Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to connect using FF & IE - Something is hanging around


  • Please log in to reply
13 replies to this topic

#1 ucmego

ucmego

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:11:01 PM

Posted 15 January 2015 - 07:18 AM

Hi Guys,

 

Happy new year.......

 

Its have been a long time since I have encountered any major problems on my PC however this is one I cannot get rid of and need your help.

 

I'm running Windows 8.1 Os 64Bit

 

Each time I go to some websites such as this one http://www.freemake.com/ I get the following with FF and IE.

 

Firefox

 

http://www.freemake.com/

 

Unable to connect

Firefox can't establish a connection to the server at www.freemake.com.

    The site could be temporarily unavailable or too busy. Try again in a few moments.
    If you are unable to load any pages, check your computer's network connection.
    If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.

 

Internet Explorer

 

This page can’t be displayed
  • Make sure that the web address http://www.freemake.com is correct.
  • Look for the page with your search engine.
  • Refresh the page in a few minutes.

BTW thanks for your help.



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,747 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:01 AM

Posted 15 January 2015 - 10:06 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

Wait for further instructions.

#3 ucmego

ucmego
  • Topic Starter

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:11:01 PM

Posted 16 January 2015 - 05:40 AM

Hi,

 

Thanks for your help.

 

Here are the logs and the attached log as well.

 

I did not hit clean for adwClearer tool until I get your instructions.

 

# AdwCleaner v4.107 - Report created 16/01/2015 at 21:17:07
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 8.1 Pro with Media Center  (64 bits)
# Username : Ucmego - WORKSTATION
# Running from : C:\Users\Ucmego\Desktop\adwcleaner_4.107.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v34.0.5 (x86 en-GB)


*************************

AdwCleaner[R0].txt - [1028 octets] - [25/04/2014 13:34:29]
AdwCleaner[R1].txt - [1872 octets] - [09/07/2014 23:37:00]
AdwCleaner[R2].txt - [1011 octets] - [14/07/2014 19:40:52]
AdwCleaner[R3].txt - [1132 octets] - [15/07/2014 08:06:35]
AdwCleaner[R4].txt - [1333 octets] - [23/07/2014 22:56:32]
AdwCleaner[R5].txt - [1084 octets] - [16/01/2015 21:17:07]
AdwCleaner[S0].txt - [1096 octets] - [25/04/2014 13:37:12]
AdwCleaner[S1].txt - [1913 octets] - [09/07/2014 23:38:26]
AdwCleaner[S2].txt - [1072 octets] - [14/07/2014 19:45:04]
AdwCleaner[S3].txt - [1194 octets] - [15/07/2014 08:07:33]
AdwCleaner[S4].txt - [1397 octets] - [23/07/2014 22:58:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [1444 octets] ##########

 

