olace88

Done! It's clean. Thanks Ron!

Hi Ron, I just noticed somebody went in this thread and his name is Hooligansx2(jeff) and I saw your reply. is the combo fix for me or for him? I'm confused. regards, olace88

Oh I posted too soon. Let me run the combofix before closing the thread. thanks Ron!

Hi Ron, It's been running perfect. The browsing is faster and no signs of infections. I think we can close this thread and declare it's solved. But let me thank you for your unfailing support and patience. I really appreciate all your efforts. Thank you very much Ron! I'm very happy! More power to you and malwarebytes! olace88

Hi Ron, Here it is Results of screen317's Security Check version 0.99.88 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Panda Cloud Cleaner Adobe Reader XI Mozilla Thunderbird (3.1.7) Thunderbird out of Date! Google Chrome 37.0.2062.103 Google Chrome 37.0.2062.120 ````````Process Check: objlist.exe by Laurent```````` Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe Globe Tattoo Broadband OnlineUpdate ouc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2% ````````````````````End of Log``````````````````````

Hi Ron, Sorry for the delay. Anyway, I could not find the YAOUTUEBEEADBLOCKE app so I could not unis\nstall them as you have intructed previously. Here's my latest Fixlog.txt Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014 01Ran by mel adriano at 2014-10-07 09:01:44 Run:3Running from C:\Users\mel adriano\DesktopLoaded Profile: mel adriano (Available profiles: mel adriano & NANCY BINAY for Sena)Boot Mode: Normal============================================== Content of fixlist:*****************"C:\Users\mel adriano\AppData\LocalLow\uTorrentControl""C:\Users\mel adriano\Downloads\uTorrent (1).exe""C:\Program Files (x86)\uTorrent\uTorrent.exe"Reg: reg delete "HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl" /fReg: reg delete "HKEY_CURRENT_USER\Software\BitTorrent\uTorrent" /fReg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe" /fReg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\uTorrent (1).exe" /fReg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-11511148-282223610-3023385546-1000\Software\uTorrentControl" /fReg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}" /fReg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btapp" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btinstall" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btkey" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btsearch" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btsearch\OpenWithProgids" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btskin" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.torrent" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.torrent\OpenWithProgids" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\Applications\uTorrent.exe" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\btdna\DefaultIcon" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\btdna\shell\open\command" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\uTorrent" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}\InprocServer32" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}\InprocServer32" /fReg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent (1)_RASAPI32" /fReg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent" /fReg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-11511148-282223610-3023385546-1000\Software\uTorrentControl" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btapp" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btkey" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch\OpenWithProgids" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btskin" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.torrent" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Applications\uTorrent.exe" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Applications\uTorrent.exe\shell\open\command" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\btdna\DefaultIcon" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Magnet\DefaultIcon" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Magnet\shell\open\command" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\uTorrent" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\uTorrent" /fReg: reg delete "HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar" /fReg: reg delete "HKEY_CURRENT_USER\Software\BitTorrent" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btapp" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btinstall" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btkey" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btsearch" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.btskin" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\.torrent" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-app" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-appinst" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-key" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-skin" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrentsearchdescription+xml" /fReg: reg delete "HKEY_CURRENT_USER\Software\Classes\uTorrent" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\BitTorrent" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btapp" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btinstall" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btkey" /fReg: reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch" /f ***************** "C:\Users\mel adriano\AppData\LocalLow\uTorrentControl" => File/Directory not found.C:\Users\mel adriano\Downloads\uTorrent (1).exe => Moved successfully.C:\Program Files (x86)\uTorrent\uTorrent.exe => Moved successfully. ========= reg delete "HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\BitTorrent\uTorrent" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\uTorrent (1).exe" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-11511148-282223610-3023385546-1000\Software\uTorrentControl" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btapp" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btinstall" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btkey" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btsearch" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btsearch\OpenWithProgids" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btskin" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.torrent" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.torrent\OpenWithProgids" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\Applications\uTorrent.exe" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\btdna\DefaultIcon" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\btdna\shell\open\command" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\uTorrent" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}\InprocServer32" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}\InprocServer32" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent (1)_RASAPI32" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-11511148-282223610-3023385546-1000\Software\uTorrentControl" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btapp" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btkey" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch\OpenWithProgids" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btskin" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.torrent" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Applications\uTorrent.exe" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Applications\uTorrent.exe\shell\open\command" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\btdna\DefaultIcon" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Magnet\DefaultIcon" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Magnet\shell\open\command" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\uTorrent" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\uTorrent" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\BitTorrent" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btapp" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btinstall" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btkey" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btsearch" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.btskin" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\.torrent" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-app" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-appinst" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-key" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-skin" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrentsearchdescription+xml" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Classes\uTorrent" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\BitTorrent" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btapp" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btinstall" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btkey" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ==== End of Fixlog ====

Hi Ron, I just want to let you know I appreciate your time looking into my problem. I am very much satisfied with your support. I can see my PC has improved greatly with no more bad images popping up. I understand we need a few more steps to get my PC into perfect health. Please take your time and if you need to rest, please do so. No pressure. Meanwhile, I'm trying to review the Panda results and will get back to you asap. Thank you very much, olace88

