2015-11-24 09:43 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2015-11-24 09:43 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2015-11-24 09:43 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2015-10-25 18:30 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0Scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1 Domains Technology Blog
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> 123Movies - Watch Free Movies Streaming Online Now
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> WebMD - Better information. Better health.

    There are 7871 more sites.

    IE trusted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\hola.org -> hxxp://hola.org
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0411dd.com -> 0411dd.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0511zfhl.com -> 0511zfhl.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0632qyw.com -> 0632qyw.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0scan.com -> 0Scan.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\1-2005-search.com -> www.1-2005-search.com

    There are 12688 more sites.


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 07:25 - 2016-02-04 13:38 - 00450954 ____R C:\WINDOWS\system32\Drivers\etc\hosts

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 0Scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com
    127.0.0.1 123Movies - Watch Free Movies Streaming Online Now

    There are 15469 more lines.


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\EdgarOmar\Pictures\ふたなり尼さん&シスター噴水化 - 盲 - mekuranoookami - 盲 (43663952) .png
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
    HKLM\...\StartupApproved\Run: => "TRCMan"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "Free Download Manager"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "Steam"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "BingSvc"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{8B1E83F2-8938-4D69-9892-B46557ED97A4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{BF17192A-69C1-46A6-8845-73AF0CDABA61}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{FD4FD112-E952-4DB1-A9A6-5D7D7979728A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{21AD685C-C04D-46CC-9E35-6E0E17FD3CD0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{D2A62EE1-6218-41CD-B858-052FFEB272B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Dragon Trilogy\ddtrilogy.exe
    FirewallRules: [{BBFE0A6D-43D4-4690-B74C-03DD2AAF7004}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Dragon Trilogy\ddtrilogy.exe
    FirewallRules: [{05FFDD24-12C8-4E78-8770-88D7ADAB0E03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\99 Spirits.eXe
    FirewallRules: [{F664761F-9C4B-4954-9F5C-1AFB8802D4BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\99 Spirits.eXe
    FirewallRules: [{AF7F4627-7BFD-43A7-BF67-5998637E0135}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\English\Cage of Night.eXe
    FirewallRules: [{652E0083-A01A-4DF4-9736-2D54B8104E56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\English\Cage of Night.eXe
    FirewallRules: [{88162000-2730-4BDB-8947-87C672C1E79E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\Japanese\Cage of Night.eXe
    FirewallRules: [{987C4DB4-386B-465B-A9B0-F406D7D56D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\Japanese\Cage of Night.eXe
    FirewallRules: [{2D663A92-4654-446E-A6EE-066C4B013F3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\English\Weeping Demon's Bell.exe
    FirewallRules: [{1740F828-61F8-4AF8-8727-1E102E27A84A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\English\Weeping Demon's Bell.exe
    FirewallRules: [{371F1338-7070-4FB1-A5A6-EDC82403D35F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\Japanese\Weeping Demon's Bell.eXe
    FirewallRules: [{AB0D7300-ED76-4496-BD02-A07A05AFA09D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\Japanese\Weeping Demon's Bell.eXe
    FirewallRules: [TCP Query User{406715A4-57CF-4809-960C-9FE57C1F4936}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
    FirewallRules: [UDP Query User{AEBEC90A-AD0B-4B28-AC41-6A1EADCCE616}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
    FirewallRules: [{8371D454-323F-479D-B329-659486679A7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Winged Sakura Mindy's Arc\Winged Sakura Mindy's Arc.exe
    FirewallRules: [{37A1660E-8423-45C3-AD3A-6F8E67FE1655}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Winged Sakura Mindy's Arc\Winged Sakura Mindy's Arc.exe
    FirewallRules: [{4CCE3B66-6178-47FE-B13E-7BC6EBD6E29E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\ggx2.exe
    FirewallRules: [{396B0823-BED0-44B6-BE3C-6590E47ACA92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\ggx2.exe
    FirewallRules: [{433AA74E-3B88-44E8-A1A7-7A4194572516}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\config.exe
    FirewallRules: [{59226E7A-90A0-4C7B-BF97-B5BA8DDB3E8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\config.exe
    FirewallRules: [{8B661167-DBFF-4705-960D-0BF610CD8B02}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{95E0B624-2F9C-460B-B190-13E3693B5A90}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{54D11142-D95A-450E-AA48-FA800F77BE9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
    FirewallRules: [{BBD62464-0660-4B29-8213-71C0AF931E6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
    FirewallRules: [{5E181127-4239-4358-A50D-7F28D6F2D73B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\If My Heart Had Wings\AdvHD.exe
    FirewallRules: [{F3D8FFF9-89CD-4E25-A4B9-4F858CF155CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\If My Heart Had Wings\AdvHD.exe
    FirewallRules: [{D9475FE4-E7A8-41EE-A8CA-7144F7E2BC2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe
    FirewallRules: [{27D966B1-CDA3-404F-BCED-B9CBF9ECAB6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe
    FirewallRules: [{E3F67565-E217-4294-AB17-C1E97C3573D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magical Battle Festa\MBF.exe
    FirewallRules: [{214FBB4A-1C74-4905-A613-82B621131E4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magical Battle Festa\MBF.exe
    FirewallRules: [{EB569148-4339-4F62-85D4-A138966EB6B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MahJong Nagomi\MahjongPrettyGirlsBattle.exe
    FirewallRules: [{78064255-6A96-43A6-9DBF-1CE5E90C3E6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MahJong Nagomi\MahjongPrettyGirlsBattle.exe
    FirewallRules: [{616BFCD6-85E6-4429-9308-68A86E2AEF8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Angels\Sakura Angels.exe
    FirewallRules: [{AFB64DA5-53DA-4A16-A917-300C98BB95C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Angels\Sakura Angels.exe
    FirewallRules: [{51E3B544-AD37-4033-8D56-AFD0AED36D22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tsukumogami\99 Spirits.eXe
    FirewallRules: [{3409CA83-75E4-4A38-8924-BD555B96DCBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tsukumogami\99 Spirits.eXe
    FirewallRules: [{89EFAED1-54D7-483B-A1AE-50AF2DC69E49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe
    FirewallRules: [{F476C585-A9BE-46D3-9443-59A971DA3680}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe
    FirewallRules: [{1D115DDB-0338-4DDB-8FD6-172F05A002BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
    FirewallRules: [{B49777DB-0C3F-419E-A8BE-4548FA886EE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
    FirewallRules: [{8BFCAA61-2162-401F-A63E-75EA7AD4162B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
    FirewallRules: [{8A49A800-0E30-4642-A327-7A08FFB2323C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
    FirewallRules: [{C0190BF5-85BD-489B-ADAA-1CBD4251AB37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
    FirewallRules: [{24D6DFED-126A-401C-814C-159ED75D841A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
    FirewallRules: [{C6ADC445-B60A-412E-8E08-BCF97504AA56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\FF3_Launcher.exe
    FirewallRules: [{FEB757E0-DCA2-442C-AD0C-251F3B07D765}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\FF3_Launcher.exe
    FirewallRules: [{35FB39D5-6ED1-497E-884A-C806635866E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VIII\FF8_Launcher.exe
    FirewallRules: [{1C5B2C5D-CA2D-437F-BBB8-C8F091788980}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VIII\FF8_Launcher.exe
    FirewallRules: [{48634DAC-DB4A-477D-9D7B-4AA38F4B4BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
    FirewallRules: [{375E61A0-F3DD-46A4-9E82-4550B68ECB42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
    FirewallRules: [{984E1D84-7BF3-433C-A3F4-7664CEE2E888}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mayjasmine episode01 What is God\jasmine.eXe
    FirewallRules: [{D75A55C6-C6F5-4870-8FE2-EC231046275B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mayjasmine episode01 What is God\jasmine.eXe
    FirewallRules: [{00601D9D-2EBE-46A6-90F7-DCEE6044664A}] => (Allow) C:\Users\EdgarOmar\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{9F0B532E-58A4-4F7E-9021-9CAB34008662}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{CB0CD99B-25AB-4D04-85D9-656F24862DCE}] => (Allow) LPort=2869
    FirewallRules: [{6E31655B-4E6F-4780-9188-E0548AB09E31}] => (Allow) LPort=1900
    FirewallRules: [{D16E5456-C7EE-496D-95A2-1806EB5E8A9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Spirit\Sakura Spirit.exe
    FirewallRules: [{450A9D74-01F2-48B4-8D1F-90B1889073F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Spirit\Sakura Spirit.exe
    FirewallRules: [{490DC05A-9BBC-4321-A427-F6F950005AEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic the Hedgehog 4 - EP 2\Launcher.exe
    FirewallRules: [{083791C3-7014-4E34-B40F-7742F662ACF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic the Hedgehog 4 - EP 2\Launcher.exe
    FirewallRules: [{6735D8F3-B332-48D7-8D7E-7AC5507B1575}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
    FirewallRules: [{71922E39-D26D-45BC-971E-6486712A6613}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
    FirewallRules: [{1DF65432-43F2-4036-AF91-9B8AC02A983B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\vanguard-princess\vanpri.exe
    FirewallRules: [{AFA390FC-A30D-4158-810F-1A68CFE0D9A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\vanguard-princess\vanpri.exe
    FirewallRules: [{F7DBD141-08F7-4472-9D38-F56B54AE1667}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
    FirewallRules: [{7314BF00-1A86-470A-8CF9-EBCEA8FE9948}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
    FirewallRules: [{00E4DA3E-23E3-4DC6-9ABD-01A37745D6C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters'98 Ultimate Match\KingOfFighters98UM.exe
    FirewallRules: [{A3B6321F-5F37-4E7F-B003-52D02EFC7301}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters'98 Ultimate Match\KingOfFighters98UM.exe
    FirewallRules: [{78D7382A-641E-4215-A86E-B77638FFB46A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters 2002 Unlimited Match\KingOfFighters2002UM.exe
    FirewallRules: [{697FA79A-B301-4D3F-BB2D-73F8E8C6A1A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters 2002 Unlimited Match\KingOfFighters2002UM.exe
    FirewallRules: [{6BE971C1-61E6-4763-B4D0-E6DF051FBA19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Calamity Trigger\BBCT.exe
    FirewallRules: [{F6EEF78C-1033-41BC-AEEF-ADE7F7581802}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Calamity Trigger\BBCT.exe
    FirewallRules: [{8F22E63B-079E-4A45-AA1F-3DD575423A93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King of Fighters XIII\kofxiii.exe
    FirewallRules: [{E6479E69-168F-4C9D-93F9-4FD35A8F0131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King of Fighters XIII\kofxiii.exe
    FirewallRules: [{64B13CA7-C437-498B-AFED-41E6429D12C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mugen Souls\MugenSouls.exe
    FirewallRules: [{A6BF8F56-1589-4E39-AE70-53FDEA4F5FD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mugen Souls\MugenSouls.exe
    FirewallRules: [{E0E2F9B9-034E-4375-AD56-7D065C02ED58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 0\nekopara_vol0.exe
    FirewallRules: [{0CC40E14-B82B-48E2-9D90-B25C09C7EB38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 0\nekopara_vol0.exe
    FirewallRules: [{31CD37D8-56D3-4A08-A98C-7DA3410FC214}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe
    FirewallRules: [{3F5525C7-4672-4E49-A4EE-AA3E0F84B557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe
    FirewallRules: [{F15C9ECD-046D-4597-A70C-57AAB06AA7AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Akiba's Trip Undead & Undressed\AkibaUU.exe
    FirewallRules: [{A307197F-4FA0-4CFC-9B0C-77E5D900F3DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Akiba's Trip Undead & Undressed\AkibaUU.exe
    FirewallRules: [{59BB4DF1-7E08-4E10-9EB5-761555D97C3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear XX Accent Core Plus R\GGXXACPR_Win.exe
    FirewallRules: [{3B6E09DE-82B8-4353-AA8C-ABF05125A149}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear XX Accent Core Plus R\GGXXACPR_Win.exe
    FirewallRules: [{9DD68CD0-AD87-4EEB-A753-B37A2E200272}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
    FirewallRules: [{D51D8502-FD32-44AF-ADE3-7B0E2ECDE8A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
    FirewallRules: [{60A07B5E-E7FD-4366-A5F3-629A8F89954F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
    FirewallRules: [{D9ABEE87-D72F-4CCC-8301-825640834604}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
    FirewallRules: [{271D24AB-1637-4A96-AD2F-669CD3A0CC15}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{792D631F-EC0F-4EF1-AC37-4DF46473F928}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{CAF8273F-9736-4C0F-84D5-FDBD5E691071}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{3C4EBCAA-3756-4FAD-8487-E9928A586F54}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Restore Points =========================