Here is the scan from FRST

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Ucmego (administrator) on WORKSTATION on 16-01-2015 21:26:21
Running from C:\Users\Ucmego\Desktop
Loaded Profiles: Ucmego (Available profiles: Ucmego)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Windows\System32\nvwmi64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Spiceworks, Inc.) C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\LANConfigSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe
(Apache Software Foundation) C:\Program Files (x86)\Spiceworks\httpd\bin\spiceworks-httpd.exe
(Apache Software Foundation) C:\Program Files (x86)\Spiceworks\httpd\bin\spiceworks-httpd.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launchpad] => C:\Program Files\Windows Server\Bin\Launchpad.exe [1099360 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2728736 2014-03-21] ()
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1432482068-2283677420-586190179-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20473504 2013-10-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1432482068-2283677420-586190179-1001\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [349296 2013-01-31] (GP Software)
HKU\S-1-5-21-1432482068-2283677420-586190179-1001\...\MountPoints2: {c8aa7867-7364-11e2-be71-001cc4881243} - "I:\LaunchU3.exe" -a
HKU\S-1-5-21-1432482068-2283677420-586190179-1001\...\MountPoints2: {e5d6fa0c-85ca-11e2-be7a-001cc4881243} - "I:\LaunchU3.exe"
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [mozy] -> {b32a6748-f273-4546-b60a-3c5adc239de5} => C:\Program Files\MozyHome\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy2] -> {747E722C-CB46-4a9d-BDFE-192AAD5099B1} => C:\Program Files\MozyHome\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy3] -> {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} => C:\Program Files\MozyHome\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
BootExecute:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1432482068-2283677420-586190179-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
HKU\S-1-5-21-1432482068-2283677420-586190179-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.ninemsn.com.au/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1432482068-2283677420-586190179-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [1404024 2013-01-31] (GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [366160 2013-01-31] (GP Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Ucmego\AppData\Roaming\Mozilla\Firefox\Profiles\yruz1dx7.default
FF Homepage: www.google.com.au
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-1432482068-2283677420-586190179-1001: @hulu.com/Hulu Desktop -> C:\Users\Ucmego\AppData\Local\HuluDesktop\instances\0.9.14.1\npHDPlg.dll (Hulu LLC)
FF Extension: Datum Find Image Copies - C:\Users\Ucmego\AppData\Roaming\Mozilla\Firefox\Profiles\yruz1dx7.default\Extensions\datumsearchimagegoogle@datum-forensics.com.xpi [2014-10-31]
FF Extension: Fast Image Research - C:\Users\Ucmego\AppData\Roaming\Mozilla\Firefox\Profiles\yruz1dx7.default\Extensions\fastimageresearch@usacyborg.com.xpi [2014-10-31]
FF Extension: Who stole my pictures? - C:\Users\Ucmego\AppData\Roaming\Mozilla\Firefox\Profiles\yruz1dx7.default\Extensions\images@wink.su.xpi [2014-10-31]
FF Extension: TinEye Reverse Image Search - C:\Users\Ucmego\AppData\Roaming\Mozilla\Firefox\Profiles\yruz1dx7.default\Extensions\tineye@ideeinc.com.xpi [2014-10-31]
FF Extension: Search by Image for Google - C:\Users\Ucmego\AppData\Roaming\Mozilla\Firefox\Profiles\yruz1dx7.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi [2014-10-31]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-02-10]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com [2013-02-10]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2013-02-10]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-13]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-17] (SUPERAntiSpyware.com)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-02-25] (Ellora Assets Corp.) [File not signed]
R2 HealthAlertsSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe [285795 2014-04-25] () [File not signed]
S2 initMonitor; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [55112 2013-01-23] (Mozy, Inc.)
R2 NotificationsProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2519840 2014-03-21] ()
R2 providers_system; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2013-12-10] ()
R2 ServiceProviderRegistry; C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe [41568 2012-11-02] (Microsoft Corporation)
R2 spiceworks; C:\Program Files (x86)\Spiceworks\bin\spiceworks.exe [47424 2014-02-28] (Spiceworks, Inc.)
R2 SqmProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WSS_ComputerBackupProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [17008 2013-12-18] ()
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [17008 2013-12-18] ()
S3 GKUPRO2D; C:\Windows\system32\DRIVERS\GKUPRO2D.sys [120320 2012-11-05] (Gemalto)
R1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67808 2013-01-23] (Mozy, Inc.)
R3 NPF; C:\Windows\System32\drivers\NPF.sys [35344 2012-05-04] (CACE Technologies, Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 NDSPCIIO; \??\C:\WINDOWS\system32\DRIVERS\NDSPCIIO64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 21:26 - 2015-01-16 21:26 - 00019171 _____ () C:\Users\Ucmego\Desktop\FRST.txt
2015-01-16 21:25 - 2015-01-16 07:56 - 02125312 _____ (Farbar) C:\Users\Ucmego\Desktop\FRST64.exe
2015-01-16 21:16 - 2015-01-16 21:24 - 00000000 ____D () C:\Users\Ucmego\Desktop\Bleeping
2015-01-16 07:56 - 2015-01-16 07:56 - 02125312 _____ (Farbar) C:\Users\Ucmego\Downloads\FRST64.exe
2015-01-16 07:55 - 2015-01-16 07:56 - 02191360 _____ () C:\Users\Ucmego\Downloads\adwcleaner_4.107.exe
2015-01-15 23:23 - 2015-01-15 23:24 - 01924232 _____ () C:\Users\Ucmego\Downloads\Adaware_Installer.exe
2015-01-14 07:22 - 2014-12-19 17:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 07:22 - 2014-12-12 13:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 07:22 - 2014-12-12 11:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 07:22 - 2014-12-09 12:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 07:22 - 2014-12-09 06:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 07:22 - 2014-12-09 06:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 07:22 - 2014-12-09 06:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 07:22 - 2014-12-09 06:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 07:22 - 2014-12-09 06:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 07:22 - 2014-12-09 06:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 07:22 - 2014-12-09 06:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 07:22 - 2014-12-09 06:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 07:22 - 2014-12-06 14:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 07:22 - 2014-12-06 12:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 07:22 - 2014-12-06 12:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 07:22 - 2014-10-29 15:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 07:22 - 2014-10-29 15:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 07:22 - 2014-10-29 14:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 07:22 - 2014-10-29 14:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 07:22 - 2014-10-29 14:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 07:22 - 2014-10-29 14:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 07:22 - 2014-10-29 14:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 07:22 - 2014-10-29 14:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 07:22 - 2014-10-29 14:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 07:22 - 2014-10-29 14:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 07:22 - 2014-10-29 14:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 07:22 - 2014-10-29 13:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 07:22 - 2014-10-29 12:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 07:22 - 2014-10-29 12:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 07:22 - 2014-10-29 12:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-14 07:22 - 2014-10-29 12:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-08 16:39 - 2015-01-08 08:44 - 01270544 _____ (Ellora Assets Corporation ) C:\Users\Ucmego\Downloads\FreemakeVideoConverterSetup(2).exe
2015-01-04 12:57 - 2015-01-04 12:59 - 57814176 _____ (Pixel-Tech ) C:\Users\Ucmego\Downloads\IDPassportExpress.exe
2014-12-27 07:49 - 2014-12-27 07:49 - 00056648 _____ () C:\Users\Ucmego\Downloads\TOE_application_details_2015_Parent_Edition.pptx
2014-12-21 19:12 - 2014-12-21 19:12 - 00685545 _____ () C:\Users\Ucmego\Desktop\bookmarks-2014-12-21.json
2014-12-20 07:01 - 2014-10-31 09:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-20 07:01 - 2014-10-31 09:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 21:26 - 2014-07-24 08:09 - 00000000 ____D () C:\FRST
2015-01-16 21:23 - 2013-02-10 16:04 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-16 21:18 - 2014-04-25 13:34 - 00000000 ____D () C:\AdwCleaner
2015-01-16 21:15 - 2012-08-26 19:36 - 00000000 ____D () C:\Users\Ucmego\Documents\Outlook Files
2015-01-16 21:05 - 2013-10-18 20:14 - 01948333 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-16 21:05 - 2013-02-10 15:56 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-16 21:02 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-16 18:30 - 2014-07-13 10:28 - 00000000 ____D () C:\Users\Ucmego\AppData\Local\CrashDumps
2015-01-16 18:30 - 2014-06-26 08:03 - 00002908 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2015-01-16 18:30 - 2013-02-10 20:00 - 00000298 _____ () C:\WINDOWS\Tasks\AutoKMS.job
2015-01-16 18:29 - 2014-01-04 20:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-16 18:29 - 2013-08-23 01:46 - 00360508 _____ () C:\WINDOWS\setupact.log
2015-01-16 18:29 - 2013-08-23 01:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-16 18:29 - 2013-02-10 16:04 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 18:29 - 2013-02-10 15:59 - 00000346 _____ () C:\WINDOWS\Tasks\GlaryInitialize.job
2015-01-16 06:31 - 2013-02-10 14:58 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1432482068-2283677420-586190179-1001
2015-01-16 06:25 - 2013-02-10 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-01-16 06:24 - 2013-10-13 07:10 - 00000000 ____D () C:\Users\Ucmego\AppData\Local\Adobe
2015-01-15 23:21 - 2013-02-10 15:57 - 00000000 ____D () C:\Users\Ucmego\AppData\Roaming\uTorrent
2015-01-15 07:50 - 2013-02-10 16:12 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-15 07:28 - 2012-07-26 18:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-14 07:17 - 2013-08-23 02:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-13 21:36 - 2013-08-23 00:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-10 19:29 - 2013-09-30 15:20 - 00867660 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-10 17:45 - 2014-07-09 22:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-08 23:32 - 2014-07-09 22:30 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-08 22:28 - 2014-07-09 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-08 22:28 - 2013-02-10 16:12 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-08 06:41 - 2013-02-10 21:56 - 00000000 ____D () C:\Users\Ucmego\AppData\Roaming\vlc
2015-01-06 11:08 - 2013-08-23 02:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-06 11:08 - 2013-08-23 02:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-31 22:14 - 2013-02-10 15:09 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