Hi Ron, Here are my logs. PCLOUDCLEANER: . FILE: C:\USERS\MEL ADRIANO\APPDATA\ROAMING\MOZILLA\FIREFOX\EXTENSIONS\{E9DF9360-97F8-4690-AFE6-996C80790DA4}\COMPONENTS\RADIOWMPCOREGECKO11.DLL to be deleted.. FILE: C:\Users\mel adriano\Desktop\CopyTrans Control Center.lnk to be deleted.. FILE: C:\Users\mel adriano\Desktop\PHOTORECOVERY LE.lnk to be deleted.. FILE: C:\Users\mel adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\CopyTrans Control Center.lnk to be deleted.. FILE: C:\Users\mel adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\Uninstall.lnk to be deleted.. FILE: C:\Users\mel adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup\Google+ Auto Backup.lnk to be deleted.. FILE: C:\Users\mel adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PHOTORECOVERY\PHOTORECOVERY LE.lnk to be deleted.. TASK: Task\[ReclaimerUpdateFiles_mel adriano]. Task to be deleted.. TASK: Task\[ReclaimerUpdateXML_mel adriano]. Task to be deleted.. TASK: Task\[RNUpgradeHelperLogonPrompt_mel adriano]. Task to be deleted.. TASK: Task\[RNUpgradeHelperResumePrompt_mel adriano]. Task to be deleted.. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\COPYTRANS SUITE. Key to be deleted.. REGKEY: HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}. Key to be deleted.. REGKEY: HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}. Key to be deleted.. REGKEY: HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}. Key to be deleted.. REGKEY: HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}. Key to be deleted.Malware. FILE: E:\LHQV.PIF to be deleted.Malware. FILE: E:\autorun.inf to be deleted.Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLEREGISTRYTOOLS]. Value: DISABLEREGISTRYTOOLS To be deleted.Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLETASKMGR]. Value: DISABLETASKMGR To be deleted.. FILE: C:\PROGRAM FILES (X86)\YAOUTTUEBEEADBLOCKE\PDFHKNYIUDKQ2T.DAT to be deleted.. FILE: C:\PROGRAM FILES (X86)\YAOUTTUEBEEADBLOCKE\PDFHKNYIUDKQ2T.TLB to be deleted.. FOLDER: C:\PROGRAM FILES (X86)\YAOUTTUEBEEADBLOCKE to be deleted.. FILE: C:\PROGRAMDATA\YAOUTTUEBEEADBLOCKE\YTQAYEH10GEBVGD.DAT to be deleted.. FOLDER: C:\PROGRAMDATA\YAOUTTUEBEEADBLOCKE to be deleted. SystemLook: SystemLook 30.07.11 by jpshortstuffLog created at 15:44 on 02/10/2014 by mel adrianoAdministrator - Elevation successful ========== filefind ========== Searching for "*µTorrent*"C:\Users\Public\Desktop\µTorrent.lnk --a---- 946 bytes [04:53 17/03/2012] [04:53 17/03/2012] E1FC0F87CDF35168E257567BF64C21CC Searching for "*bittorrent*"No files found. ========== folderfind ========== Searching for "*µTorrent*"No folders found. Searching for "*bittorrent*"No folders found. ========== regfind ========== Searching for "uTorrent"[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl][HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar]"WebServerUrl"="http://uTorrentControl.OurToolbar.com/"[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar]"DisplayName"="uTorrentControl"[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings]"HomePageUrl"="http://www.utorrent.com"[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\https___toolbar_utorrent_com_single_html_tbv=14&tbn=1&v=0_6][HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\http___bar_utorrent_com_conduit_html_v=1_03][HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\http___bar_utorrent_com_conduit_html_v=1_04][HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\http___toolbar_utorrent_com_single_html_tbv=14&tbn=1&v=0_6][HKEY_CURRENT_USER\Software\BitTorrent\uTorrent][HKEY_CURRENT_USER\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe][HKEY_CURRENT_USER\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe]"Path"="C:\Users\mel adriano\Downloads\uTorrent (1).exe"[HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\uTorrent (1).exe][HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\uTorrent (1).exe]"Path"="C:\Users\mel adriano\Downloads\uTorrent (1).exe"[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-11511148-282223610-3023385546-1000\Software\uTorrentControl][HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}]"AppName"="uTorrentControlAutoUpdateHelper.exe"[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}]"AppName"="uTorrentControlToolbarHelper.exe"[HKEY_CURRENT_USER\Software\Classes\.btapp]@="uTorrent"[HKEY_CURRENT_USER\Software\Classes\.btinstall]@="uTorrent"[HKEY_CURRENT_USER\Software\Classes\.btkey]@="uTorrent"[HKEY_CURRENT_USER\Software\Classes\.btsearch]@="uTorrent"[HKEY_CURRENT_USER\Software\Classes\.btsearch\OpenWithProgids]"uTorrent"=""[HKEY_CURRENT_USER\Software\Classes\.btskin]@="uTorrent"[HKEY_CURRENT_USER\Software\Classes\.torrent]@="uTorrent"[HKEY_CURRENT_USER\Software\Classes\.torrent\OpenWithProgids]"uTorrent"=""[HKEY_CURRENT_USER\Software\Classes\Applications\uTorrent.exe][HKEY_CURRENT_USER\Software\Classes\Applications\uTorrent.exe\shell\open\command]@=""C:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""[HKEY_CURRENT_USER\Software\Classes\btdna\DefaultIcon]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" ",0"[HKEY_CURRENT_USER\Software\Classes\btdna\shell\open\command]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "/DNA""[HKEY_CURRENT_USER\Software\Classes\Magnet\DefaultIcon]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe",0"[HKEY_CURRENT_USER\Software\Classes\Magnet\shell\open\command]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "%1""[HKEY_CURRENT_USER\Software\Classes\uTorrent][HKEY_CURRENT_USER\Software\Classes\uTorrent\DefaultIcon]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe",0"[HKEY_CURRENT_USER\Software\Classes\uTorrent\shell\open\command]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "%1""[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}]@="uTorrentControl API Server"[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}\InprocServer32]@="C:\Users\mel adriano\AppData\LocalLow\uTorrentControl\prxtbuTo2.dll"[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}]@="uTorrentControl Toolbar"[HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}\InprocServer32]@="C:\Users\mel adriano\AppData\LocalLow\uTorrentControl\prxtbuTo2.dll"[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent (1)_RASAPI32][HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent (1)_RASMANCS][HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentControlAutoUpdateHelper_RASAPI32][HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentControlAutoUpdateHelper_RASMANCS][HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentControlToolbarHelper_RASAPI32][HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrentControlToolbarHelper_RASMANCS][HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32][HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS][HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent][HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]"DisplayIcon"="C:\Program Files (x86)\uTorrent\uTorrent.exe,0"[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]"UninstallString"=""C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL"[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]"InstallLocation"="C:\Program Files (x86)\uTorrent"[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]"URLInfoAbout"="http://www.utorrent.com"[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{7F884848-3D0C-4943-9FE0-9EC6C40BA6BF}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|"[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{5210A0FC-CF43-40D5-8394-71530615920F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|"[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{7F884848-3D0C-4943-9FE0-9EC6C40BA6BF}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|"[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{5210A0FC-CF43-40D5-8394-71530615920F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{7F884848-3D0C-4943-9FE0-9EC6C40BA6BF}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{5210A0FC-CF43-40D5-8394-71530615920F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE|"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar]"WebServerUrl"="http://uTorrentControl.OurToolbar.com/"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar]"DisplayName"="uTorrentControl"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings]"HomePageUrl"="http://www.utorrent.com"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\https___toolbar_utorrent_com_single_html_tbv=14&tbn=1&v=0_6][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\http___bar_utorrent_com_conduit_html_v=1_03][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\http___bar_utorrent_com_conduit_html_v=1_04][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar\Settings\BackHandStorage\http___toolbar_utorrent_com_single_html_tbv=14&tbn=1&v=0_6][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\BitTorrent\uTorrent][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\IntelliPoint\AppSpecific\uTorrent (1).exe]"Path"="C:\Users\mel adriano\Downloads\uTorrent (1).exe"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\IntelliType Pro\AppSpecific\uTorrent (1).exe][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\IntelliType Pro\AppSpecific\uTorrent (1).exe]"Path"="C:\Users\mel adriano\Downloads\uTorrent (1).exe"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-11511148-282223610-3023385546-1000\Software\uTorrentControl][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00430058-DBC6-415A-B393-C2943282B2AE}]"AppName"="uTorrentControlAutoUpdateHelper.exe"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC61AAA-1D40-4CD3-A77E-BAC45545C561}]"AppName"="uTorrentControlToolbarHelper.exe"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btapp]@="uTorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btinstall]@="uTorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btkey]@="uTorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch]@="uTorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch\OpenWithProgids]"uTorrent"=""[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btskin]@="uTorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.torrent]@="uTorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.torrent\OpenWithProgids]"uTorrent"=""[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Applications\uTorrent.exe][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Applications\uTorrent.exe\shell\open\command]@=""C:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\btdna\DefaultIcon]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" ",0"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\btdna\shell\open\command]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "/DNA""[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Magnet\DefaultIcon]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe",0"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Magnet\shell\open\command]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "%1""[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\uTorrent][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\uTorrent\DefaultIcon]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe",0"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\uTorrent\shell\open\command]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "%1""[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}]@="uTorrentControl