    02-02-2016 08:59:58 Scheduled Checkpoint
    08-02-2016 11:00:50 JRT Pre-Junkware Removal
    09-02-2016 00:11:33 Restore Point Created by FRST

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/09/2016 12:11:32 AM) (Source: VSS) (EventID: 8194) (User: )
    Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Access is denied.
    .
    A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {d4c5acf2-2d49-409e-ab3e-4438bcfb1902}

    Error: (02/08/2016 05:12:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: El programa Azureus.exe, versión 5.0.0.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

    Identificador de proceso: 1d6c

    Hora de inicio: 01d162c11ee7462f

    Hora de finalización: 46

    Ruta de acceso de la aplicación: C:\Program Files\Vuze\Azureus.exe

    Identificador de informe: 771e65cf-ceb9-11e5-beb7-c0d9622d7303

    Nombre completo de paquete con errores:

    Identificador de aplicación relativa del paquete con errores:

    Error: (02/05/2016 07:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: AcroRd32.exe, versión: 15.10.20056.36345, marca de tiempo: 0x56741546
    Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
    Código de excepción: 0xc0000005
    Desplazamiento de errores: 0x69746163
    Identificador del proceso con errores: 0x2e84
    Hora de inicio de la aplicación con errores: 0xAcroRd32.exe0
    Ruta de acceso de la aplicación con errores: AcroRd32.exe1
    Ruta de acceso del módulo con errores: AcroRd32.exe2
    Identificador del informe: AcroRd32.exe3
    Nombre completo del paquete con errores: AcroRd32.exe4
    Identificador de aplicación relativa del paquete con errores: AcroRd32.exe5

    Error: (02/04/2016 11:34:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: El programa backgroundTaskHost.exe, versión 6.3.9600.17415, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

    Identificador de proceso: 1054

    Hora de inicio: 01d15f71a2bf00d6

    Hora de finalización: 4294967295

    Ruta de acceso de la aplicación: C:\WINDOWS\system32\backgroundTaskHost.exe

    Identificador de informe: 96958ea1-cb65-11e5-beb2-c0d9622d7303

    Nombre completo de paquete con errores: Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t

    Identificador de aplicación relativa del paquete con errores: App

    Error: (02/04/2016 11:19:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: El programa backgroundTaskHost.exe, versión 6.3.9600.17415, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

    Identificador de proceso: 511c

    Hora de inicio: 01d15f6f8a6309f4

    Hora de finalización: 4294967295

    Ruta de acceso de la aplicación: C:\WINDOWS\system32\backgroundTaskHost.exe

    Identificador de informe: 7e0ed6eb-cb63-11e5-beb2-c0d9622d7303

    Nombre completo de paquete con errores: Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t

    Identificador de aplicación relativa del paquete con errores: App

    Error: (02/03/2016 10:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUPRINCIPAL)
    Description: No se pudo activar la aplicación Amazon.com.Amazon_343d40qqvtj1t!App debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

    Error: (02/03/2016 10:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUPRINCIPAL)
    Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

    Error: (02/03/2016 10:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUPRINCIPAL)
    Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

    Error: (02/02/2016 02:13:43 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: firefox.exe, versión: 44.0.0.5866, marca de tiempo: 0x56a4222c
    Nombre del módulo con errores: flvsniff.dll, versión: 1.0.1064.0, marca de tiempo: 0x56277a44
    Código de excepción: 0xc0000005
    Desplazamiento de errores: 0x0008b5bf
    Identificador del proceso con errores: 0x2454
    Hora de inicio de la aplicación con errores: 0xfirefox.exe0
    Ruta de acceso de la aplicación con errores: firefox.exe1
    Ruta de acceso del módulo con errores: firefox.exe2
    Identificador del informe: firefox.exe3
    Nombre completo del paquete con errores: firefox.exe4
    Identificador de aplicación relativa del paquete con errores: firefox.exe5

    Error: (02/01/2016 10:23:05 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: OneDrive.exe, versión: 17.3.6281.1202, marca de tiempo: 0x565fc8be
    Nombre del módulo con errores: KERNELBASE.dll, versión: 6.3.9600.18007, marca de tiempo: 0x55c4bcfc
    Código de excepción: 0x80000003
    Desplazamiento de errores: 0x000b8f62
    Identificador del proceso con errores: 0x2634
    Hora de inicio de la aplicación con errores: 0xOneDrive.exe0
    Ruta de acceso de la aplicación con errores: OneDrive.exe1
    Ruta de acceso del módulo con errores: OneDrive.exe2
    Identificador del informe: OneDrive.exe3
    Nombre completo del paquete con errores: OneDrive.exe4
    Identificador de aplicación relativa del paquete con errores: OneDrive.exe5


    System errors:
    =============
    Error: (02/09/2016 01:18:53 AM) (Source: DCOM) (EventID: 10010) (User: COMPUPRINCIPAL)
    Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

    Error: (02/09/2016 01:18:53 AM) (Source: DCOM) (EventID: 10010) (User: COMPUPRINCIPAL)
    Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

    Error: (02/09/2016 12:37:19 AM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: El servicio IconMan_R terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Restart the service.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio Intel(R) ME Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: El servicio Intel(R) Management and Security Application Local Management Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Restart the service.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio Norton PC Checkup Application Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio TOSHIBA HDD Accelerator Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio Intel(R) Management and Security Application User Notification Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: El servicio Windows Media Player Network Sharing Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Restart the service.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
    Percentage of memory in use: 32%
    Total physical RAM: 6028.24 MB
    Available physical RAM: 4067.82 MB
    Total Virtual: 13708.24 MB
    Available Virtual: 11324.27 MB

    ==================== Drives ================================

    Drive c: (TI10657500D) (Fixed) (Total:919.88 GB) (Free:592.02 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==================== End of Addition.txt ============================

    Hope it helps.

  9. #9
    Member
    Join Date
    Feb 2016
    Posts
    8
    Points
    0

    Default

    Ok here we go. This is the fixlog first:

    Fix result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
    Ran by EdgarOmar (2016-02-09 00:11:25) Run:1
    Running from C:\Users\EdgarOmar\Downloads
    Loaded Profiles: EdgarOmar (Available Profiles: EdgarOmar)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    start
    CloseProcesses:
    CreateRestorePoint:
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    BootExecute: autocheck autochk * sdnclean64.exe
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> DefaultScope {D97A3765-90CB-4092-829C-A6A621301399} URL =
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {93E576BA-E687-4697-9359-EE2AC0251EA5} URL = hxxps://mx.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {D97A3765-90CB-4092-829C-A6A621301399} URL =
    SearchScopes: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001 -> {E6E6D071-9B6F-4910-A4D7-4DA3811AA1E2} URL = hxxps://mx.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
    2016-01-21 23:16 - 2016-01-21 23:16 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\YSearchUtil
    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
    CMD: bitsadmin /reset /allusers
    CMD: ipconfig /flushdns
    RemoveProxy:
    Emptytemp:
    *****************

    Processes closed successfully.
    Restore point was successfully created.
    "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
    HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
    HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
    HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
    HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
    HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
    HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
    hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
    C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
    C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
    C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{93E576BA-E687-4697-9359-EE2AC0251EA5} => key not found.
    HKCR\CLSID\{93E576BA-E687-4697-9359-EE2AC0251EA5} => key not found.
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D97A3765-90CB-4092-829C-A6A621301399} => key not found.
    HKCR\CLSID\{D97A3765-90CB-4092-829C-A6A621301399} => key not found.
    "HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E6E6D071-9B6F-4910-A4D7-4DA3811AA1E2}" => key removed successfully
    HKCR\CLSID\{E6E6D071-9B6F-4910-A4D7-4DA3811AA1E2} => key not found.
    "C:\Users\EdgarOmar\AppData\Local\YSearchUtil" => not found.
    C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.

    ========= bitsadmin /reset /allusers =========


    BITSADMIN version 3.0 [ 7.7.9600 ]
    BITS administration utility.
    (C) Copyright 2000-2006 Microsoft Corp.

    BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
    Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

    {2DD0565F-E1C8-43CD-8AB4-EA8C17C4BBF2} canceled.
    1 out of 1 jobs canceled.

    ========= End of CMD: =========


    ========= ipconfig /flushdns =========


    Configuraci�n IP de Windows

    Se vaci� correctamente la cach� de resoluci�n de DNS.

    ========= End of CMD: =========


    ========= RemoveProxy: =========

    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
    HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


    ========= End of RemoveProxy: =========

    EmptyTemp: => 759.6 MB temporary data Removed.


    The system needed a reboot.