Files to move or delete:
====================
C:\ProgramData\sdpsenv.dat


Some content of TEMP:
====================
C:\Users\Ucmego\AppData\Local\Temp\FlashDLL.dll
C:\Users\Ucmego\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
C:\Users\Ucmego\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Ucmego\AppData\Local\Temp\nvStInst.exe
C:\Users\Ucmego\AppData\Local\Temp\SAS6_Update.exe
C:\Users\Ucmego\AppData\Local\Temp\spiceworks_redist.exe
C:\Users\Ucmego\AppData\Local\Temp\spiceworks_redist_10.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-16 18:40

==================== End Of Log ============================

 

 

 

 

 



#4 ucmego

ucmego
  • Topic Starter

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:11:01 PM

Posted 16 January 2015 - 05:42 AM

Hi,

 

This website will not allow me to upload more than 23.42KB so I have pasted the files here

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
Ran by Ucmego at 2015-01-16 21:26:45
Running from C:\Users\Ucmego\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29082 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.9 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.5.502.149 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
AOMEI Partition Assistant Standard Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 3.6 - Auslogics Software Pty Ltd)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.2 - GPL Public release.)
AvsP (HKLM-x32\...\AvsP_is1) (Version:  - )
Beyond Compare 3.3.10 (HKLM-x32\...\BeyondCompare3_is1) (Version: 3.3.10.17762 - Scooter Software)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dropbox (HKU\S-1-5-21-1432482068-2283677420-586190179-1001\...\Dropbox) (Version: 1.6.16 - Dropbox, Inc.)
DVD slideshow GUI 0.9.5.4 (HKLM-x32\...\BE37E547-62DF-43C8-AE6A-D03E82BC67A3_is1) (Version: DVD slideshow GUI 0.9.5.4 - Tin2tin)
EaseUS Data Recovery Wizard 7.0 (HKLM-x32\...\EaseUS Data Recovery Wizard 7.0_is1) (Version:  - EaseUS)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.)
foobar2000 v1.2.2 (HKLM-x32\...\foobar2000) (Version: 1.2.2 - Peter Pawlowski)
Freemake Audio Converter version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Video Converter version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.0 - Ellora Assets Corporation)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.5.0 - Ellora Assets Corporation)
GetDataBack for FAT (HKLM-x32\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 4.33.000 - Runtime Software)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.33.000 - Runtime Software)
Glary Utilities 2.53.0.1726 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.53.0.1726 - Glarysoft Ltd)
Google Drive (HKLM-x32\...\{240D2B48-E06E-446F-A806-01CF36882EB7}) (Version: 1.19.8268.4572 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPSoftware Directory Opus (HKLM-x32\...\{5D4F167D-CCC8-413E-A6EE-F2FABBBBF50D}) (Version: 10.5.0.0 - GPSoftware)
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version:  - )
Hulu Desktop (HKU\S-1-5-21-1432482068-2283677420-586190179-1001\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417017FF}) (Version: 7.0.170 - Oracle)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
KeePass Password Safe 1.25 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.25 - Dominik Reichl)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1432482068-2283677420-586190179-1001\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-GB)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
MozyHome (HKLM\...\{641F06F1-7AEF-A8AB-1DB9-C766FAC7018E}) (Version: 2.18.3.247 - Mozy, Inc.)
MyFreeCodec (HKU\S-1-5-21-1432482068-2283677420-586190179-1001\...\MyFreeCodec) (Version:  - )
MyHarmony (HKU\S-1-5-21-1432482068-2283677420-586190179-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NEC NaViSet 1.1.27.00 (HKLM-x32\...\NEC NaViSet) (Version: 1.1.27.00 - NEC Display Solutions)
Nmap 5.61-Spiceworks (HKLM-x32\...\Spiceworks-Nmap) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3 - )
NVIDIA 3D Vision Controller Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA nView 141.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.00 - NVIDIA Corporation)
NVIDIA WMI 2.16.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.16.1 - NVIDIA Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Perfect Effects 8 (HKLM-x32\...\{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}) (Version: 8.1.0 - onOne Software)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version:  - Photodex Corporation)
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version:  - Daum Communications Corp.)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version:  - Photodex Corporation)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.49 - Piriform)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 6.9 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.9.106 - Skype Technologies S.A.)
Spiceworks (HKLM-x32\...\Spiceworks) (Version: 7.1.00027 - Spiceworks, Inc.)
Spotify (HKU\S-1-5-21-1432482068-2283677420-586190179-1001\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.92.107379 - SugarSync, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.5.0.77 - KMP Media co., Ltd)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Driver Package - Eastman Kodak Company KODAK 6800/6850 Printer (03/30/2011 3.1.0.2) (HKLM\...\D3EEC7143436E6F27AA2E67CB6BA166C9766DC19) (Version: 03/30/2011 3.1.0.2 - Eastman Kodak Company)
Windows Storage Server 2008 R2 Connector (HKLM\...\{C1E4D639-4A33-4314-809E-89BD0EF48522}) (Version: 6.1.8800.16400 - Microsoft Corporation)
WinPcap 4.1.2-Spiceworks (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