API Server"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}\InprocServer32]@="C:\Users\mel adriano\AppData\LocalLow\uTorrentControl\prxtbuTo2.dll"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}]@="uTorrentControl Toolbar"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}\InprocServer32]@="C:\Users\mel adriano\AppData\LocalLow\uTorrentControl\prxtbuTo2.dll"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btapp]@="uTorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btinstall]@="uTorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btkey]@="uTorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btsearch]@="uTorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btsearch\OpenWithProgids]"uTorrent"=""[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btskin]@="uTorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.torrent]@="uTorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.torrent\OpenWithProgids]"uTorrent"=""[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Applications\uTorrent.exe][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Applications\uTorrent.exe\shell\open\command]@=""C:\Program Files (x86)\uTorrent\uTorrent.exe" "%1""[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\btdna\DefaultIcon]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" ",0"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\btdna\shell\open\command]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "/DNA""[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Magnet\DefaultIcon]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe",0"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Magnet\shell\open\command]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "%1""[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\uTorrent][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\uTorrent\DefaultIcon]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe",0"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\uTorrent\shell\open\command]@=""C:\Users\mel adriano\Downloads\uTorrent (1).exe" "%1""[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}]@="uTorrentControl API Server"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Wow6432Node\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}\InprocServer32]@="C:\Users\mel adriano\AppData\LocalLow\uTorrentControl\prxtbuTo2.dll"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}]@="uTorrentControl Toolbar"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\Wow6432Node\CLSID\{e9df9360-97f8-4690-afe6-996c80790da4}\InprocServer32]@="C:\Users\mel adriano\AppData\LocalLow\uTorrentControl\prxtbuTo2.dll"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1006\Software\AppDataLow\Software\uTorrentControl][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1006\Software\AppDataLow\Software\uTorrentControl\toolbar]"DisplayName"="uTorrentControl" Searching for "BitTorrent"[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentControl\toolbar]"Write us link"="jaehee@bittorrent.com"[HKEY_CURRENT_USER\Software\BitTorrent][HKEY_CURRENT_USER\Software\Classes\.btapp]"Content Type"="application/x-bittorrent-app"[HKEY_CURRENT_USER\Software\Classes\.btinstall]"Content Type"="application/x-bittorrent-appinst"[HKEY_CURRENT_USER\Software\Classes\.btkey]"Content Type"="application/x-bittorrent-key"[HKEY_CURRENT_USER\Software\Classes\.btsearch]"Content Type"="application/x-bittorrentsearchdescription+xml"[HKEY_CURRENT_USER\Software\Classes\.btskin]"Content Type"="application/x-bittorrent-skin"[HKEY_CURRENT_USER\Software\Classes\.torrent]"Content Type"="application/x-bittorrent"[HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent][HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-app][HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-appinst][HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-key][HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-skin][HKEY_CURRENT_USER\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrentsearchdescription+xml][HKEY_CURRENT_USER\Software\Classes\uTorrent\Content Type]@="application/x-bittorrent"[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrent][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-bittorrentsearchdescription+xml][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\AppDataLow\Software\uTorrentControl\toolbar]"Write us link"="jaehee@bittorrent.com"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\BitTorrent][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btapp]"Content Type"="application/x-bittorrent-app"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btinstall]"Content Type"="application/x-bittorrent-appinst"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btkey]"Content Type"="application/x-bittorrent-key"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btsearch]"Content Type"="application/x-bittorrentsearchdescription+xml"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.btskin]"Content Type"="application/x-bittorrent-skin"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\.torrent]"Content Type"="application/x-bittorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-app][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-appinst][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-key][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrent-skin][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\MIME\DataBase\Content Type\application/x-bittorrentsearchdescription+xml][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000\Software\Classes\uTorrent\Content Type]@="application/x-bittorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btapp]"Content Type"="application/x-bittorrent-app"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btinstall]"Content Type"="application/x-bittorrent-appinst"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btkey]"Content Type"="application/x-bittorrent-key"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btsearch]"Content Type"="application/x-bittorrentsearchdescription+xml"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.btskin]"Content Type"="application/x-bittorrent-skin"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\.torrent]"Content Type"="application/x-bittorrent"[HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\MIME\DataBase\Content Type\application/x-bittorrent][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\MIME\DataBase\Content Type\application/x-bittorrent-app][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\MIME\DataBase\Content Type\application/x-bittorrent-appinst][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\MIME\DataBase\Content Type\application/x-bittorrent-key][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\MIME\DataBase\Content Type\application/x-bittorrent-skin][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\MIME\DataBase\Content Type\application/x-bittorrentsearchdescription+xml][HKEY_USERS\S-1-5-21-11511148-282223610-3023385546-1000_Classes\uTorrent\Content Type]@="application/x-bittorrent" -= EOF =- FIXLOG: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-09-2014 02Ran by mel adriano at 2014-10-02 15:49:32 Run:2Running from C:\Users\mel adriano\DesktopLoaded Profiles: mel adriano & NANCY BINAY for Sena (Available profiles: mel adriano & NANCY BINAY for Sena)Boot Mode: Normal============================================== Content of fixlist:*****************Task: {1F4E4EA8-5375-4BED-92FD-8B2FDB6FD1C2} - System32\Tasks\{5ACD9813-F2C5-428C-B21A-EB4DC0BBBFD1} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603AlternateDataStreams: C:\Users\mel adriano\Downloads\noname (1).eml:OECustomPropertyAlternateDataStreams: C:\Users\mel adriano\Downloads\noname (2).eml:OECustomPropertyAlternateDataStreams: C:\Users\mel adriano\Downloads\noname (3).eml:OECustomPropertyAlternateDataStreams: C:\Users\mel adriano\Downloads\noname.eml:OECustomPropertyEmptyTemp:Reboot: ***************** "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F4E4EA8-5375-4BED-92FD-8B2FDB6FD1C2}" => Key deleted successfully."HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F4E4EA8-5375-4BED-92FD-8B2FDB6FD1C2}" => Key deleted successfully.C:\Windows\System32\Tasks\{5ACD9813-F2C5-428C-B21A-EB4DC0BBBFD1} => Moved successfully."HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5ACD9813-F2C5-428C-B21A-EB4DC0BBBFD1}" => Key deleted successfully.C:\Users\mel adriano\Downloads\noname (1).eml => ":OECustomProperty" ADS removed successfully.C:\Users\mel adriano\Downloads\noname (2).eml => ":OECustomProperty" ADS removed successfully.C:\Users\mel adriano\Downloads\noname (3).eml => ":OECustomProperty" ADS removed successfully.C:\Users\mel adriano\Downloads\noname.eml => ":OECustomProperty" ADS removed successfully.EmptyTemp: => Removed 152.7 MB temporary data. The system needed a reboot. ==== End of Fixlog ====

Hi Ron, Ok. Here is the addition.txt. Addition.txt