    ==== End of Fixlog 00:15:09 ====

    -------------------------------------------------------------------------

    Got 2 Malware log files:

    ---------------------------

    Malwarebytes Anti-Malware
    www.malwarebytes.org


    Update, 09/02/2016 12:52 a. m., SYSTEM, COMPUPRINCIPAL, Manual, Remediation Database, 2015.9.16.1, 2016.2.5.2,
    Update, 09/02/2016 12:52 a. m., SYSTEM, COMPUPRINCIPAL, Manual, Rootkit Database, 2015.9.18.1, 2016.2.8.1,
    Update, 09/02/2016 12:52 a. m., SYSTEM, COMPUPRINCIPAL, Manual, IP Database, 2015.9.21.2, 2016.2.8.1,
    Update, 09/02/2016 12:52 a. m., SYSTEM, COMPUPRINCIPAL, Manual, Domain Database, 2015.9.22.3, 2016.2.9.1,
    Update, 09/02/2016 12:53 a. m., SYSTEM, COMPUPRINCIPAL, Manual, Malware Database, 2015.9.22.5, 2016.2.8.5,
    Scan, 09/02/2016 01:18 a. m., SYSTEM, COMPUPRINCIPAL, Manual, Inicio:09/02/2016 12:54 a. m., Duración:21 min, 21 seg, Análisis de amenazas, Completado, Detecciones de malware de 0, Detecciones de códigos no de malware de 2,
    Error, 09/02/2016 01:21 a. m., SYSTEM, COMPUPRINCIPAL, Protection, IsLicensed, 13,
    Protection, 09/02/2016 01:21 a. m., SYSTEM, COMPUPRINCIPAL, Protection, Malware Protection, Stopping,
    Protection, 09/02/2016 01:21 a. m., SYSTEM, COMPUPRINCIPAL, Protection, Malware Protection, Stopped,

    (end)

    ------------------------------------------------

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Fecha del análisis: 09/02/2016
    Hora del análisis: 12:54 a. m.
    Archivo de registro: Malaware 2.txt
    Administrador: Sí

    Versión: 2.2.0.1024
    Base de datos de malwares: v2016.02.08.05
    Base de datos de rootkits: v2016.02.08.01
    Licencia: Gratis
    Protección contra el malware: Desactivado
    Protección contra sitios web maliciosos: Desactivado
    Autoprotección: Desactivado

    SO: Windows 8.1
    CPU: x64
    Sistema de archivos: NTFS
    Usuario: EdgarOmar

    Tipo de análisis: Análisis de amenazas
    Resultado: Completado
    Objetos analizados: 356307
    Tiempo transcurrido: 21 min, 21 seg

    Memoria: Activado
    Inicio: Activado
    Sistema de archivos: Activado
    Archivo: Activado
    Rootkits: Desactivado
    Heurística: Activado
    PUP: Activado
    PUM: Activado

    Procesos: 0
    (No hay elementos maliciosos detectados)

    Módulos: 0
    (No hay elementos maliciosos detectados)

    Claves del registro: 0
    (No hay elementos maliciosos detectados)

    Valores del registro: 0
    (No hay elementos maliciosos detectados)

    Datos del registro: 0
    (No hay elementos maliciosos detectados)

    Carpetas: 0
    (No hay elementos maliciosos detectados)

    Archivos: 2
    PUP.Optional.Wajam, C:\Users\EdgarOmar\AppData\Local\Setup Wizard\c593948d-cc90-4439-933e-6995731de1cf\wwe_1.58.1.36.exe, En cuarentena, [1f26114d4a4f96a07ccd528b99683ac6],
    PUP.Optional.WinYahoo, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi, En cuarentena, [e95c60fe2e6bc86e42479eb0da2a52ae],

    Sectores físicos: 0
    (No hay elementos maliciosos detectados)


    (end)

    ------------------------------------

    FRST log

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
    Ran by EdgarOmar (administrator) on COMPUPRINCIPAL (09-02-2016 01:35:03)
    Running from C:\Users\EdgarOmar\Downloads
    Loaded Profiles: EdgarOmar (Available Profiles: EdgarOmar)
    Platform: Windows 8.1 (X64) Language: Inglés (Estados Unidos)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
    (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
    (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
    (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
    (Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TosTogKeyMon.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
    (TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
    (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    (SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
    () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
    (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe
    (TOSHIBA CORPORATION) C:\Program Files\Toshiba\HDD Accelerator\THAccelSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
    (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)
    HKLM\...\Run: [SRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.)
    HKLM\...\Run: [TosTogKeyMon] => C:\Program Files\TOSHIBA\Hotkey\TosTogKeyMon.exe [2365792 2013-03-29] (TOSHIBA Corporation)
    HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
    HKLM\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [743336 2012-07-31] (TOSHIBA Corporation)
    HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
    HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
    HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
    HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
    HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
    HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
    HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2016-01-19] ()
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1611160 2011-03-28] (CANON INC.)
    HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
    HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-04] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [14960 2016-01-12] (Avira Operations GmbH & Co. KG)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe [109480 2015-12-28] (SlySoft, Inc.)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [BingSvc] => C:\Users\EdgarOmar\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-22] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-21] (SUPERAntiSpyware)
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\RunOnce: [Application Restart #2] => C:\Users\EdgarOmar\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-re (the data entry has 613 more characters).

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{946EB574-F6DB-45B8-8F15-24183430BB30}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://bienvenido.toshiba.com?cid=J13
    hxxp://bienvenido.toshiba.com?cid=J13
    hxxp://bienvenido.toshiba.com?cid=J13
    hxxp://toshiba13.msn.com?pc=TNJB
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\20.6.0.27\IPS\IPSBHO.DLL => No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-31] (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-08-07] (FreeDownloadManager.ORG)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-31] (Oracle Corporation)