XnView 1.99.6 (HKLM-x32\...\XnView_is1) (Version: 1.99.6 - Gougelet Pierre-e)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{038C127B-3458-49C9-8D87-BDEC7D84CA35}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{10318C28-9E80-440D-A47C-D86984D2598C}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{10906AF7-7012-441C-81CC-E8AA43A8D3E9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{112668EB-B62B-4D5C-831D-8ADFEF2BD3BD}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{195FF5AD-04C2-41C7-BACE-D78F71CCE49E}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{1A4ADD3F-E8BB-47E4-B4D1-EF41B6EFB1D0}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{1DB19828-E98C-47C5-8A68-1CA4E5E87AF4}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{1EB87E75-39D2-4204-A412-4AB4AEE3A113}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{1F1F442E-F603-4FF2-B5C1-9FAC631BBAD0}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{21297EF4-80EE-414A-BAE4-A87292109B2F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{227CD805-F3BE-4C46-A632-1673C6C6653B}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{237014BA-2AC3-4448-B880-676A315655D1}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{26ACBCAD-4C04-436F-B8B6-F59E276F3568}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{283A8042-C08A-4B36-A85E-24D2E34A487D}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{2EB9C9D9-E4F9-487D-B5A8-BFF7178DFEAF}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{3186F059-146C-4A7C-B252-32A9342A7693}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{353954DD-05D9-4115-B233-E9A064458E05}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{3BA99197-9A74-424F-9580-A9F2DE6728D0}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{48C86C50-99B1-4E76-9872-EEBF6D759C51}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{4944802C-EEFA-4B02-B8AB-639A70F80089}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{4BFA108C-5B0E-4130-8503-51DFFDE5AC76}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{4C09E0FE-3014-45D3-9F5F-4135F2EC8E4B}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{54416ACF-0A2B-4932-B0E0-B9360CB61D59}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{57E5EB73-F183-470B-AE97-4D2641CA4204}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{5B73420A-B228-4569-9CAB-23239A05D666}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{5B747E09-3142-4ABF-A175-C821AF50C77C}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{5CFBB673-FD1D-4C0C-BABF-839C190CD53D}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{63A34909-A6DB-4C56-A520-2F8AA75D2074}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{7DB585AF-F248-4682-B50E-011CBFAEDC6E}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{8CCCE6D8-8FD5-48C0-9E95-3536DD944827}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{8FA22EA2-81AF-43E1-8D63-DA64D1850F79}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{916EF008-1D2A-4445-BE73-B3244141441F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{91A9B514-BD47-4C65-B8C6-1FFE050C88DE}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{93436854-355F-4436-9B82-45D7F0A5241F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{982636E9-0A4E-4E86-B0EE-DFD2024882C3}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ucmego\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{A4BF6C5B-F5EC-4645-9BFA-FBAF0044DD20}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{A597C9EB-1D42-4A0E-8AAE-54BD42D0F1F4}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{ADFCA7E2-49FD-4E56-A49C-9498E92CE2C0}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{B253E157-2944-46C7-899E-EFD6D4A95D93}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{B7C22D22-48D1-4F62-8396-4D86E7E1F91F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ucmego\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{BD189902-8802-42EB-BC62-5B3227864657}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{C0810778-40C0-4D1F-BBCA-4453AD393E5B}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{C2085E1D-4242-44B8-A22C-DA785FDF591B}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{C3DD9028-007D-4C83-88A3-5E1F09B10B52}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{C5115922-5BAC-48F3-83BC-58AF957497F9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{C94CC9A3-6F46-4300-B1E6-D77EDE1DE3C9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Ucmego\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{CB892F96-142D-4F5F-8255-5363B812D688}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{CCBFB87F-34EE-4ABE-9709-961E45C7F7F6}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{CD77281E-9886-44CE-818E-FFD4CB29E631}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{CF0F6CB4-D0BE-437F-862F-2384C60AED1F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{D3B3DEBA-CEAF-459A-8341-AE6C7B303C87}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{D3E69981-6D9C-4EC3-A70C-B384945DBEBE}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{D7619037-BC23-4296-A4E1-305514968ED3}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{DBD12C3F-2E94-4E0C-A55B-2ADC38BFA648}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{DC57DCE4-9512-4C3D-9E47-41EAB1EA58B9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{DD069A9F-EF67-41D6-9EA1-4C114050E548}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{DEB6A95F-EAAF-4647-995A-33B2FFB58980}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{E12D6404-7360-49EC-994F-C85F0C85DECE}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{E2E9C78B-4694-4C95-B52D-7E559BB656F9}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{E64E1186-66BF-4593-950C-6D24CA7B3D00}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{E65A38A1-8A99-4634-AC07-487E40ACCB0F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{ECC5870B-D064-43A1-B6C6-97894AF70481}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{EEC75C29-C3A3-4AE8-843B-1CD424F98139}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{EF800ACB-5AB7-4B3E-B930-905F7F1E54A6}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{F1EACF4A-9E5D-470C-BE50-D0ECE9B95A85}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ucmego\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{F3C6A729-82D2-4FD2-8070-E936B99CB6BD}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ucmego\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ucmego\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{FBF8EE03-08A4-41D1-9998-3C43B43AA1F6}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-1432482068-2283677420-586190179-1001_Classes\CLSID\{FD8AF9E3-83BA-41C7-A82A-286786FB560C}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)