Hi Ron, I have attached the FRST.txt and this is the second time I ran it so it did not create the addition.txt log. Here's the latest FRST txt file again. Please see attached. FRST.txt

Hi Ron, Here are my logs. I do not have the ESET online scan results. I could not get it to run on my PC. It was asking for a proxy server. My LAN is configured to automatic so I do not want to messed it up. Anyway, I skipped this and went on to step 8. FRST.txt JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.2.4 (10.01.2014:1)OS: Windows 7 Home Premium x64Ran by mel adriano on Wed 10/01/2014 at 16:04:17.47~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] datamngrcoordinator Successfully deleted: [service] datamngrcoordinator Failed to stop: [service] hshld Successfully stopped: [service] hsstrayservice Successfully deleted: [service] hsstrayservice Failed to stop: [service] hsswd ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar.CT1561552Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1561552Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ConduitInstaller_RASAPI32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ConduitInstaller_RASMANCSSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS ~~~ Files Successfully deleted: [File] "C:\Users\mel adriano\AppData\Roaming\microsoft\windows\start menu\programs\ilivid.lnk" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\aol toolbar"Successfully deleted: [Folder] "C:\ProgramData\datamngr"Successfully deleted: [Folder] "C:\ProgramData\hotspot shield"Successfully deleted: [Folder] "C:\ProgramData\partner"Successfully deleted: [Folder] "C:\ProgramData\premium"Successfully deleted: [Folder] "C:\ProgramData\viewpoint"Successfully deleted: [Folder] "C:\ProgramData\wecarereminder"Successfully deleted: [Folder] "C:\Users\mel adriano\AppData\Roaming\hotspot shield"Successfully deleted: [Folder] "C:\Users\mel adriano\appdata\local\aol toolbar"Successfully deleted: [Folder] "C:\Users\mel adriano\appdata\local\conduit"Successfully deleted: [Folder] "C:\Users\mel adriano\appdata\local\ilivid"Successfully deleted: [Folder] "C:\Users\mel adriano\appdata\local\torch"Successfully deleted: [Folder] "C:\Users\mel adriano\appdata\locallow\conduit"Successfully deleted: [Folder] "C:\Program Files (x86)\aol toolbar"Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"Successfully deleted: [Folder] "C:\Program Files (x86)\hotspot shield"Successfully deleted: [Folder] "C:\Program Files (x86)\movies toolbar"Successfully deleted: [Folder] "C:\Program Files (x86)\viewpoint"Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\software update utility" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Wed 10/01/2014 at 16:07:19.28End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AdwCleaner: # AdwCleaner v3.311 - Report created 01/10/2014 at 16:12:48# Updated 30/09/2014 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : mel adriano - MELADRIANO-PC# Running from : C:\Users\mel adriano\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** [#] Service Deleted : hshld[#] Service Deleted : hsswd ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\GoSaaveiFolder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shieldFolder Deleted : C:\Program Files (x86)\1ClickDownloadFolder Deleted : C:\Program Files (x86)\ExpressFilesFolder Deleted : C:\Program Files (x86)\GoSaaveiFolder Deleted : C:\Users\Administrator\AppData\Local\Chromatic BrowserFolder Deleted : C:\Users\Administrator\AppData\Local\torchFolder Deleted : C:\Users\Guest\AppData\Local\Chromatic BrowserFolder Deleted : C:\Users\Guest\AppData\Local\torchFolder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic BrowserFolder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torchFolder Deleted : C:\Users\mel adriano\AppData\Local\Chromatic BrowserFolder Deleted : C:\Users\mel adriano\AppData\LocalLow\HPAppDataFolder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\AOL ToolbarFolder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\Chromatic BrowserFolder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\torchFolder Deleted : C:\Users\NANCY BINAY for Sena\AppData\LocalLow\AVG Secure SearchFolder Deleted : C:\Users\NANCY BINAY for Sena\AppData\LocalLow\ConduitFolder Deleted : C:\Users\NANCY BINAY for Sena\AppData\LocalLow\Hotspot_ShieldFolder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahlaFolder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoicFolder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoicFolder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoicFolder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic[!] Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic[!] Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic[!] Folder Deleted : C:\Users\NANCY BINAY for Sena\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoicFile Deleted : C:\Users\Public\Desktop\eBay.lnk ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLLKey Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlKey Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondaryKey Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1Key Deleted : HKLM\SOFTWARE\Classes\dnUpdateKey Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowserKey Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdControllerKey Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbhoKey Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancsKey Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMPValue Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}Key Deleted : HKCU\Software\anchorfreeKey Deleted : HKCU\Software\APNDTXKey Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\ExpressFilesKey Deleted : HKCU\Software\ilividKey Deleted : HKCU\Software\RegisteredApplicationsExKey Deleted : HKCU\Software\Tbccint_HKLMKey Deleted : HKCU\Software\YahooPartnerToolbarKey Deleted : HKCU\Software\AppDataLow\ToolbarKey Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainerKey Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopesKey Deleted : HKCU\Software\AppDataLow\Software\SmartBarKey Deleted : HKLM\SOFTWARE\ConduitKey Deleted : HKLM\SOFTWARE\ExpressFilesKey Deleted : HKLM\SOFTWARE\hotspotshieldKey Deleted : HKLM\SOFTWARE\MetaStreamKey Deleted : HKLM\SOFTWARE\ViewpointKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilividKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownloadKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshieldKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtilityKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17280 -\\ Google Chrome v37.0.2062.120 [ File : C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [search Provider] : hxxp://isearch.avg.com/search?cid={F8AAA2BE-2131-48E3-AA86-03DF63D5B733}&mid=dfe7d6a1a61247d0a2b9d14acce4e9e6-64fcfabea6792deb68870cce2bc0482561f35811〈=en&ds=AVG&pr=pr&d=2012-03-17 21:37:41&v=10.2.0.3&sap=dsp&q={searchTerms}Deleted [search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072254Deleted [search Provider] : hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-aolTB50CL-chromesbox-en-usDeleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}Deleted [search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=1721&systemid=406&v=a13350-400&apn_uid=4334061505004623&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}Deleted [search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=1721&systemid=406&v=a13350-400&apn_uid=4334061505004623&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}Deleted [search Provider] : hxxp://movies.netflix.com/WiSearch?oq=cashback&ac_posn=-1&ac_rec=true&ac_count=%5B1%2C0%2C0%5D&ac_match=false&v1={searchTerms}&search_submit= [ File : C:\Users\NANCY BINAY for Sena\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [Extension] : ippkomaaonokjnfjoikaemidanojkfmmDeleted [Extension] : jmfkcklnlgedgbglfkkgedjfmejoahlaDeleted [Extension] : fpelbholhcgccadaggfgmfemdnhjaoic ************************* AdwCleaner[R0].txt - [13283 octets] - [01/10/2014 16:08:58]AdwCleaner[s0].txt - [12973 octets] - [01/10/2014 16:12:48] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [13034 octets] ########## Malwarebytes Scan Log: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10/1/2014Scan Time: 4:25:24 PMLogfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.10.01.03Rootkit Database: v2014.09.19.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: mel adriano Scan Type: Threat ScanResult: CompletedObjects Scanned: 408144Time Elapsed: 12 min, 41 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 2PUP.Optional.Installmate, C:\ProgramData\InstallMate\{C1E28B35-42CA-43F0-8B8B-85F6E7255916}, Quarantined, [a1e4e708c2b945f13caba65d07fc817f], PUP.Optional.Installmate, C:\ProgramData\InstallMate\{C1E28B35-42CA-43F0-8B8B-85F6E7255916}\18C45FC73EF40D0C, Quarantined, [a1e4e708c2b945f13caba65d07fc817f], Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) FRST:

Hi Ron, I forgot the fixlog report. Here it is. Fixlog.txt

Hi Ron, Thanks for your reply. Here are the logs.JavaRa.log JavaRa 1.16 Removal Log.Report follows after line.------------------------------------The JavaRa removal process was started on Wed Oct 01 14:39:21 2014 There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124.There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124.Found and removed: JavaPlugin.FamilyVersionSupportFound and removed: SOFTWARE\Classes\JavaPluginFound and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.6.0.0Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}Found and removed: SOFTWARE\Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284}Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284}Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkitFound and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/x-java-appletFound and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/x-java-jnlp-fileFound and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284}Found and removed: SOFTWARE\Classes\.jnlpFound and removed: SOFTWARE\Classes\JavaWebStart.isInstalledFound and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0Found and removed: SOFTWARE\Classes\JNLPFileFound and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper ObjectsFound and removed: SOFTWARE\JavaSoftFound and removed: SOFTWARE\JreMetricsFound and removed: SOFTWARE\Classes\JavaPlugin.10512------------------------------------Finished reporting.