    FireFox:
    ========
    FF ProfilePath: C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
    FF DefaultSearchEngine: Google
    FF SearchEngineOrder.3: Bing
    FF Homepage: about:home
    FF Session Restore: -> is enabled.
    FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-31] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-31] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-11] ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
    FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\EdgarOmar\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]
    FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\EdgarOmar\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]
    FF SearchPlugin: C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\searchplugins\bing-.xml [2015-11-22]
    FF SearchPlugin: C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\searchplugins\yahoo-ysp.xml [2016-01-21]
    FF Extension: DownThemAll! - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06]
    FF Extension: S3.Google Translator - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\s3google@translator.xpi [2015-12-18]
    FF Extension: Greasemonkey - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-01-10]
    FF Extension: Ank Pixiv Tool - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\ankpixiv@snca.net.xpi [2016-02-08]
    FF Extension: Avira Browser Safety - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\abs@avira.com.xpi [2016-01-31]
    FF Extension: Ank Pixiv Tool - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\ankpixiv@snca.net.xpi [2015-12-23]
    FF Extension: Bing Search - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-22]
    FF Extension: Hola Better Internet - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2016-01-18]
    FF Extension: S3.Google Translator - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\s3google@translator.xpi [2015-12-18]
    FF Extension: Adblock Plus - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
    FF Extension: DownThemAll! - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06]
    FF Extension: Greasemonkey - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\jhwb5pi4.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-01-10]
    FF Extension: Bing Search - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-22]
    FF Extension: Toshiba Defaults - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\defaults@toshiba.com [2016-01-28]
    FF Extension: Hola Better Internet - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2016-01-27]
    FF Extension: Adblock Plus - C:\Users\EdgarOmar\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
    FF HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.1
    FF Extension: Free Download Manager extension - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.1 [2016-01-28]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.google.co.jp/
    CHR NewTab: Default -> "chrome-extension://dfekdjmdikicceaiokcmmchenpilglhn/newtab.html"
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Presentaciones de Google) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-28]
    CHR Extension: (Rutor De Búsqueda De Archivos Torrent) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\agencljbacpfnclcbanachomfbeoilaa [2016-01-04]
    CHR Extension: (Google Docs) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-28]
    CHR Extension: (Google Drive) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
    CHR Extension: (Batch Image Downloader(ZIG Lite)) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedbigoemkinkepgmcmgnapjcahnedmn [2016-01-28]
    CHR Extension: (YouTube) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-28]
    CHR Extension: (Norton Security Toolbar) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-01-28]
    CHR Extension: (Búsqueda de Google) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
    CHR Extension: (Mainichi) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfekdjmdikicceaiokcmmchenpilglhn [2016-01-24]
    CHR Extension: (Tampermonkey) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-01-23]
    CHR Extension: (Hojas de cálculo de Google) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-28]
    CHR Extension: (Pixiv Downloader Free) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbkeopcpjainobjebddfcnnknmfipid [2016-01-25]
    CHR Extension: (Documentos de Google sin conexión) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
    CHR Extension: (Norton Identity Safe) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-11-11]
    CHR Extension: (Ugoira2GIF) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ionmgpeclkmpjkmfejilaihdegkjehfj [2016-01-03]
    CHR Extension: (IPA furigana) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnnbgnfnncobhklficfkdnclohaklifi [2016-01-04]
    CHR Extension: (PictureMate - View hidden pictures) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmlalkcjmglpgdkmkmmgjcajahkoigj [2015-11-11]
    CHR Extension: (Pixiv Downloader) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpfhmlbjibbcinophhcbmapjbhboodd [2015-12-19]
    CHR Extension: (Japanese Kanji Flashcards) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nadhjgmbonakiidhnbiijhbkgejpfhol [2016-01-24]
    CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-28]
    CHR Extension: (Gmail) - C:\Users\EdgarOmar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-28]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-04] (Avira Operations GmbH & Co. KG)
    S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
    R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-01-19] (Freemake) [File not signed]
    R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-01-19] (Ellora Assets Corp.) [File not signed]
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
    R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
    R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe [123320 2012-07-23] (Symantec Corporation)
    R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe [126392 2012-07-23] (Symantec Corporation)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [24224 2016-01-12] (Avira Operations GmbH & Co. KG)
    R2 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [214928 2013-10-17] (TOSHIBA CORPORATION)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-10-26] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-10-26] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
    R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
    R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-04] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-04] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-04] (Avira Operations GmbH & Co. KG)
    R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-04] (Avira Operations GmbH & Co. KG)
    R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-10-26] (Microsoft Corporation)
    R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32768 2014-11-21] (Microsoft Corporation)
    R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
    R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
    R3 hidshim; C:\Windows\system32\DRIVERS\hidshim.sys [6656 2012-06-19] (Windows (R) Win 7 DDK provider)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
    R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
    R3 nuvotonhidcir; C:\Windows\system32\DRIVERS\nuvotonhidcir.sys [32256 2012-06-19] (Nuvoton Technology Corporation)
    R3 RtkBtFilter2; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [48856 2013-09-06] (Realtek Microelectronics)
    R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation )
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
    R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-10-26] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-10-26] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-10-26] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-09 01:35 - 2016-02-09 01:35 - 00030329 _____ C:\Users\EdgarOmar\Downloads\FRST.txt
    2016-02-09 01:30 - 2016-02-09 01:31 - 00000000 ____D C:\Users\EdgarOmar\Documents\Bookmarks 09 02 2016
    2016-02-09 01:30 - 2016-02-09 01:30 - 04105823 _____ C:\Users\EdgarOmar\Documents\bookmarks-2016-02-09.json
    2016-02-09 01:29 - 2016-02-09 01:29 - 00001599 _____ C:\Users\EdgarOmar\Documents\Malaware 2.txt
    2016-02-09 01:28 - 2016-02-09 01:28 - 00001121 _____ C:\Users\EdgarOmar\Documents\Malaware 1.txt
    2016-02-09 00:51 - 2016-02-09 01:26 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2016-02-09 00:51 - 2016-02-09 00:51 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2016-02-09 00:51 - 2016-02-09 00:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-02-09 00:51 - 2016-02-09 00:51 - 00000000 ____D C:\ProgramData\Malwarebytes
    2016-02-09 00:51 - 2016-02-09 00:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2016-02-09 00:51 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2016-02-09 00:51 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2016-02-09 00:51 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2016-02-09 00:44 - 2016-02-09 00:50 - 00000000 ____D C:\Users\EdgarOmar\Downloads\Nueva carpeta
    2016-02-09 00:11 - 2016-02-09 00:15 - 00006196 _____ C:\Users\EdgarOmar\Downloads\Fixlog.txt
    2016-02-08 23:58 - 2016-02-08 23:58 - 00001681 _____ C:\Users\EdgarOmar\Documents\adw.txt
    2016-02-08 18:55 - 2016-02-08 18:57 - 13817924 _____ C:\Users\EdgarOmar\Downloads\testdisk-7.1-WIP.win.zip
    2016-02-08 18:52 - 2016-02-08 18:54 - 08338384 _____ (The Eraser Project) C:\Users\EdgarOmar\Downloads\Eraser 6.2.0.2970.exe
    2016-02-08 11:23 - 2016-02-08 11:23 - 00164944 _____ C:\Users\EdgarOmar\Downloads\922370E2CF387E94D0212ED025C36C1D33BC64AE.torrent
    2016-02-08 11:03 - 2016-02-08 11:03 - 00001202 _____ C:\Users\EdgarOmar\Documents\JRT.txt
    2016-02-08 11:02 - 2016-02-08 11:02 - 00001202 _____ C:\Users\EdgarOmar\Desktop\JRT.txt
    2016-02-08 10:53 - 2016-02-09 00:00 - 00000000 ____D C:\AdwCleaner
    2016-02-08 10:22 - 2016-02-08 10:24 - 00000000 ____D C:\Users\EdgarOmar\Downloads\Junkware Removal Tool 8.0.2.0 Download
    2016-02-08 10:22 - 2016-02-08 10:22 - 00001131 _____ C:\Users\EdgarOmar\Documents\ank.txt
    2016-02-08 10:19 - 2016-02-08 10:20 - 00000000 ____D C:\Users\EdgarOmar\Downloads\AdwCleaner v5.033
    2016-02-07 02:17 - 2016-02-07 02:17 - 00018842 _____ C:\Users\EdgarOmar\Downloads\04381B5AA2FE660C5E4D31829CC732FFAF19CD12.torrent
    2016-02-07 02:08 - 2016-02-07 02:08 - 00030606 _____ C:\Users\EdgarOmar\Downloads\396A80C3ABC5615CEF06DDBA93AA791AD2119D11.torrent
    2016-02-06 20:04 - 2016-02-06 20:04 - 00012014 _____ C:\Users\EdgarOmar\Downloads\3FEFFA02A31B26A9AFFCDC2570AE587DD346F6AF.torrent
    2016-02-06 15:05 - 2016-02-06 15:05 - 00029180 _____ C:\Users\EdgarOmar\Downloads\C9B68B319B7BEBBAD4BF259B486C6F85A16C0D37.torrent
    2016-02-06 07:10 - 2016-02-06 07:10 - 00056388 _____ C:\Users\EdgarOmar\Downloads\4271F0AF89690CBC07AA0B752E0074DE6AC5D1C7.torrent
    2016-02-05 21:48 - 2016-02-05 21:48 - 00080347 _____ C:\Users\EdgarOmar\Downloads\9D7222D56904E0A56778A50EE9E548BE8F947C95.torrent
    2016-02-05 17:22 - 2016-02-05 17:22 - 00425833 _____ C:\Users\EdgarOmar\Downloads\[ENCRYPTED] message.pdf
    2016-02-05 08:33 - 2016-02-05 08:33 - 00022083 _____ C:\Users\EdgarOmar\Downloads\1C054491BCAB55502B3FE6BCBB68F8E95395242E.torrent
    2016-02-04 16:43 - 2016-02-04 16:45 - 00057201 _____ C:\Users\EdgarOmar\Downloads\Addition.txt
    2016-02-04 16:41 - 2016-02-09 01:35 - 00000000 ____D C:\FRST
    2016-02-04 16:41 - 2016-02-04 16:45 - 00066474 _____ C:\Users\EdgarOmar\Documents\FRST.txt
    2016-02-04 16:34 - 2016-02-04 16:34 - 02370560 _____ (Farbar) C:\Users\EdgarOmar\Downloads\FRST64.exe
    2016-02-04 13:38 - 2016-01-31 14:50 - 00450902 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160204-133825.backup
    2016-02-04 12:56 - 2016-02-08 10:49 - 00432030 _____ C:\WINDOWS\ntbtlog.txt
    2016-02-04 12:50 - 2016-02-04 12:51 - 06828320 _____ (Piriform Ltd) C:\Users\EdgarOmar\Downloads\ccsetup514.exe
    2016-02-03 22:09 - 2016-02-03 22:09 - 00000000 ____D C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com
    2016-02-02 20:47 - 2016-02-02 20:47 - 00014960 _____ C:\WINDOWS\System32\Tasks\Browser Updater Task(Core)
    2016-02-02 10:05 - 2016-02-03 22:07 - 1979711488 _____ C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com.part2.rar
    2016-02-01 02:05 - 2016-02-01 03:17 - 331191751 _____ C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com.part3.rar
    2016-01-31 14:50 - 2016-01-28 10:49 - 00450902 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160131-145040.backup
    2016-01-31 13:15 - 2016-01-31 13:15 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2016-01-31 13:15 - 2016-01-31 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-01-31 13:15 - 2016-01-31 13:15 - 00000000 ____D C:\Program Files (x86)\Java
    2016-01-31 13:06 - 2016-01-31 13:06 - 00643680 _____ (Oracle Corporation) C:\Users\EdgarOmar\Downloads\jxpiinstall.exe
    2016-01-31 12:59 - 2016-01-31 12:59 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Avira
    2016-01-31 03:42 - 2016-01-31 03:42 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Avira
    2016-01-31 02:40 - 2016-02-08 09:25 - 00000000 ____D C:\Users\Public\Speedup Sessions
    2016-01-31 02:40 - 2016-01-31 02:40 - 00001170 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
    2016-01-31 02:35 - 2015-12-04 07:38 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
    2016-01-31 02:35 - 2015-12-04 07:38 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
    2016-01-31 02:35 - 2015-12-04 07:38 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
    2016-01-31 02:35 - 2015-12-04 07:38 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
    2016-01-31 02:03 - 2016-01-31 02:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    2016-01-31 02:03 - 2016-01-31 02:03 - 00001241 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
    2016-01-31 02:02 - 2016-01-31 02:40 - 00000000 ____D C:\ProgramData\Avira
    2016-01-31 02:02 - 2016-01-31 02:40 - 00000000 ____D C:\Program Files (x86)\Avira
    2016-01-30 19:56 - 2016-01-30 19:58 - 05427168 _____ (Avira Operations GmbH & Co. KG) C:\Users\EdgarOmar\Downloads\avira_es_av_56ad699fbc940__ws1.exe
    2016-01-30 19:38 - 2016-01-31 13:28 - 00001988 _____ C:\Users\EdgarOmar\Desktop\SUPERAntiSpyware Free Edition.lnk
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\SUPERAntiSpyware.com
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2016-01-30 19:38 - 2016-01-30 19:38 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2016-01-30 13:52 - 2016-01-30 13:57 - 24552952 _____ (SUPERAntiSpyware) C:\Users\EdgarOmar\Downloads\SUPERAntiSpyware.exe
    2016-01-30 11:08 - 2016-01-30 11:08 - 00010938 _____ C:\Users\EdgarOmar\Documents\Monjas maria.wlmp
    2016-01-30 00:57 - 2016-01-30 00:57 - 00000000 ____D C:\ProgramData\GRETECH
    2016-01-30 00:43 - 2016-01-30 00:52 - 00013205 _____ C:\Users\EdgarOmar\Documents\Yoko Tsuno 000.wlmp
    2016-01-29 07:00 - 2016-01-29 07:05 - 00001783 _____ C:\Users\EdgarOmar\Documents\links ugentes.txt
    2016-01-29 01:15 - 2016-01-30 13:27 - 1979711488 _____ C:\Users\EdgarOmar\Downloads\ooniku-012_jav-only.com.part1.rar
    2016-01-28 23:36 - 2016-01-28 23:36 - 00001281 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
    2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
    2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
    2016-01-28 23:33 - 2016-01-28 23:33 - 00001228 _____ C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
    2016-01-28 23:33 - 2016-01-28 23:33 - 00001204 _____ C:\Users\Public\Desktop\GOM Player.lnk
    2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\GRETECH
    2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
    2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\Program Files (x86)\GRETECH
    2016-01-28 23:25 - 2016-01-28 23:26 - 01710680 _____ C:\Users\EdgarOmar\Downloads\SetupVirtualCloneDrive5500.exe
    2016-01-28 23:22 - 2016-01-28 23:27 - 23021376 _____ (Gretech Corporation) C:\Users\EdgarOmar\Downloads\GOMPLAYERESSETUP.EXE
    2016-01-28 23:17 - 2016-01-28 23:17 - 00000000 ____D C:\Users\EdgarOmar\Downloads\sddm-003_jav-only.com
    2016-01-28 22:16 - 2016-01-28 23:17 - 277042267 _____ C:\Users\EdgarOmar\Downloads\sddm-003_jav-only.com.rar
    2016-01-28 21:50 - 2016-01-30 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2016-01-28 21:04 - 2016-01-28 21:11 - 00000000 ____D C:\Users\EdgarOmar\Documents\Session back ups mientras
    2016-01-28 20:30 - 2016-01-30 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2016-01-28 20:30 - 2016-01-28 20:30 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2016-01-28 20:30 - 2016-01-28 20:30 - 00001174 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2016-01-28 20:22 - 2016-01-28 20:28 - 43160576 _____ C:\Users\EdgarOmar\Downloads\Firefox-Setup-42.0-2-toshiba-download-MX.exe
    2016-01-28 10:49 - 2016-01-23 12:34 - 00450849 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160128-104900.backup
    2016-01-28 00:34 - 2016-02-04 12:52 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2016-01-28 00:34 - 2016-01-28 00:34 - 00002810 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
    2016-01-28 00:34 - 2016-01-28 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2016-01-28 00:34 - 2016-01-28 00:34 - 00000000 ____D C:\Program Files\CCleaner
    2016-01-28 00:13 - 2016-02-08 22:32 - 00003614 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2814885961-1482200991-1285302695-1001
    2016-01-28 00:08 - 2016-01-28 00:08 - 00000000 ____D C:\Users\EdgarOmar\Documents\Marcadores Chrome Enero 2016
    2016-01-28 00:07 - 2016-01-28 00:12 - 00000000 ____D C:\Users\EdgarOmar\Documents\Marcadores Firefox 28 Enero 2016
    2016-01-27 19:10 - 2016-01-30 01:16 - 00036018 _____ C:\Users\EdgarOmar\Documents\Monjas.wlmp
    2016-01-27 07:57 - 2016-01-27 07:57 - 00095870 _____ C:\Users\EdgarOmar\Downloads\SVDVD-514 金髪英語教師イジメ.torrent
    2016-01-27 07:40 - 2016-01-27 07:40 - 00001442 _____ C:\Users\EdgarOmar\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} [山野一] どぶさらい劇場.zip.torrent
    2016-01-27 07:38 - 2016-01-27 07:38 - 00041412 _____ C:\Users\EdgarOmar\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} Mitru - Black Lotus 1-6.zip.torrent
    2016-01-25 20:50 - 2016-01-25 20:52 - 06805440 _____ (Piriform Ltd) C:\Users\EdgarOmar\Downloads\ccsetup513.exe
    2016-01-23 15:34 - 2013-05-09 11:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\EdgarOmar\Downloads\HijackThis.exe
    2016-01-23 12:34 - 2016-01-23 12:33 - 00450849 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160123-123441.backup
    2016-01-23 12:33 - 2016-01-12 23:58 - 00450771 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160123-123353.backup
    2016-01-23 09:45 - 2016-01-23 09:46 - 00000000 ____D C:\Users\Public\Documents\dmp
    2016-01-23 09:45 - 2016-01-23 09:45 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Setup Wizard
    2016-01-22 08:50 - 2016-01-22 09:04 - 00000000 ____D C:\Users\EdgarOmar\girls-from-the-back
    2016-01-22 08:35 - 2016-01-22 08:49 - 00000000 ____D C:\Users\EdgarOmar\homemade amateur anal
    2016-01-22 08:29 - 2016-01-22 08:32 - 00000000 ____D C:\Users\EdgarOmar\Pictures Ebony degrading bdsm
    2016-01-21 20:12 - 2016-01-21 20:12 - 00371079 _____ C:\Users\EdgarOmar\Downloads\4325001_NACIONAL_20151218.pdf
    2016-01-21 20:07 - 2016-01-21 20:07 - 00423581 _____ C:\Users\EdgarOmar\Downloads\4325001_NACIONAL_20160120.pdf
    2016-01-19 20:12 - 2016-01-19 20:12 - 00000222 _____ C:\Users\EdgarOmar\Desktop\GUILTY GEAR XX ACCENT CORE PLUS R.url
    2016-01-19 20:11 - 2016-01-19 20:11 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Fairy Fencer F.url
    2016-01-19 09:33 - 2016-01-19 09:33 - 00000222 _____ C:\Users\EdgarOmar\Desktop\AKIBA'S TRIP Undead & Undressed.url
    2016-01-19 00:54 - 2016-01-19 00:54 - 00000220 _____ C:\Users\EdgarOmar\Desktop\BioShock Infinite.url
    2016-01-18 19:15 - 2016-01-18 19:15 - 00000222 _____ C:\Users\EdgarOmar\Desktop\NEKOPARA Vol. 1.url
    2016-01-18 18:18 - 2016-01-18 18:18 - 00000222 _____ C:\Users\EdgarOmar\Desktop\NEKOPARA Vol. 0.url
    2016-01-18 09:09 - 2016-01-18 09:11 - 12444088 _____ C:\Users\EdgarOmar\Downloads\testdisk-7.0.win.zip
    2016-01-18 09:05 - 2016-01-18 09:05 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Mugen Souls.url
    2016-01-16 16:59 - 2016-01-16 17:02 - 12593584 _____ C:\Users\EdgarOmar\Downloads\SetupAnyDVD7680.exe
    2016-01-16 15:00 - 2016-01-16 15:00 - 00000222 _____ C:\Users\EdgarOmar\Desktop\THE KING OF FIGHTERS XIII STEAM EDITION.url
    2016-01-16 11:38 - 2016-01-16 11:38 - 00000222 _____ C:\Users\EdgarOmar\Desktop\THE KING OF FIGHTERS 2002 UNLIMITED MATCH.url
    2016-01-15 23:05 - 2016-01-15 23:05 - 00000222 _____ C:\Users\EdgarOmar\Desktop\THE KING OF FIGHTERS '98 ULTIMATE MATCH FINAL EDITION.url
    2016-01-15 20:36 - 2016-01-15 20:36 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Mitsurugi Kamui Hikae.url
    2016-01-15 08:40 - 2016-01-15 08:40 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Vanguard Princess.url
    2016-01-15 00:43 - 2016-01-15 00:43 - 00000222 _____ C:\Users\EdgarOmar\Desktop\BlazBlue Calamity Trigger.url
    2016-01-14 19:19 - 2016-01-14 19:19 - 00000220 _____ C:\Users\EdgarOmar\Desktop\Garry's Mod.url
    2016-01-14 17:54 - 2016-01-14 17:54 - 00000222 _____ C:\Users\EdgarOmar\Desktop\SONIC THE HEDGEHOG 4 Episode II.url
    2016-01-14 16:00 - 2016-01-14 16:00 - 00000222 _____ C:\Users\EdgarOmar\Desktop\Sakura Spirit.url
    2016-01-13 16:37 - 2016-01-13 16:37 - 00095848 _____ (Elaborate Bytes AG) C:\WINDOWS\SysWOW64\ElbyCDIO.dll
    2016-01-13 08:08 - 2015-12-10 22:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-01-13 08:08 - 2015-12-10 21:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-01-13 08:08 - 2015-12-10 21:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-01-13 08:08 - 2015-12-10 20:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2016-01-13 08:07 - 2015-12-10 22:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2016-01-13 08:07 - 2015-12-10 21:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2016-01-13 08:07 - 2015-12-10 21:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2016-01-13 08:07 - 2015-12-10 21:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2016-01-13 08:07 - 2015-12-10 21:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2016-01-13 08:07 - 2015-12-10 21:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2016-01-13 08:07 - 2015-12-10 21:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-01-13 08:07 - 2015-12-10 20:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-01-13 08:07 - 2015-12-10 20:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2016-01-13 08:07 - 2015-12-10 20:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-01-13 08:07 - 2015-12-10 20:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2016-01-13 08:07 - 2015-12-10 20:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-01-13 08:07 - 2015-12-10 20:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-01-13 08:07 - 2015-12-10 20:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2016-01-13 08:07 - 2015-12-10 20:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-01-13 08:07 - 2015-12-10 20:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-01-13 08:07 - 2015-12-10 20:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
    2016-01-13 08:05 - 2015-12-04 23:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
    2016-01-13 08:05 - 2015-12-04 23:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
    2016-01-13 08:05 - 2015-12-03 12:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
    2016-01-13 08:05 - 2015-12-03 12:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
    2016-01-13 08:05 - 2015-12-03 12:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
    2016-01-13 08:05 - 2015-12-03 12:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
    2016-01-13 08:05 - 2015-12-03 12:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
    2016-01-13 08:05 - 2015-12-03 11:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
    2016-01-13 08:05 - 2015-12-03 11:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
    2016-01-13 08:05 - 2015-12-03 11:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
    2016-01-13 08:05 - 2015-12-03 11:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
    2016-01-13 08:05 - 2015-12-03 11:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
    2016-01-13 08:05 - 2015-12-03 11:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
    2016-01-13 08:05 - 2015-12-03 11:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
    2016-01-13 08:05 - 2015-12-03 11:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
    2016-01-13 08:05 - 2015-12-03 11:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
    2016-01-13 08:05 - 2015-12-03 11:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
    2016-01-13 08:05 - 2015-12-03 10:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
    2016-01-13 08:05 - 2015-12-03 10:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
    2016-01-13 08:05 - 2015-12-02 09:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
    2016-01-13 08:05 - 2015-12-02 09:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
    2016-01-13 08:04 - 2015-12-30 13:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-01-13 08:04 - 2015-12-30 13:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2016-01-13 08:04 - 2015-12-30 13:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2016-01-13 08:04 - 2015-12-09 18:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-01-13 08:04 - 2015-12-07 04:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2016-01-13 08:04 - 2015-12-04 09:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2016-01-13 08:04 - 2015-12-03 13:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-01-13 08:04 - 2015-12-03 13:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2016-01-13 08:04 - 2015-12-03 13:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
    2016-01-13 08:04 - 2015-12-03 13:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
    2016-01-13 08:04 - 2015-12-03 13:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-01-13 08:04 - 2015-12-03 12:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2016-01-13 08:04 - 2015-12-03 12:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
    2016-01-13 08:04 - 2015-12-03 12:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
    2016-01-13 08:04 - 2015-12-03 12:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2016-01-13 08:04 - 2015-12-03 12:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2016-01-13 08:04 - 2015-12-03 11:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2016-01-13 08:04 - 2015-12-03 11:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
    2016-01-13 08:04 - 2015-12-03 11:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-01-13 08:04 - 2015-12-03 11:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2016-01-13 08:04 - 2015-12-03 10:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2016-01-13 08:04 - 2015-11-17 15:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-01-13 08:00 - 2015-12-08 13:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
    2016-01-13 08:00 - 2015-12-08 13:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
    2016-01-12 23:58 - 2015-12-20 23:15 - 00450771 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160112-235846.backup
    2016-01-10 11:07 - 2016-01-10 13:02 - 419430400 _____ C:\Users\EdgarOmar\Downloads\quesn21.part1.rar