==================== Restore Points  =========================

14-01-2015 08:42:59 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-02-11 21:21 - 2014-04-25 13:49 - 00040318 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 212link.com # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.adorika.net # hosts anti-adware / pups
127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
127.0.0.1 adm.soft365.com # hosts anti-adware / pups
127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
127.0.0.1 ads.aff.co # hosts anti-adware / pups
127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
127.0.0.1 ads.egdating.net # hosts anti-adware / pups
127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
127.0.0.1 ads.pornerbros.com # hosts anti-adware / pups
127.0.0.1 ads.realken.com # hosts anti-adware / pups
127.0.0.1 ads.regiedepub.com # hosts anti-adware / pups
127.0.0.1 ads.sucomspot.com # hosts anti-adware / pups

There are 645 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {04B9C241-9585-4ADC-8A1F-480F93585480} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-11] (Microsoft Corporation)
Task: {1419F0FA-E45F-40ED-A2E9-6E7BCB948100} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {177CCDC5-5202-4F2C-A8BA-9B1573DB076B} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2013-02-04] (Glarysoft Ltd)
Task: {36B2B545-C5A1-47A4-AA76-895F69B06824} - System32\Tasks\Microsoft\Windows\Windows Server\Alert Evaluations => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {36FF6894-CC28-4F42-B617-234B27CE6A6D} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {379EE664-DD6E-49D6-9CC6-ADB6ADB60696} - System32\Tasks\Microsoft\Windows\Windows Server\SaveCEIPData => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {3FF62FEC-DB10-4CEC-B0EF-1A1FBC478409} - System32\Tasks\AdobeAAMUpdater-1.0-Workstation-Ucmego => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {57881AE9-D96D-4CE8-A253-B61E0F89345C} - System32\Tasks\Microsoft\Windows\Windows Server\UploadCEIPData => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {6ABF7606-150E-4A94-BEA3-613D75F038F4} - System32\Tasks\Microsoft\Windows\Windows Server\InstallAddIns => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {8B613487-4986-45C8-A82D-6F9134087C5C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-10] (Adobe Systems Incorporated)
Task: {8C7223C2-957A-48B2-9A77-70F141B2691A} - System32\Tasks\Microsoft\Windows\Windows Server\Backup => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {CEC56719-3BCE-4509-9037-A9718797F19F} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-02-10] ()
Task: {D093CEDA-9A38-4EC3-8C33-CBD2A0F6187E} - System32\Tasks\Microsoft\Windows\Windows Server\Health Definition Updates => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: {DD99FBA9-BC4E-4700-ADB9-5DB5A94D611D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10] (Google Inc.)
Task: {E23BB7B0-2399-44BF-A965-7A25C465D1DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10] (Google Inc.)
Task: {FAFB281A-C548-4661-9087-165C9C6CAE6E} - System32\Tasks\Microsoft\Windows\Windows Server\RenewClientCertificate => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-11-02] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-04 20:17 - 2014-03-21 00:03 - 02519840 _____ () C:\WINDOWS\system32\nvwmi64.exe
2014-01-04 20:16 - 2014-03-05 00:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-04 20:16 - 2014-03-21 00:02 - 02588960 _____ () C:\Program Files\NVIDIA Corporation\nview\nview64.dll
2014-01-04 20:16 - 2014-03-21 00:03 - 01684768 _____ () C:\Program Files\NVIDIA Corporation\nview\nvwimg64.dll
2014-01-04 20:16 - 2014-03-21 00:03 - 00711456 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2013-12-08 12:47 - 2013-12-10 21:12 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-04 20:16 - 2014-03-21 00:02 - 02148640 _____ () C:\Program Files\NVIDIA Corporation\nview\nview.dll
2014-01-22 17:19 - 2014-01-22 17:19 - 00011776 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\encdb.so
2014-01-22 17:19 - 2014-01-22 17:19 - 00009216 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\iso_8859_1.so
2014-01-22 17:19 - 2014-01-22 17:19 - 00013312 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\trans\transdb.so
2014-01-22 17:28 - 2014-01-22 17:28 - 00015360 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\racc\cparse.so
2014-01-22 17:27 - 2014-01-22 17:27 - 00019456 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\iconv.so
2014-01-22 17:14 - 2014-01-22 17:14 - 00864768 _____ () C:\Program Files (x86)\Spiceworks\bin\iconv.dll
2014-01-22 17:20 - 2014-01-22 17:20 - 00094720 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\trans\single_byte.so
2014-01-22 17:28 - 2014-01-22 17:28 - 00022528 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\stringio.so
2014-01-22 17:28 - 2014-01-22 17:28 - 00078336 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\syck.so
2014-01-22 17:27 - 2014-01-22 17:27 - 00109056 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\date_core.so
2014-01-22 17:29 - 2014-01-22 17:29 - 00053248 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\efs.so
2014-01-22 17:10 - 2014-01-22 17:10 - 00168960 _____ () C:\Program Files (x86)\Spiceworks\bin\qdbm.dll
2014-01-22 17:28 - 2014-01-22 17:28 - 00080384 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\zlib.so
2014-01-22 17:19 - 2014-01-22 17:19 - 00009216 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_16le.so
2014-01-22 17:20 - 2014-01-22 17:20 - 00013312 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\trans\utf_16_32.so
2014-01-22 17:27 - 2014-01-22 17:27 - 00008704 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\etc.so
2014-01-22 17:27 - 2014-01-22 17:27 - 00008192 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\monitor_mixin.so
2014-01-22 17:27 - 2014-01-22 17:27 - 00047104 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\dl.so
2014-01-22 17:28 - 2014-01-22 17:28 - 00017408 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\strscan.so
2014-01-22 17:33 - 2014-01-22 17:33 - 00025600 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\sqlite3-1.3.8\lib\sqlite3\sqlite3_native.so
2014-01-22 17:11 - 2014-01-22 17:11 - 00427520 _____ () C:\Program Files (x86)\Spiceworks\bin\sqlite3.dll
2014-01-22 17:28 - 2014-01-22 17:28 - 00177664 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\openssl.so
2014-01-22 17:11 - 2014-01-22 17:11 - 00067584 _____ () C:\Program Files (x86)\Spiceworks\bin\zlib1.dll
2014-01-22 17:27 - 2014-01-22 17:27 - 00012288 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest.so
2014-01-22 17:27 - 2014-01-22 17:27 - 00007680 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\fcntl.so
2014-01-22 17:28 - 2014-01-22 17:28 - 00022016 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\pathname.so
2014-01-22 17:29 - 2014-01-22 17:29 - 00011776 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\service.so
2014-01-22 17:19 - 2014-01-22 17:19 - 00009216 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_16be.so
2014-01-22 17:28 - 2014-01-22 17:28 - 00086016 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\socket.so
2014-01-22 17:27 - 2014-01-22 17:27 - 00053248 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\bigdecimal.so
2014-01-22 17:27 - 2014-01-22 17:27 - 00171520 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\nkf.so
2014-01-22 17:19 - 2014-01-22 17:19 - 00011264 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\euc_jp.so
2014-01-22 17:19 - 2014-01-22 17:19 - 00010752 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\shift_jis.so
2014-01-22 17:19 - 2014-01-22 17:19 - 00008192 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_32be.so
2014-01-22 17:33 - 2014-01-22 17:33 - 00028672 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\json-1.8.1\lib\json\ext\parser.so
2014-01-22 17:19 - 2014-01-22 17:19 - 00008192 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\enc\utf_32le.so
2014-01-22 17:33 - 2014-01-22 17:33 - 00028160 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\json-1.8.1\lib\json\ext\generator.so
2014-01-22 17:27 - 2014-01-22 17:27 - 00010240 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest\md5.so
2014-01-22 17:27 - 2014-01-22 17:27 - 00012800 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest\sha1.so
2014-01-22 17:33 - 2014-01-22 17:33 - 00052224 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\nokogiri-1.4.1\lib\nokogiri\nokogiri.so
2014-01-22 17:18 - 2014-01-22 17:18 - 00061440 _____ () C:\Program Files (x86)\Spiceworks\bin\libexslt.dll
2014-01-22 17:18 - 2014-01-22 17:18 - 00171008 _____ () C:\Program Files (x86)\Spiceworks\bin\libxslt.dll
2014-01-22 17:17 - 2014-01-22 17:17 - 00996352 _____ () C:\Program Files (x86)\Spiceworks\bin\libxml2.dll
2014-01-22 17:33 - 2014-01-22 17:33 - 00011776 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\image_science-1.2.1\lib\image_science.so
2014-01-22 17:27 - 2014-01-22 17:27 - 00015872 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\digest\sha2.so
2014-01-22 17:30 - 2014-01-22 17:30 - 00045568 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\bits.so
2014-01-22 17:28 - 2014-01-22 17:28 - 00075776 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\1.9.1\i386-mswin32_90\win32ole.so
2014-01-22 17:30 - 2014-01-22 17:30 - 00026112 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\async_ping.so
2014-01-22 17:29 - 2014-01-22 17:29 - 00101376 _____ () C:\Program Files (x86)\Spiceworks\lib\ruby\site_ruby\1.9.1\i386-msvcr90\event_log.so
2014-01-22 17:33 - 2014-01-22 17:33 - 00027648 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\net-snmp-0.2.5\lib\netsnmp_api.so
2014-01-22 17:16 - 2014-01-22 17:16 - 00397312 _____ () C:\Program Files (x86)\Spiceworks\bin\netsnmp.dll
2014-01-22 17:33 - 2014-01-22 17:33 - 00060416 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\curb-0.7.12\lib\curb_core.so
2014-01-22 17:33 - 2014-01-22 17:33 - 00025088 _____ () C:\Program Files (x86)\Spiceworks\pkg\gems\win32-api-1.4.8\lib\win32\api.so
2014-01-22 17:11 - 2014-01-22 17:11 - 00067584 _____ () C:\Program Files (x86)\Spiceworks\httpd\bin\zlib1.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates
AlternateDataStreams: C:\Users\Ucmego\AppData\Local\lXsf9Iob0:1D40bu0eOw8gWe8JbunO