Here's my additional log. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 02Ran by mel adriano at 2014-09-29 09:32:54Running from C:\Users\mel adriano\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3 - )1ClickDownload (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - 1ClickDownload) <==== ATTENTION64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) HiddenAcrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) HiddenAdobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)Adobe Photoshop Elements 7.0 (x32 Version: 7.0 - Adobe Systems Incorporated) HiddenAdobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 2.61 - Adobe Systems Incorporated)Adobe Premiere Elements 7.0 (HKLM-x32\...\PremElem70) (Version: 7.0 - Adobe Systems Incorporated)Adobe Premiere Elements 7.0 (x32 Version: 7.0 - Adobe Systems Incorporated) HiddenAdobe Premiere Elements 7.0 Templates (HKLM-x32\...\PremElem70Templates) (Version: 7.0.0 - Adobe Systems Incorporated)Adobe Premiere Elements 7.0 Templates (x32 Version: 7.0.0 - Adobe Systems Incorporated) HiddenAdobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)Advertising Center (x32 Version: 0.0.0.2 - Nero AG) HiddenAOL Toolbar (HKLM-x32\...\AOL Toolbar) (Version: - )AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL LLC)Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Art Explosion Publisher Pro (HKLM-x32\...\{C62D7344-8709-4443-9C95-F90659CBC27F}) (Version: 1.00.0014 - Nova Development)ASPCA Reminder by We-Care.com v4.0.16.1 (HKLM-x32\...\{94358C28-335B-4E43-BC4E-C59576BAB653}) (Version: 4.0.16.1 - We-Care.com)Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.23 - Avanquest Software)Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) HiddenBonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Brother MFL-Pro Suite MFC-490CW (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)Business Contact Manager for Outlook 2007 SP2 (x32 Version: 3.0.8619.1 - Microsoft Corporation) HiddenCCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)CopyTrans Suite Remove Only (HKCU\...\CopyTrans Suite) (Version: 2.08 - WindSolutions)Corel MediaOne (HKLM-x32\...\{3C569633-C8DE-46E2-BB8F-F65198681C2F}) (Version: 2.100.0000 - Corel Corporation)Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0000 - Corel Corporation)Corel Painter Photo Essentials 4 (HKLM-x32\...\_{707EB912-C597-49D8-9460-46CC9AB03EBE}) (Version: - Corel Corporation)Corel Painter Photo Essentials 4 (x32 Version: 4.0 - Corel Corporation) HiddenDHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)D-Link Wireless N DWA-130 (HKLM-x32\...\{F25B14A1-3863-41B6-9F8A-931DECA6D384}) (Version: 1.00.0000 - D-Link)D-Link Wireless N DWA-130 (x32 Version: 1.00.0000 - D-Link) HiddenDownload Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTIONeBay Worldwide (HKLM-x32\...\{AAF89271-2594-468D-B578-96B2E30C41C4}) (Version: 2.1.0703 - OEM)Firebird SQL Server - MAGIX Edition (US) (HKLM-x32\...\Firebird SQL Server US) (Version: 2.0.0.1 - MAGIX AG)Free WMV to AVI MPEG Converter v1.2 (HKLM-x32\...\Free WMV to AVI MPEG Converter_is1) (Version: 1.2 - www.appfree.net)Gateway Games (HKLM-x32\...\WildTangent gateway Master Uninstall) (Version: 1.0.0.71 - WildTangent)Gateway InfoCentre (HKLM-x32\...\Gateway InfoCentre) (Version: 3.02.3000 - Gateway Incorporated)Gateway MyBackup (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)Gateway Photo Frame 4.2.3.10 (HKLM-x32\...\Gateway Photo Frame) (Version: 4.2.3.10 - I/O Interconnect)Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Gateway Incorporated)Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.02.3004 - Gateway Incorporated)Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0812 - Gateway Incorporated)Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Gateway Incorporated)Globe Broadband (HKLM-x32\...\Globe Broadband) (Version: 11.300.05.18.158 - Huawei Technologies Co.,Ltd)Globe Tattoo Broadband (HKLM-x32\...\Globe Tattoo Broadband) (Version: 21.005.20.02.158 - Huawei Technologies Co.,Ltd)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)Google Earth (HKLM-x32\...\{4286E640-B5FB-11DF-AC4B-005056C00008}) (Version: 5.2.1.1588 - Google)Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.24.15 - Google Inc.) HiddenGoogle+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Gateway Incorporated)iLivid (HKCU\...\iLivid) (Version: 5.0.0.4612 - Bandoo Media Inc) <==== ATTENTIONImageSkill Background Remover 3 (HKLM-x32\...\ImageSkill Background Remover 3) (Version: 3.0 - ImageSkill)ImagXpress (x32 Version: 7.0.74.0 - Nero AG) HiddenIntel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)Intel® Network Connections 18.7.28.0 (HKLM\...\PROSetDX) (Version: 18.7.28.0 - Intel)Intel® Network Connections 18.7.28.0 (Version: 18.7.28.0 - Intel) HiddenIntel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) HiddenJava SE Development Kit 7 Update 15 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170150}) (Version: 1.7.0.150 - Oracle)Java 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) HiddenKnoll Light Factory EZ Studio (HKLM-x32\...\Knoll Light Factory EZ Studio) (Version: - )Magic Bullet Looks Studio (HKLM-x32\...\Magic Bullet Looks Studio) (Version: - )MAGIX Music Manager 2006 (US) (HKLM-x32\...\MAGIX Music Manager 2006 US) (Version: 7.2.2.526 - MAGIX AG)MAGIX Photo Manager 2006 (US) (HKLM-x32\...\MAGIX Photo Manager 2006 US) (Version: 3.3.2.525 - MAGIX AG)MAGIX PhotoStory on CD & DVD 5 (US) (HKLM-x32\...\MAGIX PhotoStory on CD & DVD 5 US) (Version: 5.5.2.0 - MAGIX AG)Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) HiddenMicrosoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) HiddenMicrosoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) HiddenMicrosoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) HiddenMicrosoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) HiddenMicrosoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Accounting 2008 (HKLM-x32\...\Microsoft Office Accounting 2008) (Version: 3.0.8627.1 - Microsoft Corporation)Microsoft Office Accounting 2008 (x32 Version: 3.0.8627.1 - Microsoft Corporation) HiddenMicrosoft Office Accounting 2008 Equifax Addin (HKLM-x32\...\{0C2AF762-0565-4C91-9F55-B8B53BB82A38}) (Version: 3.0.8231.0 - Microsoft Corporation)Microsoft Office Accounting 2008 Fixed Asset Manager (HKLM-x32\...\{E3DF6916-2472-43D9-8B3C-9F2F0AAB01B5}) (Version: 3.0.8231.0 - Microsoft Corporation)Microsoft Office Accounting 2008 PayPal Addin (HKLM-x32\...\{B391EECE-DFEA-4FC5-9D40-47FA43E2DBE6}) (Version: 3.0.8231.0 - Microsoft Corporation)Microsoft Office Accounting ADP Payroll Addin (HKLM-x32\...\{5FA793A6-0071-42C1-9355-8F69A428C44F}) (Version: 0.0.0.0 - ADP)Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) HiddenMicrosoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (x32 Version: 9.4.5000.00 - Microsoft Corporation) HiddenMicrosoft SQL Server 2005 Tools Express Edition (x32 Version: 9.4.5000.00 - Microsoft Corporation) HiddenMicrosoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)Microsoft VC9 runtime libraries (x32 Version: 1.0.0 - AOL LLC) HiddenMicrosoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) HiddenMobileMe Control Panel (HKLM\...\{AF5020D9-116A-46AC-A922-087592F37EC9}) (Version: 3.1.8.0 - Apple Inc.)Mozilla Thunderbird (3.1.7) (HKLM-x32\...\Mozilla Thunderbird (3.1.7)) (Version: 3.1.7 (en-US) - Mozilla)MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) HiddenMSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) HiddenMSVC90_x64 (Version: 1.0.1.2 - Nokia) HiddenMSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) HiddenMSVCRT (x32 Version: 14.0.1468.721 - Microsoft) HiddenMSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)MyLogoMaker 2.0 (HKLM-x32\...\MyLogoMaker_is1) (Version: - Avanquest USA, Inc.)MyProfessionalBusinessCards (HKLM-x32\...\{CC263FFC-23D9-4C78-BBA2-61A41DD947C7}) (Version: 5.5.0.0 - Avanquest Publishing USA, Inc.)MySoftware Fonts (HKLM-x32\...\{6C6F0968-2B86-42B4-AF34-46A5F06E8FA4}) (Version: - )MySQL Connector C++ 1.1.2 (HKLM\...\{168EA59E-6139-4096-920A-BEE2BB5FC8A2}) (Version: 1.1.2 - Oracle and/or its affiliates)MySQL Connector J (HKLM-x32\...\{03B442FC-5A92-490B-8A13-4EBAEA08D857}) (Version: 5.1.23 - Oracle Corporation)MySQL Connector Net 6.6.5 (HKLM-x32\...\{1AAD0C51-CE9E-4ECD-BB2D-6981472569B1}) (Version: 6.6.5 - Oracle)MySQL Connector/ODBC 5.2(w) (HKLM\...\{4441EC17-3E4A-4FA0-8818-83537B549A54}) (Version: 5.2.4 - Oracle Corporation)MySQL Documents 5.6 (HKLM-x32\...\{132E7CFD-3508-4605-90C9-1C9631C56229}) (Version: 5.6.10 - Oracle Corporation)MySQL Examples and Samples 5.6 (HKLM-x32\...\{5E905BCD-6D18-4DA2-B0F9-66DC159DDAB2}) (Version: 5.6.10 - Oracle Corporation)MySQL Installer (HKLM-x32\...\{3E39024D-9F83-4BF2-B87F-0768608FE0B5}) (Version: 1.1.7.0 - Oracle Corporation)MySQL Server 5.6 (HKLM\...\{56DA0CB5-ABD2-4318-BEAB-62FDBC9B12CC}) (Version: 5.6.10 - Oracle Corporation)Nero 9 Essentials (HKLM-x32\...\{8f9954c6-bde3-4032-b547-cfbbdbbe49ab}) (Version: - Nero AG)Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) HiddenNero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) HiddenNero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) HiddenNero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) HiddenNero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) HiddenNero Express Help (x32 Version: 9.4.9.100 - Nero AG) HiddenNero InfoTool (x32 Version: 6.4.7.201 - Nero AG) HiddenNero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) HiddenNero Installer (x32 Version: 4.4.8.1 - Nero AG) HiddenNero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) HiddenNero StartSmart (x32 Version: 9.4.11.209 - Nero AG) HiddenNero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) HiddenNero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) HiddenNeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hiddenneroxml (x32 Version: 1.0.0 - Nero AG) HiddenNETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: - )Nokia Connectivity Cable Driver (HKLM-x32\...