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-02-09 01:27 - 2015-10-25 18:49 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2814885961-1482200991-1285302695-1001
    2016-02-09 01:23 - 2015-10-26 11:35 - 00000000 ___RD C:\Users\EdgarOmar\OneDrive
    2016-02-09 01:21 - 2013-08-22 08:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-02-09 01:19 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\L2Schemas
    2016-02-09 01:19 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Inf
    2016-02-09 01:19 - 2013-08-22 07:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
    2016-02-09 01:08 - 2015-11-09 09:32 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-02-09 00:18 - 2015-11-09 18:44 - 00000008 __RSH C:\ProgramData\ntuser.pol
    2016-02-09 00:12 - 2015-12-19 16:15 - 00000000 ____D C:\Users\EdgarOmar\AppData\LocalLow\Temp
    2016-02-09 00:12 - 2013-08-22 09:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2016-02-09 00:12 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
    2016-02-08 22:27 - 2015-10-28 22:58 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E0E359C8-833A-4B56-A975-1D3CEE2940A4}
    2016-02-08 19:09 - 2015-11-09 13:30 - 00808790 _____ C:\WINDOWS\system32\perfh00A.dat
    2016-02-08 19:09 - 2015-11-09 13:30 - 00166676 _____ C:\WINDOWS\system32\perfc00A.dat
    2016-02-08 19:09 - 2014-11-21 02:44 - 01833224 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-02-08 18:36 - 2015-11-19 20:43 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\vlc
    2016-02-08 17:44 - 2015-11-15 01:47 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-02-08 17:13 - 2015-11-09 18:43 - 00000000 ____D C:\ProgramData\TEMP
    2016-02-08 17:13 - 2015-11-09 18:43 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
    2016-02-08 17:12 - 2015-11-17 20:09 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Azureus
    2016-02-08 11:24 - 2015-11-17 20:09 - 00000000 ____D C:\Users\EdgarOmar\Documents\Vuze Downloads
    2016-02-08 09:23 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-02-07 02:47 - 2015-11-10 10:37 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Free Download Manager
    2016-02-05 22:53 - 2015-12-02 23:23 - 00000000 ____D C:\ProgramData\CanonIJPLM
    2016-02-05 19:18 - 2015-10-29 08:57 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\CrashDumps
    2016-02-05 17:08 - 2015-12-27 10:06 - 00003116 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2814885961-1482200991-1285302695-1001
    2016-02-04 12:38 - 2012-11-14 20:32 - 00000000 ____D C:\ProgramData\Norton
    2016-02-04 12:38 - 2012-11-14 20:32 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
    2016-02-04 12:09 - 2013-08-22 07:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
    2016-02-04 12:09 - 2012-07-26 02:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
    2016-02-03 20:46 - 2015-12-06 00:55 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\CDisplayEx
    2016-01-31 19:46 - 2015-11-09 01:24 - 29189120 ___SH C:\Users\EdgarOmar\Downloads\Thumbs.db
    2016-01-31 13:17 - 2015-12-10 12:02 - 00000000 ____D C:\ProgramData\Oracle
    2016-01-31 12:54 - 2013-08-22 08:44 - 00482384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-01-31 02:02 - 2015-10-29 09:11 - 00000000 ____D C:\ProgramData\Package Cache
    2016-01-30 20:41 - 2015-11-15 19:59 - 00001351 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
    2016-01-30 20:41 - 2015-11-15 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
    2016-01-28 23:47 - 2015-11-15 20:06 - 00001363 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
    2016-01-28 00:45 - 2015-10-28 23:34 - 00000000 ____D C:\Program Files (x86)\Google
    2016-01-28 00:39 - 2015-10-29 11:49 - 00000000 ____D C:\WINDOWS\Minidump
    2016-01-28 00:39 - 2015-10-26 11:51 - 00000000 ___DC C:\WINDOWS\Panther
    2016-01-27 21:58 - 2015-11-15 10:00 - 00000000 ____D C:\Users\EdgarOmar\Documents\Movie Studio Platinum - Steam Powered 13.0 Proyectos
    2016-01-23 16:00 - 2015-11-09 21:16 - 00001312 _____ C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux Player.lnk
    2016-01-23 16:00 - 2015-11-09 21:16 - 00000000 ____D C:\Users\EdgarOmar\AppData\Local\Flux Player
    2016-01-23 09:31 - 2015-11-22 11:06 - 00000000 ____D C:\Program Files (x86)\freac
    2016-01-23 09:30 - 2013-08-22 09:36 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-01-23 09:26 - 2015-11-16 19:15 - 00000000 ____D C:\Users\EdgarOmar\Documents\My Kindle Content
    2016-01-23 09:24 - 2015-11-24 10:41 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Audacity
    2016-01-23 09:03 - 2015-10-26 11:03 - 00000000 ____D C:\Users\EdgarOmar
    2016-01-21 23:14 - 2015-11-17 20:08 - 00000000 ____D C:\Users\EdgarOmar\.oracle_jre_usage
    2016-01-20 00:16 - 2015-11-09 09:32 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2016-01-19 20:12 - 2015-11-15 02:22 - 00000000 ____D C:\Users\EdgarOmar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2016-01-15 19:30 - 2015-10-29 12:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
    2016-01-13 20:50 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\rescache
    2016-01-13 20:48 - 2015-11-24 11:19 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2016-01-13 20:48 - 2015-11-24 11:19 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2016-01-13 18:07 - 2015-10-29 09:41 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-01-13 18:07 - 2014-11-21 09:56 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
    2016-01-13 18:07 - 2012-07-26 01:59 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-01-13 08:25 - 2015-11-22 11:26 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2016-01-13 08:25 - 2015-11-22 11:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2016-01-13 08:24 - 2015-11-22 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2016-01-13 08:21 - 2015-10-28 23:51 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-01-13 08:15 - 2015-10-28 23:51 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-01-13 08:15 - 2013-08-22 07:25 - 00000167 _____ C:\WINDOWS\win.ini
    2016-01-12 11:32 - 2012-07-26 02:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2016-01-11 00:48 - 2016-01-04 20:59 - 00000000 ____D C:\Users\EdgarOmar\Documents\Anki