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

========================= Accounts: ==========================

Administrator (S-1-5-21-1432482068-2283677420-586190179-500 - Administrator - Disabled)
Ucmego (S-1-5-21-1432482068-2283677420-586190179-1001 - Administrator - Enabled) => C:\Users\Ucmego
Guest (S-1-5-21-1432482068-2283677420-586190179-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1432482068-2283677420-586190179-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/16/2015 06:29:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Launchpad.exe, version: 6.1.8800.16400, time stamp: 0x5094946f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xe0434352
Fault offset: 0x000000000000606c
Faulting process ID: 0x968
Faulting application start time: 0xLaunchpad.exe0
Faulting application path: Launchpad.exe1
Faulting module path: Launchpad.exe2
Report ID: Launchpad.exe3
Faulting package full name: Launchpad.exe4
Faulting package-relative application ID: Launchpad.exe5

Error: (01/16/2015 06:29:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Launchpad.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Windows.Markup.XamlParseException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadComponent(System.Object, System.Uri)
   at Microsoft.WindowsServerSolutions.LaunchPad.MainWindow..ctor()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.Main()

Error: (01/16/2015 08:57:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Launchpad.exe, version: 6.1.8800.16400, time stamp: 0x5094946f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xe0434352
Fault offset: 0x000000000000606c
Faulting process ID: 0x9a8
Faulting application start time: 0xLaunchpad.exe0
Faulting application path: Launchpad.exe1
Faulting module path: Launchpad.exe2
Report ID: Launchpad.exe3
Faulting package full name: Launchpad.exe4
Faulting package-relative application ID: Launchpad.exe5

Error: (01/16/2015 08:56:43 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Launchpad.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Windows.Markup.XamlParseException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadComponent(System.Object, System.Uri)
   at Microsoft.WindowsServerSolutions.LaunchPad.MainWindow..ctor()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.Main()

Error: (01/16/2015 06:21:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Launchpad.exe, version: 6.1.8800.16400, time stamp: 0x5094946f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xe0434352
Fault offset: 0x000000000000606c
Faulting process ID: 0x964
Faulting application start time: 0xLaunchpad.exe0
Faulting application path: Launchpad.exe1
Faulting module path: Launchpad.exe2
Report ID: Launchpad.exe3
Faulting package full name: Launchpad.exe4
Faulting package-relative application ID: Launchpad.exe5

Error: (01/16/2015 06:20:48 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Launchpad.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Windows.Markup.XamlParseException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadComponent(System.Object, System.Uri)
   at Microsoft.WindowsServerSolutions.LaunchPad.MainWindow..ctor()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.Main()

Error: (01/15/2015 07:12:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (01/15/2015 06:56:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Launchpad.exe, version: 6.1.8800.16400, time stamp: 0x5094946f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xe0434352
Fault offset: 0x000000000000606c
Faulting process ID: 0x988
Faulting application start time: 0xLaunchpad.exe0
Faulting application path: Launchpad.exe1
Faulting module path: Launchpad.exe2
Report ID: Launchpad.exe3
Faulting package full name: Launchpad.exe4
Faulting package-relative application ID: Launchpad.exe5

Error: (01/15/2015 06:56:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Launchpad.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Windows.Markup.XamlParseException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadComponent(System.Object, System.Uri)
   at Microsoft.WindowsServerSolutions.LaunchPad.MainWindow..ctor()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.Main()

Error: (01/15/2015 01:04:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Launchpad.exe, version: 6.1.8800.16400, time stamp: 0x5094946f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xe0434352
Fault offset: 0x000000000000606c
Faulting process ID: 0x19d0
Faulting application start time: 0xLaunchpad.exe0
Faulting application path: Launchpad.exe1
Faulting module path: Launchpad.exe2
Report ID: Launchpad.exe3
Faulting package full name: Launchpad.exe4
Faulting package-relative application ID: Launchpad.exe5


System errors:
=============
Error: (01/16/2015 06:41:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Windows Malicious Software Removal Tool for Windows 8, 8.1 and Windows Server 2012, 2012 R2 x64 Edition - January 2015 (KB890830).

Error: (01/16/2015 06:40:48 PM) (Source: DCOM) (EventID: 10010) (User: Workstation)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/16/2015 06:29:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%1053

Error: (01/16/2015 06:29:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HOSTS Anti-PUPs service to connect.

Error: (01/16/2015 08:55:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%1053

Error: (01/16/2015 08:55:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HOSTS Anti-PUPs service to connect.

Error: (01/16/2015 06:21:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%1053

Error: (01/16/2015 06:21:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HOSTS Anti-PUPs service to connect.

Error: (01/15/2015 06:56:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%1053

Error: (01/15/2015 06:56:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HOSTS Anti-PUPs service to connect.


Microsoft Office Sessions:
=========================
Error: (01/16/2015 06:29:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Launchpad.exe6.1.8800.164005094946fKERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c96801d0315e2be7df44C:\Program Files\Windows Server\Bin\Launchpad.exeC:\WINDOWS\system32\KERNELBASE.dll761cfc13-9d51-11e4-8048-001cc4881243

Error: (01/16/2015 06:29:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Launchpad.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Windows.Markup.XamlParseException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadComponent(System.Object, System.Uri)
   at Microsoft.WindowsServerSolutions.LaunchPad.MainWindow..ctor()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.Main()

Error: (01/16/2015 08:57:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Launchpad.exe6.1.8800.164005094946fKERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c9a801d0310e00129d68C:\Program Files\Windows Server\Bin\Launchpad.exeC:\WINDOWS\system32\KERNELBASE.dll6e3a00e4-9d01-11e4-8047-001cc4881243

Error: (01/16/2015 08:56:43 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Launchpad.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Windows.Markup.XamlParseException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadComponent(System.Object, System.Uri)
   at Microsoft.WindowsServerSolutions.LaunchPad.MainWindow..ctor()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.Main()

Error: (01/16/2015 06:21:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Launchpad.exe6.1.8800.164005094946fKERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c96401d030f85db9ba66C:\Program Files\Windows Server\Bin\Launchpad.exeC:\WINDOWS\system32\KERNELBASE.dlla4cfd674-9ceb-11e4-8046-001cc4881243

Error: (01/16/2015 06:20:48 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Launchpad.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Windows.Markup.XamlParseException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadComponent(System.Object, System.Uri)
   at Microsoft.WindowsServerSolutions.LaunchPad.MainWindow..ctor()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.Main()

Error: (01/15/2015 07:12:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (01/15/2015 06:56:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Launchpad.exe6.1.8800.164005094946fKERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c98801d03098c2f5d1e3C:\Program Files\Windows Server\Bin\Launchpad.exeC:\WINDOWS\system32\KERNELBASE.dll0a2b930c-9c8c-11e4-8045-001cc4881243

Error: (01/15/2015 06:56:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Launchpad.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Windows.Markup.XamlParseException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadComponent(System.Object, System.Uri)
   at Microsoft.WindowsServerSolutions.LaunchPad.MainWindow..ctor()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at Microsoft.WindowsServerSolutions.LaunchPad.App.Main()

Error: (01/15/2015 01:04:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Launchpad.exe6.1.8800.164005094946fKERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c19d001d03067898bd9d1C:\Program Files\Windows Server\Bin\Launchpad.exeC:\WINDOWS\system32\KERNELBASE.dllc7d1058f-9c5a-11e4-8044-001cc4881243


CodeIntegrity Errors:
===================================
  Date: 2015-01-16 18:43:55.378
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-16 06:32:02.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-15 19:14:53.347
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-15 13:57:25.338
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-15 13:57:25.229
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-15 13:23:27.705
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-15 07:28:11.269
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-14 07:26:16.340
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-13 14:07:32.727
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-11 08:20:46.451
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Xeon® CPU X5260 @ 3.33GHz
Percentage of memory in use: 17%
Total physical RAM: 12287.34 MB
Available physical RAM: 10168.67 MB
Total Pagefile: 14143.34 MB
Available Pagefile: 11807.53 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.42 GB) (Free:115.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EE885B71)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,747 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:01 AM

Posted 16 January 2015 - 09:51 AM

The Hosts file may be blocking the site.