    ==================== Files in the root of some directories =======

    2015-12-18 23:48 - 2015-12-18 23:53 - 0007597 _____ () C:\Users\EdgarOmar\AppData\Local\Resmon.ResmonCfg
    2015-11-15 01:35 - 2015-11-15 01:35 - 0000040 ___SH () C:\ProgramData\.zreglib

    Some files in TEMP:
    ====================
    C:\Users\EdgarOmar\AppData\Local\Temp\avgnt.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2016-02-05 08:40

    ==================== End of FRST.txt ============================

    -------------------------------------------------------

    Adddition log

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
    Ran by EdgarOmar (2016-02-09 01:35:53)
    Running from C:\Users\EdgarOmar\Downloads
    Windows 8.1 (X64) (2015-10-26 17:30:51)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2814885961-1482200991-1285302695-500 - Administrator - Disabled)
    EdgarOmar (S-1-5-21-2814885961-1482200991-1285302695-1001 - Administrator - Enabled) => C:\Users\EdgarOmar
    Guest (S-1-5-21-2814885961-1482200991-1285302695-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2814885961-1482200991-1285302695-1005 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 15.08 beta (HKLM-x32\...\7-Zip) (Version: 15.08 - Igor Pavlov)
    99 Spirits (HKLM-x32\...\Steam App 258090) (Version: - TORaIKI)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
    AKIBA'S TRIP: Undead & Undressed (HKLM-x32\...\Steam App 333980) (Version: - ACQUIRE Corp.)
    Amazon Kindle (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Amazon Kindle) (Version: 1.13.0.42039 - Amazon)
    Anki (HKLM-x32\...\Anki) (Version: - )
    AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.7.0 - SlySoft)
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.6 - Atheros Communications Inc.)
    Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
    Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
    Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
    Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
    BlazBlue: Calamity Trigger (HKLM-x32\...\Steam App 263300) (Version: - Arc System Works)
    Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
    Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
    Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - )
    Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
    Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
    Cheetah Audio Converter (HKLM-x32\...\{B1914510-38B5-4835-83D8-A188073E542F}) (Version: - )
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Double Dragon Trilogy (HKLM-x32\...\Steam App 314150) (Version: - DotEmu)
    Fairy Fencer F (HKLM-x32\...\Steam App 347830) (Version: - Idea Factory)
    FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
    FINAL FANTASY III (HKLM-x32\...\Steam App 239120) (Version: - Square Enix)
    FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)
    FINAL FANTASY VIII (HKLM-x32\...\Steam App 39150) (Version: - SQUARE ENIX)
    Flux Player (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\Flux Player) (Version: 4.6.3.4647 - )
    FLV-Media-Player (HKLM-x32\...\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}) (Version: 2.0.3.2520 - HYBRIDWEB.de)
    Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32 - WildTangent) Hidden
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
    GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.76.5239 - Gretech Corporation)
    Guilty Gear X2 #Reload (HKLM-x32\...\Steam App 314030) (Version: - Arc System Works)
    GUILTY GEAR XX ACCENT CORE PLUS R (HKLM-x32\...\Steam App 348550) (Version: - Arc System Works)
    If My Heart Had Wings (HKLM-x32\...\Steam App 326480) (Version: - Moenovel)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
    Magical Battle Festa (HKLM-x32\...\Steam App 292480) (Version: - Fly System)
    Mahjong Pretty Girls Battle (HKLM-x32\...\Steam App 338060) (Version: - Zoo Corporation)
    Malwarebytes Anti-Malware versión 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Mayjasmine episode01 What is God? 五月茉莉 (HKLM-x32\...\Steam App 417110) (Version: - Erotes studio)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
    Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\OneDriveSetup.exe) (Version: 17.3.6301.0127 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mitsurugi Kamui Hikae (HKLM-x32\...\Steam App 263620) (Version: - Zenith Blue)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Movie Studio 13 Platinum - Steam Powered (HKLM-x32\...\Steam App 330070) (Version: - Sony Creative Software)
    Movie Studio Platinum 13.0 - Steam Powered (64-bit) (HKLM\...\{1F7DB38F-51AA-11E5-8729-001E4FC0A7E5}) (Version: 13.0.957 - Sony)
    Mozilla Firefox 44.0 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 es-MX)) (Version: 44.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.0.5866 - Mozilla)
    Mugen Souls (HKLM-x32\...\Steam App 389870) (Version: - Idea Factory)
    MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
    NEKOPARA Vol. 0 (HKLM-x32\...\Steam App 385800) (Version: - NEKO WORKs)
    NEKOPARA Vol. 1 (HKLM-x32\...\Steam App 333600) (Version: - NEKO WORKs)
    Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
    Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
    Norton PC Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.18.15 - Symantec Corporation)
    Norton Security Dashboard (HKLM-x32\...\NortonSD) (Version: 1.1.1.9 - Symantec Corporation)
    Nuvoton CIR Device Drivers (HKLM-x32\...\{096C6EA4-738C-4A01-BB98-45B93B6B9B34}) (Version: 8.60.5001 - Nuvoton Technology Corporation)
    NWZ-E340 WALKMAN Guide (HKLM-x32\...\{E33956B7-301C-429D-9E6C-2C12EACB8A62}) (Version: 2.0.00.07010 - Sony Corporation)
    Origin (HKLM-x32\...\Origin) (Version: 9.0.15.60 - Electronic Arts, Inc.)
    Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.28.2013.0912 - REALTEK Semiconductor Corp)
    Realtek Bluetooth Filter Driver Package (x32 Version: 12.28.2013.0912 - REALTEK Semiconductor Corp) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6743 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
    REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
    Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
    Sakura Angels (HKLM-x32\...\Steam App 342380) (Version: - Winged Cloud)
    Sakura Spirit (HKLM-x32\...\Steam App 313740) (Version: - Winged Cloud)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Skullgirls (HKLM-x32\...\Steam App 245170) (Version: - Lab Zero Games)
    Skullgirls ∞Endless Beta∞ (HKLM-x32\...\Steam App 208610) (Version: - )
    Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
    Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
    SONIC THE HEDGEHOG 4 Episode II (HKLM-x32\...\Steam App 203650) (Version: - SEGA)
    SP Player (HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\3332097300.wspr.webstream.ne.jp) (Version: - wspr.webstream.ne.jp)
    SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com)
    THE KING OF FIGHTERS 2002 UNLIMITED MATCH (HKLM-x32\...\Steam App 222440) (Version: - Code Mystics)
    THE KING OF FIGHTERS '98 ULTIMATE MATCH FINAL EDITION (HKLM-x32\...\Steam App 222420) (Version: - Code Mystics)
    THE KING OF FIGHTERS XIII STEAM EDITION (HKLM-x32\...\Steam App 222940) (Version: - SNK Playmore)
    The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
    Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
    TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
    Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
    TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
    TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
    TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
    TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.2.0000 - Toshiba Corporation)
    TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v1.0.0.11 - TOSHIBA Corporation)
    TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
    TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
    TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
    TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1013.0 - TOSHIBA CORPORATION)
    TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)
    TOSHIBA Service Station (HKLM\...\{63E575B6-BEF3-4DE7-823E-508837914157}) (Version: 2.6.16.0 - Toshiba Corporation)
    TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
    TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
    TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
    TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.49.124 - Toshiba Corporation)
    TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
    Transfer Utility LE (HKLM-x32\...\{F2C2709B-FB3D-458C-B12E-9AAA5EDCA670}) (Version: 1.02.126 - PIXELA)
    Tsukumogami (HKLM-x32\...\Steam App 262300) (Version: - TORaIKI)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
    Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version: - SEGA)
    Vanguard Princess (HKLM-x32\...\Steam App 262150) (Version: - Tomoaki Sugeno)
    Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
    VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.0.0 - Azureus Software, Inc.)
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
    WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Winged Sakura: Mindy's Arc (HKLM-x32\...\Steam App 331390) (Version: - WINGED SAKURA GAMES)
    WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
    WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
    zkanji v0.731 (HKLM-x32\...\zkanji) (Version: 0.731 - Sólyom Zoltán)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {04ADC3C3-E948-470E-A204-C8D7CEC8457B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
    Task: {0B66AC13-A7D3-4619-8CD0-7B75EF4946B4} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
    Task: {34D73491-BBFD-4BD2-9B29-2EEAC6E759CA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
    Task: {4DA46886-ED67-4B3C-BF66-B275D5924C28} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {4E76AAE9-6AA7-4D38-AE9D-BA258E324177} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\SearchesToYesbnd\BrowserUpdate.exe
    Task: {53F6790C-E9B6-4F18-9EE0-FD71AFFDD354} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {5A4C151D-0EA0-465C-B802-BFFFB620BE4F} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2814885961-1482200991-1285302695-1001 => C:\Users\EdgarOmar\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-05] (Microsoft Corporation)
    Task: {6D1E8C1C-D346-4F80-B02A-5A2B5F1EBA8C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
    Task: {6F622176-1D81-49F7-8BA3-BC5B06FB1A55} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
    Task: {73F915B8-2867-412C-96CE-01C3534FB79D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {86BB7B38-2C05-457D-958F-D4DFEF2A6AA0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-04] (Microsoft Corporation)
    Task: {8FA2E5C1-E289-4F06-BED6-E6CC3D68DA01} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
    Task: {AB1EF200-AD74-4A5E-A602-55CB562D0B40} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2814885961-1482200991-1285302695-1001
    Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
    Task: {E1176BD7-B13E-4197-A939-C20B648812EA} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
    Task: {E68AADD1-99BF-4781-8BE9-DF5891F22F16} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
    Task: {E79E6EDA-6CE9-4504-AE1C-0F7D030D33A9} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2016-01-06] (Symantec Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2013-11-04 20:22 - 2013-11-04 20:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2012-03-16 17:24 - 2012-03-16 17:24 - 00091520 _____ () C:\Program Files\Toshiba\Hotkey\fsHid.dll
    2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
    2016-01-15 14:45 - 2016-01-15 14:45 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
    2014-09-29 18:51 - 2014-09-29 18:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
    2015-11-15 19:59 - 2016-01-19 16:51 - 00073216 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
    2015-11-24 09:43 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2015-11-24 09:43 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2015-11-24 09:43 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2015-11-24 09:43 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2015-11-24 09:43 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2015-10-25 18:30 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0Scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1 Domains Technology Blog
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> 123Movies - Watch Free Movies Streaming Online Now
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> WebMD - Better information. Better health.