You have installed the HOSTS Anti-Adware_PUPs, A program developed by Malekal_morte in optical limiting and adware infections PUP ("Potentially Unwanted Software"). The program will be launched each time you start the computer which will updated regularly the database. Note: Located in \%Program Files%\hosts_anti_adwares_pups\

Open your HOSTS file and see if Freemake.com is listed.
Remove every reference to that site and save the file.

You will find the file in this folder in bold.

2013-02-11 21:21 - 2014-04-25 13:49 - 00040318 ____A C:\WINDOWS\system32\Drivers\etc\hosts

It may be hidden. Refer to this page to unhide the file.
http://blogs.msdn.com/b/zxue/archive/2012/03/08/win8-howto-19-show-hidden-files-folders-and-drives.aspx

p.s
If this is the issue then the next time your hosts file is updated by the program you will be again blocking the Freemake site.

If you decide to remove the program use the Add/Remove programs applet.

Keep me posted.

#6 ucmego

ucmego
  • Topic Starter

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:11:01 PM

Posted 18 January 2015 - 03:36 PM

The Hosts file may be blocking the site.

You have installed the HOSTS Anti-Adware_PUPs, A program developed by Malekal_morte in optical limiting and adware infections PUP ("Potentially Unwanted Software"). The program will be launched each time you start the computer which will updated regularly the database. Note: Located in \%Program Files%\hosts_anti_adwares_pups\

Open your HOSTS file and see if Freemake.com is listed.
Remove every reference to that site and save the file.

You will find the file in this folder in bold.

2013-02-11 21:21 - 2014-04-25 13:49 - 00040318 ____A C:\WINDOWS\system32\Drivers\etc\hosts

It may be hidden. Refer to this page to unhide the file.
http://blogs.msdn.com/b/zxue/archive/2012/03/08/win8-howto-19-show-hidden-files-folders-and-drives.aspx

p.s
If this is the issue then the next time your hosts file is updated by the program you will be again blocking the Freemake site.

If you decide to remove the program use the Add/Remove programs applet.

Keep me posted.

 

Hi,

 

I had a look at teh host file and their are over 650 entries that end with anti-adware / pups

 

Below are some of the entries;

 

#671
127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 212link.com # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.adorika.net # hosts anti-adware / pups
127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups

 

 

Do I remove every entry that has anti-adware / pups?

 

Thanks for your help.



#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,747 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:01 AM

Posted 19 January 2015 - 07:31 AM


No the host file looks goodl.

Anything after the pound sign is only a a remark.

# hosts anti-adware / pups

Search the file and is you find anything about Freemake delete that line and save the file.
===

If that fails try this.

Click the StartBtn.gif button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

ipconfig /release

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7/8 with Elevated Privilege
http://www.bleepingcomputer.com/tutorials/windows-elevated-command-prompt/
<<<>>>

How is it now?

#8 ucmego

ucmego
  • Topic Starter

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:11:01 PM

Posted 19 January 2015 - 04:05 PM

No the host file looks goodl.

Anything after the pound sign is only a a remark.

# hosts anti-adware / pups

Search the file and is you find anything about Freemake delete that line and save the file.
===

If that fails try this.

Click the StartBtn.gif button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

ipconfig /release

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7/8 with Elevated Privilege
http://www.bleepingcomputer.com/tutorials/windows-elevated-command-prompt/
<<<>>>

How is it now?

 

Hi,

 

Thanks for your reply.

 

I should have stated that it happens on other sites as well I get teh same message

 

Unable to connect

Firefox can't establish a connection to the server at ................

    The site could be temporarily unavailable or too busy. Try again in a few moments.
    If you are unable to load any pages, check your computer's network connection.
    If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.



#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,747 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:01 AM

Posted 20 January 2015 - 07:56 AM

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F
===

If that fails the reinstall Firefox.

Remove Firefox using the instructions one this page.
https://support.mozilla.org/en-US/kb/uninstall-firefox-from-your-computer

Before proceeding save your Bookmarks.
https://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

Install the latest version of the application.

You can then import them to the new version of Firefox.

Firefox Password manager -
Remember, delete and change saved passwords in Firefox
https://support.mozilla.org/en-US/kb/password-manager-remember-delete-change-passwords
<<<>>>

How is it now?

#10 ucmego

ucmego
  • Topic Starter

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:11:01 PM

Posted 20 January 2015 - 03:25 PM

Hi,

 

Thanks again for your reply.

 

Before I go and do the Firfox reset etc as per your post does this fix the problem in IE as well?



#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,747 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:01 AM

Posted 21 January 2015 - 08:04 AM



Reset Internet Explorer:
Menu > Tools > Internet Options > Advanced Tab.
Click the Reset button on the bottom of the pane.
Click the Apply button.
Close IE.

===

Keep me posted on both browsers.

#12 nasdaq

nasdaq

  • Malware Response Team
  • 40,747 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:01 AM

Posted 27 January 2015 - 08:54 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

#13 ucmego

ucmego
  • Topic Starter

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Local time:11:01 PM

Posted 27 January 2015 - 03:56 PM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

 

Hi,

 

Im still working on this probelm.

 

How do I save my shortcuts in Firefox which I have url's at the top?



#14 nasdaq

nasdaq

  • Malware Response Team
  • 40,747 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:01 AM

Posted 28 January 2015 - 09:11 AM

Can this article help?

https://support.mozilla.org/en-US/kb/create-bookmarks-save-your-favorite-webpages




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users