    There are 7871 more sites.

    IE trusted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\hola.org -> hxxp://hola.org
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0411dd.com -> 0411dd.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0511zfhl.com -> 0511zfhl.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0632qyw.com -> 0632qyw.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\0scan.com -> 0Scan.com
    IE restricted site: HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\1-2005-search.com -> www.1-2005-search.com

    There are 12688 more sites.


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 07:25 - 2016-02-04 13:38 - 00450954 ____R C:\WINDOWS\system32\Drivers\etc\hosts

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 0Scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com
    127.0.0.1 123Movies - Watch Free Movies Streaming Online Now

    There are 15469 more lines.


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\EdgarOmar\Pictures\ふたなり尼さん&シスター噴水化 - 盲 - mekuranoookami - 盲 (43663952) .png
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
    HKLM\...\StartupApproved\Run: => "TRCMan"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "Free Download Manager"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "Steam"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
    HKU\S-1-5-21-2814885961-1482200991-1285302695-1001\...\StartupApproved\Run: => "BingSvc"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{8B1E83F2-8938-4D69-9892-B46557ED97A4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{BF17192A-69C1-46A6-8845-73AF0CDABA61}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{FD4FD112-E952-4DB1-A9A6-5D7D7979728A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{21AD685C-C04D-46CC-9E35-6E0E17FD3CD0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{D2A62EE1-6218-41CD-B858-052FFEB272B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Dragon Trilogy\ddtrilogy.exe
    FirewallRules: [{BBFE0A6D-43D4-4690-B74C-03DD2AAF7004}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Dragon Trilogy\ddtrilogy.exe
    FirewallRules: [{05FFDD24-12C8-4E78-8770-88D7ADAB0E03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\99 Spirits.eXe
    FirewallRules: [{F664761F-9C4B-4954-9F5C-1AFB8802D4BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\99 Spirits.eXe
    FirewallRules: [{AF7F4627-7BFD-43A7-BF67-5998637E0135}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\English\Cage of Night.eXe
    FirewallRules: [{652E0083-A01A-4DF4-9736-2D54B8104E56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\English\Cage of Night.eXe
    FirewallRules: [{88162000-2730-4BDB-8947-87C672C1E79E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\Japanese\Cage of Night.eXe
    FirewallRules: [{987C4DB4-386B-465B-A9B0-F406D7D56D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Cage of Night\Japanese\Cage of Night.eXe
    FirewallRules: [{2D663A92-4654-446E-A6EE-066C4B013F3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\English\Weeping Demon's Bell.exe
    FirewallRules: [{1740F828-61F8-4AF8-8727-1E102E27A84A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\English\Weeping Demon's Bell.exe
    FirewallRules: [{371F1338-7070-4FB1-A5A6-EDC82403D35F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\Japanese\Weeping Demon's Bell.eXe
    FirewallRules: [{AB0D7300-ED76-4496-BD02-A07A05AFA09D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\99 Spirits\Weeping Demon's Bell\Japanese\Weeping Demon's Bell.eXe
    FirewallRules: [TCP Query User{406715A4-57CF-4809-960C-9FE57C1F4936}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
    FirewallRules: [UDP Query User{AEBEC90A-AD0B-4B28-AC41-6A1EADCCE616}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
    FirewallRules: [{8371D454-323F-479D-B329-659486679A7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Winged Sakura Mindy's Arc\Winged Sakura Mindy's Arc.exe
    FirewallRules: [{37A1660E-8423-45C3-AD3A-6F8E67FE1655}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Winged Sakura Mindy's Arc\Winged Sakura Mindy's Arc.exe
    FirewallRules: [{4CCE3B66-6178-47FE-B13E-7BC6EBD6E29E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\ggx2.exe
    FirewallRules: [{396B0823-BED0-44B6-BE3C-6590E47ACA92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\ggx2.exe
    FirewallRules: [{433AA74E-3B88-44E8-A1A7-7A4194572516}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\config.exe
    FirewallRules: [{59226E7A-90A0-4C7B-BF97-B5BA8DDB3E8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear X2 #Reload\config.exe
    FirewallRules: [{8B661167-DBFF-4705-960D-0BF610CD8B02}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{95E0B624-2F9C-460B-B190-13E3693B5A90}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{54D11142-D95A-450E-AA48-FA800F77BE9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
    FirewallRules: [{BBD62464-0660-4B29-8213-71C0AF931E6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
    FirewallRules: [{5E181127-4239-4358-A50D-7F28D6F2D73B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\If My Heart Had Wings\AdvHD.exe
    FirewallRules: [{F3D8FFF9-89CD-4E25-A4B9-4F858CF155CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\If My Heart Had Wings\AdvHD.exe
    FirewallRules: [{D9475FE4-E7A8-41EE-A8CA-7144F7E2BC2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe
    FirewallRules: [{27D966B1-CDA3-404F-BCED-B9CBF9ECAB6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe
    FirewallRules: [{E3F67565-E217-4294-AB17-C1E97C3573D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magical Battle Festa\MBF.exe
    FirewallRules: [{214FBB4A-1C74-4905-A613-82B621131E4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magical Battle Festa\MBF.exe
    FirewallRules: [{EB569148-4339-4F62-85D4-A138966EB6B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MahJong Nagomi\MahjongPrettyGirlsBattle.exe
    FirewallRules: [{78064255-6A96-43A6-9DBF-1CE5E90C3E6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MahJong Nagomi\MahjongPrettyGirlsBattle.exe
    FirewallRules: [{616BFCD6-85E6-4429-9308-68A86E2AEF8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Angels\Sakura Angels.exe
    FirewallRules: [{AFB64DA5-53DA-4A16-A917-300C98BB95C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Angels\Sakura Angels.exe
    FirewallRules: [{51E3B544-AD37-4033-8D56-AFD0AED36D22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tsukumogami\99 Spirits.eXe
    FirewallRules: [{3409CA83-75E4-4A38-8924-BD555B96DCBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tsukumogami\99 Spirits.eXe
    FirewallRules: [{89EFAED1-54D7-483B-A1AE-50AF2DC69E49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe
    FirewallRules: [{F476C585-A9BE-46D3-9443-59A971DA3680}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe
    FirewallRules: [{1D115DDB-0338-4DDB-8FD6-172F05A002BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
    FirewallRules: [{B49777DB-0C3F-419E-A8BE-4548FA886EE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
    FirewallRules: [{8BFCAA61-2162-401F-A63E-75EA7AD4162B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
    FirewallRules: [{8A49A800-0E30-4642-A327-7A08FFB2323C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
    FirewallRules: [{C0190BF5-85BD-489B-ADAA-1CBD4251AB37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
    FirewallRules: [{24D6DFED-126A-401C-814C-159ED75D841A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
    FirewallRules: [{C6ADC445-B60A-412E-8E08-BCF97504AA56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\FF3_Launcher.exe
    FirewallRules: [{FEB757E0-DCA2-442C-AD0C-251F3B07D765}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Final Fantasy III\FF3_Launcher.exe
    FirewallRules: [{35FB39D5-6ED1-497E-884A-C806635866E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VIII\FF8_Launcher.exe
    FirewallRules: [{1C5B2C5D-CA2D-437F-BBB8-C8F091788980}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VIII\FF8_Launcher.exe
    FirewallRules: [{48634DAC-DB4A-477D-9D7B-4AA38F4B4BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
    FirewallRules: [{375E61A0-F3DD-46A4-9E82-4550B68ECB42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
    FirewallRules: [{984E1D84-7BF3-433C-A3F4-7664CEE2E888}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mayjasmine episode01 What is God\jasmine.eXe
    FirewallRules: [{D75A55C6-C6F5-4870-8FE2-EC231046275B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mayjasmine episode01 What is God\jasmine.eXe
    FirewallRules: [{00601D9D-2EBE-46A6-90F7-DCEE6044664A}] => (Allow) C:\Users\EdgarOmar\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{9F0B532E-58A4-4F7E-9021-9CAB34008662}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{CB0CD99B-25AB-4D04-85D9-656F24862DCE}] => (Allow) LPort=2869
    FirewallRules: [{6E31655B-4E6F-4780-9188-E0548AB09E31}] => (Allow) LPort=1900
    FirewallRules: [{D16E5456-C7EE-496D-95A2-1806EB5E8A9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Spirit\Sakura Spirit.exe
    FirewallRules: [{450A9D74-01F2-48B4-8D1F-90B1889073F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Spirit\Sakura Spirit.exe
    FirewallRules: [{490DC05A-9BBC-4321-A427-F6F950005AEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic the Hedgehog 4 - EP 2\Launcher.exe
    FirewallRules: [{083791C3-7014-4E34-B40F-7742F662ACF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic the Hedgehog 4 - EP 2\Launcher.exe
    FirewallRules: [{6735D8F3-B332-48D7-8D7E-7AC5507B1575}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
    FirewallRules: [{71922E39-D26D-45BC-971E-6486712A6613}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
    FirewallRules: [{1DF65432-43F2-4036-AF91-9B8AC02A983B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\vanguard-princess\vanpri.exe
    FirewallRules: [{AFA390FC-A30D-4158-810F-1A68CFE0D9A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\vanguard-princess\vanpri.exe
    FirewallRules: [{F7DBD141-08F7-4472-9D38-F56B54AE1667}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
    FirewallRules: [{7314BF00-1A86-470A-8CF9-EBCEA8FE9948}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
    FirewallRules: [{00E4DA3E-23E3-4DC6-9ABD-01A37745D6C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters'98 Ultimate Match\KingOfFighters98UM.exe
    FirewallRules: [{A3B6321F-5F37-4E7F-B003-52D02EFC7301}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters'98 Ultimate Match\KingOfFighters98UM.exe
    FirewallRules: [{78D7382A-641E-4215-A86E-B77638FFB46A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters 2002 Unlimited Match\KingOfFighters2002UM.exe
    FirewallRules: [{697FA79A-B301-4D3F-BB2D-73F8E8C6A1A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The King of Fighters 2002 Unlimited Match\KingOfFighters2002UM.exe
    FirewallRules: [{6BE971C1-61E6-4763-B4D0-E6DF051FBA19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Calamity Trigger\BBCT.exe
    FirewallRules: [{F6EEF78C-1033-41BC-AEEF-ADE7F7581802}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlazBlue Calamity Trigger\BBCT.exe
    FirewallRules: [{8F22E63B-079E-4A45-AA1F-3DD575423A93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King of Fighters XIII\kofxiii.exe
    FirewallRules: [{E6479E69-168F-4C9D-93F9-4FD35A8F0131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King of Fighters XIII\kofxiii.exe
    FirewallRules: [{64B13CA7-C437-498B-AFED-41E6429D12C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mugen Souls\MugenSouls.exe
    FirewallRules: [{A6BF8F56-1589-4E39-AE70-53FDEA4F5FD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mugen Souls\MugenSouls.exe
    FirewallRules: [{E0E2F9B9-034E-4375-AD56-7D065C02ED58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 0\nekopara_vol0.exe
    FirewallRules: [{0CC40E14-B82B-48E2-9D90-B25C09C7EB38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 0\nekopara_vol0.exe
    FirewallRules: [{31CD37D8-56D3-4A08-A98C-7DA3410FC214}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe
    FirewallRules: [{3F5525C7-4672-4E49-A4EE-AA3E0F84B557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NEKOPARA Vol. 1\nekopara_vol1.exe
    FirewallRules: [{F15C9ECD-046D-4597-A70C-57AAB06AA7AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Akiba's Trip Undead & Undressed\AkibaUU.exe
    FirewallRules: [{A307197F-4FA0-4CFC-9B0C-77E5D900F3DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Akiba's Trip Undead & Undressed\AkibaUU.exe
    FirewallRules: [{59BB4DF1-7E08-4E10-9EB5-761555D97C3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear XX Accent Core Plus R\GGXXACPR_Win.exe
    FirewallRules: [{3B6E09DE-82B8-4353-AA8C-ABF05125A149}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guilty Gear XX Accent Core Plus R\GGXXACPR_Win.exe
    FirewallRules: [{9DD68CD0-AD87-4EEB-A753-B37A2E200272}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
    FirewallRules: [{D51D8502-FD32-44AF-ADE3-7B0E2ECDE8A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
    FirewallRules: [{60A07B5E-E7FD-4366-A5F3-629A8F89954F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
    FirewallRules: [{D9ABEE87-D72F-4CCC-8301-825640834604}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
    FirewallRules: [{271D24AB-1637-4A96-AD2F-669CD3A0CC15}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{792D631F-EC0F-4EF1-AC37-4DF46473F928}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{CAF8273F-9736-4C0F-84D5-FDBD5E691071}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{3C4EBCAA-3756-4FAD-8487-E9928A586F54}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Restore Points =========================

    02-02-2016 08:59:58 Scheduled Checkpoint
    08-02-2016 11:00:50 JRT Pre-Junkware Removal
    09-02-2016 00:11:33 Restore Point Created by FRST

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/09/2016 12:11:32 AM) (Source: VSS) (EventID: 8194) (User: )
    Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Access is denied.
    .
    A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {d4c5acf2-2d49-409e-ab3e-4438bcfb1902}

    Error: (02/08/2016 05:12:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: El programa Azureus.exe, versión 5.0.0.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

    Identificador de proceso: 1d6c

    Hora de inicio: 01d162c11ee7462f

    Hora de finalización: 46

    Ruta de acceso de la aplicación: C:\Program Files\Vuze\Azureus.exe

    Identificador de informe: 771e65cf-ceb9-11e5-beb7-c0d9622d7303

    Nombre completo de paquete con errores:

    Identificador de aplicación relativa del paquete con errores:

    Error: (02/05/2016 07:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: AcroRd32.exe, versión: 15.10.20056.36345, marca de tiempo: 0x56741546
    Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
    Código de excepción: 0xc0000005
    Desplazamiento de errores: 0x69746163
    Identificador del proceso con errores: 0x2e84
    Hora de inicio de la aplicación con errores: 0xAcroRd32.exe0
    Ruta de acceso de la aplicación con errores: AcroRd32.exe1
    Ruta de acceso del módulo con errores: AcroRd32.exe2
    Identificador del informe: AcroRd32.exe3
    Nombre completo del paquete con errores: AcroRd32.exe4
    Identificador de aplicación relativa del paquete con errores: AcroRd32.exe5

    Error: (02/04/2016 11:34:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: El programa backgroundTaskHost.exe, versión 6.3.9600.17415, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

    Identificador de proceso: 1054

    Hora de inicio: 01d15f71a2bf00d6

    Hora de finalización: 4294967295

    Ruta de acceso de la aplicación: C:\WINDOWS\system32\backgroundTaskHost.exe

    Identificador de informe: 96958ea1-cb65-11e5-beb2-c0d9622d7303

    Nombre completo de paquete con errores: Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t

    Identificador de aplicación relativa del paquete con errores: App

    Error: (02/04/2016 11:19:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: El programa backgroundTaskHost.exe, versión 6.3.9600.17415, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

    Identificador de proceso: 511c

    Hora de inicio: 01d15f6f8a6309f4

    Hora de finalización: 4294967295

    Ruta de acceso de la aplicación: C:\WINDOWS\system32\backgroundTaskHost.exe

    Identificador de informe: 7e0ed6eb-cb63-11e5-beb2-c0d9622d7303

    Nombre completo de paquete con errores: Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t

    Identificador de aplicación relativa del paquete con errores: App

    Error: (02/03/2016 10:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUPRINCIPAL)
    Description: No se pudo activar la aplicación Amazon.com.Amazon_343d40qqvtj1t!App debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

    Error: (02/03/2016 10:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUPRINCIPAL)
    Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

    Error: (02/03/2016 10:25:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUPRINCIPAL)
    Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

    Error: (02/02/2016 02:13:43 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: firefox.exe, versión: 44.0.0.5866, marca de tiempo: 0x56a4222c
    Nombre del módulo con errores: flvsniff.dll, versión: 1.0.1064.0, marca de tiempo: 0x56277a44
    Código de excepción: 0xc0000005
    Desplazamiento de errores: 0x0008b5bf
    Identificador del proceso con errores: 0x2454
    Hora de inicio de la aplicación con errores: 0xfirefox.exe0
    Ruta de acceso de la aplicación con errores: firefox.exe1
    Ruta de acceso del módulo con errores: firefox.exe2
    Identificador del informe: firefox.exe3
    Nombre completo del paquete con errores: firefox.exe4
    Identificador de aplicación relativa del paquete con errores: firefox.exe5

    Error: (02/01/2016 10:23:05 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Nombre de la aplicación con errores: OneDrive.exe, versión: 17.3.6281.1202, marca de tiempo: 0x565fc8be
    Nombre del módulo con errores: KERNELBASE.dll, versión: 6.3.9600.18007, marca de tiempo: 0x55c4bcfc
    Código de excepción: 0x80000003
    Desplazamiento de errores: 0x000b8f62
    Identificador del proceso con errores: 0x2634
    Hora de inicio de la aplicación con errores: 0xOneDrive.exe0
    Ruta de acceso de la aplicación con errores: OneDrive.exe1
    Ruta de acceso del módulo con errores: OneDrive.exe2
    Identificador del informe: OneDrive.exe3
    Nombre completo del paquete con errores: OneDrive.exe4
    Identificador de aplicación relativa del paquete con errores: OneDrive.exe5


    System errors:
    =============
    Error: (02/09/2016 01:18:53 AM) (Source: DCOM) (EventID: 10010) (User: COMPUPRINCIPAL)
    Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

    Error: (02/09/2016 01:18:53 AM) (Source: DCOM) (EventID: 10010) (User: COMPUPRINCIPAL)
    Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

    Error: (02/09/2016 12:37:19 AM) (Source: BTHUSB) (EventID: 17) (User: )
    Description: A causa de un error no determinado en el adaptador Bluetooth local, éste no se usará. Se descargó el controlador.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: El servicio IconMan_R terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Restart the service.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio Intel(R) ME Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: El servicio Intel(R) Management and Security Application Local Management Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Restart the service.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio Norton PC Checkup Application Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio TOSHIBA HDD Accelerator Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: El servicio Intel(R) Management and Security Application User Notification Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

    Error: (02/09/2016 12:11:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: El servicio Windows Media Player Network Sharing Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Restart the service.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
    Percentage of memory in use: 32%
    Total physical RAM: 6028.24 MB
    Available physical RAM: 4067.82 MB
    Total Virtual: 13708.24 MB
    Available Virtual: 11324.27 MB

    ==================== Drives ================================

    Drive c: (TI10657500D) (Fixed) (Total:919.88 GB) (Free:592.02 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==================== End of Addition.txt ============================

    Hope it helps.

  10. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hello,

    Those logs look clean, if there are any browser issues reset / refresh them.

    How to Reset Your Web Browser To Its Default Settings

    Let me know how things are,

    Thanks
    Joe

Page 1 of 2 12 LastLast