\{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}) (Version: 7.1.27.0 - Nokia)Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - )PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)PC Connectivity Solution (HKLM-x32\...\{7397EDED-F38A-4654-B669-BF61065803D0}) (Version: 10.6.2.0 - Nokia)Phone Software Update - Windows Mobile (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) HiddenPHOTORECOVERY LE (HKLM-x32\...\{8D03A164-B586-4318-AFE6-870A5E2739C1}) (Version: 1.0.0 - LC Technology International)PhotoshopdotcomInspirationBrowser (x32 Version: 0.0.0 - Adobe Systems Incorporated) HiddenPicasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)Pinnacle Studio Ultimate Collection Plugins (HKLM-x32\...\{F5C372A1-40F3-49DA-A049-F75CDE9177DC}) (Version: 14.0.0.7255 - Pinnacle Systems)Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.19.0 - Ralink)RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) HiddenRealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) HiddenRealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) HiddenRealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4A0C-A916-1D12314F45EB}) (Version: 1.00.0187 - REALTEK Semiconductor Corp.)RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) HiddenRed Giant ToonIt Studio (HKLM-x32\...\Red Giant ToonIt Studio) (Version: - )Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)Serif WebPlus X2 (HKLM-x32\...\{8829E394-87E1-41C0-BCED-9B47F7C6DCDD}) (Version: 11.0.6.030 - Serif (Europe) Ltd)Serif WebPlus X2 Resources (HKLM-x32\...\{05BC428A-F2A5-4E11-8130-10C3237FD67B}) (Version: 11.0.1.013 - Serif (Europe) Ltd)Serif WebPlus X2 Template Pack: Business & Commerce (HKLM-x32\...\{E17EF5E4-5B2E-4E1D-AF84-707D9A91A383}) (Version: 11.0.0.010 - Serif (Europe) Ltd)Serif WebPlus X2 Template Pack: Home & Hobby (HKLM-x32\...\{B2929372-A37F-4C06-AC55-7CD8FEF5727C}) (Version: 11.0.0.010 - Serif (Europe) Ltd)Skype Toolbars (HKLM-x32\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4126 - Skype Technologies S.A.)Skype™ 5.0 (HKLM-x32\...\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}) (Version: 5.0.152 - Skype Technologies S.A.)SMART BRO (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)SmartSound Quicktracks for Premiere Elements (HKLM-x32\...\InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}) (Version: 3.11.3090 - SmartSound Software Inc)SmartSound Quicktracks for Premiere Elements (x32 Version: 3.11.3090 - SmartSound Software Inc) HiddenSMSCaster E-Marketer GSM Enterprise v3.7 (HKLM-x32\...\SMSCaster E-Marketer GSM Enterprise_is1) (Version: v3.7 (build 1397) - SDJ Software Limited)Sony Ericsson PC Suite 6.011.00 (HKLM-x32\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.011.00 - Sony Ericsson)Sun Broadband Wireless (HKLM-x32\...\Sun Broadband Wireless) (Version: 11.300.05.03.256 - Huawei Technologies Co.,Ltd)SureThing Express Labeler (HKLM-x32\...\stax-Pinnacle_is1) (Version: - MicroVision Development, Inc.)Tera Term 4.77 (HKLM-x32\...\Tera Term_is1) (Version: - )TP-LINK Wireless Utility (HKLM-x32\...\{6FFEF5E1-F7B0-40DD-838D-557BD7EE4301}) (Version: 1.5.6.0 - TP-LINK)Trapcode 3DStroke Studio (HKLM-x32\...\Trapcode 3DStroke Studio) (Version: - )Trapcode Particular Studio (HKLM-x32\...\Trapcode Particular Studio) (Version: - )Trapcode Shine Studio (HKLM-x32\...\Trapcode Shine Studio) (Version: - )Tweet Adder 2010 (HKLM-x32\...\{C6BB6935-5F1E-4A89-8F08-C71A5E18D914}) (Version: 1.1.2 - TweetAdder.com)Uninstall AOL Emergency Connect Utility 1.0 (HKLM-x32\...\AOL Emergency Connect Utility 1.0) (Version: - )Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version: - Microsoft)Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)USB Video Camera (HKLM-x32\...\InstallShield_{F11D6791-FBE8-4817-B5D4-D3191DDDCDC8}) (Version: 3.1.3.3 - SunPlus)USB Video Camera (x32 Version: 3.1.3.3 - SunPlus) HiddenVC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) HiddenViewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version: - )Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)VLC media player 1.1.4 (HKLM-x32\...\VLC media player) (Version: 1.1.4 - VideoLAN)Web Easy Professional (x32 Version: 7.0.0 - Avanquest) HiddenWeb Easy Professional 7 (HKLM-x32\...\{D16AA51D-2BE9-421A-84A7-759578E64A74}) (Version: 7.12 - Avanquest)Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.00.3005 - Gateway Incorporated)Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) HiddenWindows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) HiddenWindows Live Photo Gallery (x32 Version: 14.0.8117.416 - Microsoft Corporation) HiddenWindows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) HiddenWindows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 14-09-2014 19:00:13 Windows Update15-09-2014 11:13:45 Windows Update21-09-2014 01:51:18 Windows Update21-09-2014 12:11:52 Windows Update22-09-2014 07:49:52 Windows Update22-09-2014 19:00:13 Windows Update23-09-2014 12:05:40 Windows Update24-09-2014 19:00:15 Windows Update25-09-2014 11:07:39 Windows Update26-09-2014 01:12:20 Windows Update26-09-2014 19:00:13 Windows Update27-09-2014 06:47:52 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {02676106-471A-4FB6-B8D2-36828FF9D521} - System32\Tasks\{12300D15-4FAD-4D9D-9CE6-5C1B55520720} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {08DE0851-498C-44A5-97D1-73C86E46AB04} - System32\Tasks\{597CAFE5-4BFC-4C5F-9980-2EE090D52637} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {1641C532-DF22-4C42-AEEE-788C61B7D4CF} - System32\Tasks\{24AA3104-0235-48B0-939B-9C5DC29A6317} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {172EF529-D75E-4A94-86F3-88687CE40680} - System32\Tasks\{9B0C01BB-8197-4799-8955-6BF5CF6A293E} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {18280490-6529-4296-B900-1BC468BBCA75} - System32\Tasks\{D89A2E7A-01B1-4541-A8F6-E0D1122F35F6} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {1C1ADE5B-558E-4F21-9810-5D76EB1A2676} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)Task: {1F4E4EA8-5375-4BED-92FD-8B2FDB6FD1C2} - System32\Tasks\{5ACD9813-F2C5-428C-B21A-EB4DC0BBBFD1} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {23178769-34B6-4CFF-87A2-9F7EE241070A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {23C55B0E-4242-4012-A552-ABA4A337B82D} - System32\Tasks\RNUpgradeHelperLogonPrompt_mel adriano => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-21] (RealNetworks, Inc.)Task: {24A28431-6B89-47B8-B0E8-5D631F3ACC9A} - System32\Tasks\{DC017BDA-DDE5-4FAC-97B5-439C13BA5894} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {26F80897-C555-4C8C-AA6A-3A7CD9F0F067} - System32\Tasks\{FECB384A-0161-45DB-8FA1-219FF3B1D47E} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {29F0BB67-BF99-4302-B3AA-9DC5888ABE76} - System32\Tasks\{DD86535F-DB3A-4FC0-8AC2-3972315139BA} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {2B75F265-2B81-48E0-8F62-3C92F71E3393} - System32\Tasks\{8B920990-30CA-45C2-BCE7-422D138FD740} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {2CFA7B38-8F89-49AD-B336-3A7D80ACE1F3} - System32\Tasks\{3A687180-CACC-45AA-B64F-22CD9729E7C4} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {30D4EDDF-91D0-43BF-90BE-FED32FEDC0BD} - System32\Tasks\{DF297AE8-57EC-4A66-90BD-5DF6D4744D15} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {34BF9750-0D32-4DAE-931D-BCC94D667E24} - System32\Tasks\{CE126841-AFB1-40E3-BDE5-3F73BCC2B802} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {39A48019-D905-415B-9D7C-47E5810C1A68} - System32\Tasks\{6DB367B9-A5B2-483F-AF8C-6366F102CA2F} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {3CD86970-2122-491E-84B2-7CFF33FD83C5} - System32\Tasks\{0E5E2BB3-8404-4978-B31C-F27EADF3E7F7} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {401747E1-36BF-4139-9EF9-3518D9D5D754} - System32\Tasks\{A1F1429D-9785-4338-AFFB-0402AE7F4FDF} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {432843AA-75AF-4996-92D3-699FBF766EFD} - System32\Tasks\{415FDC43-20A4-4E11-BA5D-6525DB5FD8DA} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {46231A30-6DDD-4AEF-AE87-1CD622585282} - System32\Tasks\{C2195687-A620-4F47-BDBB-0ABCE510F027} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {4818C33B-C62F-4FE4-AEB7-D0D004A256F4} - System32\Tasks\{D6EDD2B1-A143-4AB5-AC54-9A69B3CB78C9} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {4C9B6841-F5C9-40F5-BA20-FA2D98FB4E29} - System32\Tasks\{5CF4FABE-BCE1-4A59-89CA-5DD038FDE633} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {50FE53CE-68EF-4B37-992F-1443A3B8891A} - System32\Tasks\{0F9E474E-ED81-4E17-9D60-702CF01529F5} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {510685ED-D592-4BE4-A0E5-BBC55B7CFF4E} - System32\Tasks\ReclaimerUpdateFiles_mel adriano => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-21] (RealNetworks, Inc.)Task: {52A95055-A810-48BA-82D0-83115A5A3DA0} - System32\Tasks\{51BEA6D2-8ACB-4F18-A67C-6C8A7B23F11B} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {52E74CE0-B007-463F-9C3C-54666C07A9FD} - System32\Tasks\{E627CC30-6AEA-42B8-BA96-9163599CA655} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {55075D11-9106-454D-B63F-44234F95ED40} - System32\Tasks\{E9AFB0AB-6910-4E4E-84CC-5764227C7C37} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {5AF2D52B-417C-438E-BD4D-CA9894140217} - System32\Tasks\{59E7C26C-01ED-4767-A13E-810891959107} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {5D8BC01C-C86A-48E3-A314-2CFA71C7D215} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Gateway\Gateway Recovery Management\NotificationCenter\Notification.exe [2009-07-10] (Acer)Task: {5DDDEB4B-358A-4B60-9F67-E95C0136AD7F} - System32\Tasks\{61E10820-8D2A-4C02-BC29-E8F585780FC7} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {5E63FE08-5893-405C-BB0C-0566B75EB78F} - System32\Tasks\{E8F7DCF4-2F7E-4816-8DE1-DFCB0B76D1DC} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {64B261CF-B6EB-4D64-9DA5-A9928F3E799C} - System32\Tasks\{C34EB564-743F-404C-858B-542999769FFC} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {65021534-C8E3-4D5D-8EEB-F864787D2B6B} - System32\Tasks\{0271F905-5685-483F-BBEA-D214CA8F361F} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {65A5176B-17EB-41E8-B266-B9732435C1EA} - System32\Tasks\{6026519D-C664-4714-BA39-065F0A92C8DB} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {67DA105E-F817-4860-A12A-177ABDF704B1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)Task: {69590BEE-D5BF-4D05-9EFD-D3C96CFC4F6E} - System32\Tasks\{45E82A8D-FA81-401C-BAE4-2E168C166C78} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {6BDE2D6D-4C0D-414E-AA81-8A40C31C60A9} - System32\Tasks\{D61118EB-9EBF-4F75-AE48-020D436A1E20} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {6CDE25EE-3CD2-454E-B21F-EF4610A3501A} - System32\Tasks\{A30E390F-1DCA-4404-B2CA-A8CF7CE95833} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {6DBC39F6-EF38-4D25-AE59-A0991974CC67} - System32\Tasks\{A15AEB9E-35F9-4DE8-AE7F-F82F87148499} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {6F0C0B2B-3F02-48D4-9DE5-992ED5F72227} - System32\Tasks\Express Files Updater => C:\Program Files (x86)\ExpressFiles\EFupdater.exe <==== ATTENTIONTask: {6F4C7948-39BB-44AE-BF64-5B476E4A09F3} - System32\Tasks\{5B5676FE-99A0-48A0-AFA0-3A705BA005FC} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {6F8C1392-A9DB-4DF3-8854-4326C8F9FC10} - System32\Tasks\{C6A9A708-BEC0-4F7A-A1F9-E51AC30D2058} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {70783A95-9BC4-4781-9E9B-0007A97D21E4} - System32\Tasks\{58B602FA-248B-4633-931A-F2D0A5D4B4CD} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {71E4138C-C943-489E-9BAF-0A74B69A5555} - System32\Tasks\{9BC41C88-589C-43CD-959B-6FA7EFCE0563} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {72F2A552-4F6C-407F-8AEB-53AE0E6DDAE7} - System32\Tasks\{CF026562-B212-468A-B562-5D12C905782D} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {75E5C61E-4BCC-4F16-ADD2-CF3D717C3687} - System32\Tasks\{58D4F190-D46F-4155-83F1-8A7B069A1F37} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {77B6ACF8-EE9F-4EDC-ACC6-8428386AEAC1} - System32\Tasks\{C4A55C47-EEE9-4D48-899F-4D018F117222} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {7AA4785B-4B14-47F1-A375-16C8F9A8CFC8} - System32\Tasks\{0812495C-4264-4062-B6D3-95B46A8C29F7} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {7AB84678-5E17-464B-A834-168BA7849FE3} - System32\Tasks\{2D7A91C4-DDE9-4C1B-B677-53B5BF97A5AA} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {7DEBB3F8-7B40-4EEE-98B9-81195B5BB5D4} - System32\Tasks\{BA107645-E7E0-4E37-B18C-1E68AC7395C9} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {7E230671-DE54-437A-BC35-C3D05F5B224C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-11511148-282223610-3023385546-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)Task: {821DA4B4-838A-4860-9867-81F2645813B4} - System32\Tasks\{E6E08C1F-8CDC-4264-A906-B604BEFA95D2} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {85AC390F-69B1-42EA-AB02-1AB97F82652B} - System32\Tasks\{18896AC6-D5F0-409C-A487-FFC8D76A3077} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {8C5E9BF4-3136-4DE2-8303-1BFDE6B8FD02} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-11511148-282223610-3023385546-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)Task: {8CA79CBD-4A82-468A-AC32-44DA6A6233C9} - System32\Tasks\{5E7ABA0B-C2FE-49E0-86A0-2D5971330404} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {91D8D82A-5997-4B2B-8D08-7E0C4BE4E5EB} - System32\Tasks\{0107E124-740C-4638-A527-485E22FED135} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {9300B5B9-3B19-4D7B-9B2C-AB7D89DBA874} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: {95215841-F5C5-4A12-B6FD-4F10E71560EE} - System32\Tasks\{51626AE6-92DB-457F-8CF6-EB7CE7F443EF} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {A29D2443-8444-4572-9E8B-953BDA83E403} - System32\Tasks\{5487B3C6-0CA7-4E75-A564-F7E8EF038A0C} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {A2A8F62D-470F-4ED3-9C4E-F5D48063183B} - System32\Tasks\{5BCE8632-D33C-4B47-AF78-A7AE12749417} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {A3187BA5-B981-4131-BF71-69DC0BB33BFD} - System32\Tasks\{16DE4488-2F8C-4473-BDCE-328989674BE2} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {A67AEB13-1BCE-4B29-91AC-DD9CB64F381E} - System32\Tasks\{48C514A9-392A-44E8-BCA1-0BAE8DF5AEC4} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {A82C0E5B-72E9-400F-9CA1-F00E7286EB52} - System32\Tasks\{1F42DF89-4242-406C-846F-98FA24C0954B} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {AD7BA58F-3C88-4E2B-A99D-A57973F029FA} - System32\Tasks\{1CDC2F9A-CBF1-4E07-B4D6-014E474F7685} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {AD859A77-B571-4A61-8A1A-89716E1934C2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-11511148-282223610-3023385546-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)Task: {AEAE8B5D-5220-44DF-916A-AF8CFFE2ED73} - System32\Tasks\{DA719BAB-A659-42C9-8B55-E91F28F72320} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {B24F0EA9-F394-49E8-95D5-E00427AC85FC} - System32\Tasks\{E76D5089-730A-4853-9304-F423D8301379} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {B3CAA823-A8E6-4DBB-892E-370A40076FFE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: {B3E7B160-1A06-4ED2-B05A-4F8E5C1751A4} - System32\Tasks\{05857251-9A75-4893-86E7-13F9DB91D329} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {B4EEF347-C5CA-488C-A2BE-EA26D27F5A46} - System32\Tasks\{19598C18-8C2E-4C62-BD3D-BE96BBE0A7C1} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {BEF31B0C-A139-461C-9E80-B39059FF7206} - System32\Tasks\{7707A27F-BB0D-41A3-BB99-474050A2A305} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {BF67FB31-D4BC-4339-9171-A2EBDDD31B1E} - System32\Tasks\{68D6CB5B-0A04-49DA-873F-0E4A1F0703B3} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {BF75C591-6246-4AE9-97F0-AC6840EB218A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)Task: {C0D667A3-2C68-46C5-ACE9-5002C0A7CE97} - System32\Tasks\{F252F3B9-EA0C-42E0-95FF-3C767F1E09E7} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {C2C8E07B-6621-4567-8920-78030A331CDC} - System32\Tasks\{F0E50C1E-3CA5-4D50-9C97-F773934577A3} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-10-11] (Skype Technologies S.A.)Task: {C478076E-F9EE-446B-9422-FB4EBD7FEE94} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)Task: {C6EE840A-7A95-4AB5-A8E9-DFC3531A3456} - System32\Tasks\ReclaimerUpdateXML_mel adriano => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-21] (RealNetworks, Inc.)Task: {C93737ED-BCE9-4550-95E0-DB5ED6C8E2DD} - System32\Tasks\{2FCD3043-0B07-4CF2-9715-F5365C625E89} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {CACFCCB8-A4A3-49D9-BFA7-BC213C428C11} - System32\Tasks\{C38F44E5-0C96-4971-8318-AD8F3E1C0B33} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {CC0CE9C5-C86F-4BCD-9ECE-03B744958698} - System32\Tasks\{105B69C5-A392-4C01-A422-664D8A45CA15} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {CCED4148-9877-40F7-B77D-D2E5AB4B3A31} - System32\Tasks\{44F09C7F-16D2-44E0-AB48-DB23297300EF} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {CCFF1D68-E76C-4531-B2AB-426E31083258} - System32\Tasks\{A7BFCACC-ABDD-4D75-AA94-FCB01880889F} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {CE7C6DE4-0992-47F1-B86C-F2C39752F74E} - System32\Tasks\{47FFBDDD-3805-41E3-8809-C9D0BBB75571} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {CFCFB91F-D604-4601-83EB-779D5B7D2F50} - System32\Tasks\{46D230E5-8360-462C-97A0-A196AA287378} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {D08B60C0-C001-44F0-903A-355D02DA5EFE} - System32\Tasks\{61E539E0-2611-4363-A241-1ED26808E94B} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {D13C8488-C98E-4A0A-A161-79C9DAFB7B7F} - System32\Tasks\{1D5D693B-7697-4B48-9AA6-50327AC9180E} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {D2B64443-EDAF-45E7-B366-DF9FCE6587AE} - System32\Tasks\{69BFBE7F-7CBF-455A-9EDC-1248077F6441} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {D3292B09-0ED0-4DD3-AE63-943579FD541E} - System32\Tasks\{36CEE9C1-0A6A-4D1F-A51E-6FE2A40C28D5} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {D49C9843-539D-40E6-AC59-E09D37E46289} - System32\Tasks\{1A1D68F3-1A19-4BBF-9EF9-C62567EA5C35} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {D5012AFC-C36A-4646-9B0F-D04DD01CACE6} - System32\Tasks\{23096405-293E-4584-87FB-10BD106F6C8A} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {D5AA7031-B9EE-414D-9B50-3A31B74D2FD0} - System32\Tasks\RNUpgradeHelperResumePrompt_mel adriano => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-21] (RealNetworks, Inc.)Task: {D5C73278-84ED-4EDE-970A-A2890A018184} - System32\Tasks\{52C7F324-D335-4F57-9C0B-B295CFA0A7B7} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {DDAEBF56-F3FF-4DB8-A0FF-81AFF20CEDFA} - System32\Tasks\{4D41739F-A6AF-448C-B9DD-DEBC75E8AB60} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {EB061064-AD01-45E5-AB52-F59307277C89} - System32\Tasks\{A797FB41-008A-4EDD-83F7-47E1808AC5B5} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {ED5E2D8D-CF37-494F-8F41-C504175A6366} - System32\Tasks\{EDADE223-D18A-4FB6-BCF5-D4FCA6A809D8} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {F08D557D-C303-4C3C-8BA8-7609EE4CE487} - System32\Tasks\{C10C407B-F999-4AD7-A534-17200620A78F} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: {F5FFAA9F-44A6-4757-ABD5-B4390E308034} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-11511148-282223610-3023385546-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)Task: {F90E6C7E-DD85-4FA5-A62C-7071D2D9F9A9} - System32\Tasks\{DA89BE94-0AA9-4C87-B70B-B39D4B81CE9D} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?LastError=1603Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\ReclaimerUpdateFiles_mel adriano.job => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exeTask: C:\Windows\Tasks\ReclaimerUpdateXML_mel adriano.job => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exeTask: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_mel adriano.job => C:\Users\mel adriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe ==================== Loaded Modules (whitelisted) ============= 2013-05-11 13:14 - 2013-05-11 13:13 - 00246112 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\ouc.exe2014-05-17 06:34 - 2014-05-17 06:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe2011-03-14 23:27 - 2011-03-14 23:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe2013-02-01 15:09 - 2013-02-01 15:09 - 12907520 _____ () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe2010-05-13 21:08 - 2009-04-30 11:23 - 00090112 _____ () C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 ____N () C:\Windows\SysWOW64\PSIService.exe2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe2010-10-06 20:35 - 2005-04-22 13:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll2013-03-06 13:14 - 2012-10-24 14:38 - 00274760 _____ () C:\Program Files (x86)\SMART BRO\AssistantServices.exe2010-07-03 10:29 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll2012-06-18 23:24 - 2012-06-18 23:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll2007-10-16 18:32 - 2007-10-16 18:32 - 00363520 _____ () C:\Program Files (x86)\USB Video Camera\Monitor.exe2008-07-09 19:42 - 2008-07-09 19:42 - 00037888 ____R () C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe2013-03-06 13:14 - 2012-05-11 09:41 - 00156448 _____ () C:\Program Files (x86)\SMART BRO\UIExec.exe2011-10-24 10:12 - 2011-10-24 10:12 - 01087264 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe2011-10-24 10:12 - 2011-10-24 10:12 - 00546080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\genie_tray.exe2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2013-05-11 13:14 - 2013-05-11 13:13 - 00011362 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\mingwm10.dll2013-05-11 13:14 - 2013-05-11 13:13 - 00043008 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\libgcc_s_dw2-1.dll2013-05-11 13:14 - 2013-05-11 13:13 - 02415104 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QtCore4.dll2013-05-11 13:14 - 2013-05-11 13:13 - 01148416 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QtNetwork4.dll2013-05-11 13:14 - 2013-05-11 13:13 - 00384512 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QueryStrategy.dll2013-05-11 13:14 - 2013-05-11 13:13 - 00398336 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QtXml4.dll2014-05-17 08:11 - 2014-05-17 08:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll2014-05-17 08:37 - 2014-05-17 08:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll2009-02-03 08:33 - 2009-02-03 08:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll2008-09-29 08:55 - 2008-09-29 08:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\ACE.dll2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll2013-05-10 19:48 - 2010-06-25 15:57 - 00909312 _____ () C:\Program Files (x86)\TP-LINK\COMMON\RaWLAPI.dll2009-06-13 07:37 - 2009-06-13 07:37 - 00032768 _____ () C:\Program Files (x86)\Gateway Photo Frame\IOIUSBLib.dll2009-06-13 07:37 - 2009-06-13 07:37 - 00025088 _____ () C:\Program Files (x86)\Gateway Photo Frame\IOIHIDLib.dll2010-10-06 20:34 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll2011-10-14 14:26 - 2011-10-14 14:26 - 02537472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtCore4.dll2011-10-14 14:26 - 2011-10-14 14:26 - 00011362 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\mingwm10.dll2011-10-14 14:26 - 2011-10-14 14:26 - 00043008 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll2011-10-14 14:26 - 2011-10-14 14:26 - 09814016 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtGui4.dll2011-10-14 14:26 - 2011-10-14 14:26 - 01140224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtNetwork4.dll2011-12-19 14:41 - 2011-12-19 14:41 - 01327616 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll2011-10-14 14:26 - 2011-10-14 14:26 - 00399360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QtXml4.dll2011-10-14 14:26 - 2011-10-14 14:26 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif4.dll2011-10-14 14:26 - 2011-10-14 14:26 - 00083456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico4.dll2011-10-14 14:26 - 2011-10-14 14:26 - 00287232 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg4.dll2011-11-21 17:23 - 2011-11-21 17:23 - 00123904 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_FeedBack.dll2011-12-15 15:11 - 2011-12-15 15:11 - 01133056 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll2011-12-19 16:01 - 2011-12-19 16:01 - 02537472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll2011-11-11 10:43 - 2011-11-11 10:43 - 00467456 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll2011-11-11 10:43 - 2011-11-11 10:43 - 00186368 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll2011-12-19 15:24 - 2011-12-19 15:24 - 01065984 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll2011-12-19 16:51 - 2011-12-19 16:51 - 06403584 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll2011-12-19 17:41 - 2011-12-19 17:41 - 00887808 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll2011-11-15 16:02 - 2011-11-15 16:02 - 00613888 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll2011-11-11 11:03 - 2011-11-11 11:03 - 00643072 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll2011-11-11 10:33 - 2011-11-11 10:33 - 00136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll2011-11-11 10:33 - 2011-11-11 10:33 - 00150528 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll2011-10-14 14:07 - 2011-10-14 14:07 - 00489472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll2011-10-14 14:07 - 2011-10-14 14:07 - 00116224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll2011-10-14 14:07 - 2011-10-14 14:07 - 00076288 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll2011-12-15 13:53 - 2011-12-15 13:53 - 00394240 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_TrafficMeter.dll2011-12-02 17:08 - 2011-12-02 17:08 - 00266752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_FirmwareUpdate.dll2011-12-19 16:01 - 2011-12-19 16:01 - 00082432 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.DLL2011-12-19 16:01 - 2011-12-19 16:01 - 00083968 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll2011-11-21 17:23 - 2011-11-21 17:23 - 00669696 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SslMailSend.DLL2013-05-03 20:41 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll2014-09-12 17:59 - 2014-09-04 11:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll2014-09-12 17:59 - 2014-09-04 11:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll2014-09-12 17:59 - 2014-09-04 11:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll2014-09-12 17:59 - 2014-09-04 11:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll2014-09-12 17:59 - 2014-09-04 11:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4AlternateDataStreams: C:\Users\mel adriano\Downloads\noname (1).eml:OECustomPropertyAlternateDataStreams: C:\Users\mel adriano\Downloads\noname (2).eml:OECustomPropertyAlternateDataStreams: C:\Users\mel adriano\Downloads\noname (3).eml:OECustomPropertyAlternateDataStreams: C:\Users\mel adriano\Downloads\noname.eml:OECustomProperty ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-11511148-282223610-3023385546-500 - Administrator - Disabled)Guest (S-1-5-21-11511148-282223610-3023385546-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-11511148-282223610-3023385546-1002 - Limited - Enabled)mel adriano (S-1-5-21-11511148-282223610-3023385546-1000 - Administrator - Enabled) => C:\Users\mel adrianoNANCY BINAY for Sena (S-1-5-21-11511148-282223610-3023385546-1006 - Limited - Enabled) => C:\Users\NANCY BINAY for Sena ==================== Faulty Device Manager Devices ============= Name: F06DEFF2-5B9C-490D-910F-35D3A91196222Description: F06DEFF2-5B9C-490D-910F-35D3A91196222Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer: Service: F06DEFF2-5B9C-490D-910F-35D3A91196222Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.Devices stay in this state if they have been prepared for removal.After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Microsoft PS/2 MouseDescription: Microsoft PS/2 MouseClass Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: i8042prtProblem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.Devices stay in this state if they have been prepared for removal.After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors:==================Error: (09/29/2014 08:48:22 AM) (Source: MsiInstaller) (EventID: 1024) (User: meladriano-PC)Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (09/27/2014 02:48:44 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\. Error: (09/27/2014 02:48:44 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\. Error: (09/27/2014 03:01:29 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\. Error: (09/27/2014 03:01:29 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\. Error: (09/26/2014 09:22:01 AM) (Source: MsiInstaller) (EventID: 1024) (User: meladriano-PC)Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (09/26/2014 09:13:20 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\. Error: (09/26/2014 09:13:20 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\. Error: (09/26/2014 08:46:17 AM) (Source: MsiInstaller) (EventID: 1024) (User: meladriano-PC)Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (09/25/2014 07:08:41 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)Description: Product: Skype™ 5.0 -- Error 1606. Could not access network location %APPDATA%\. System errors:=============Error: (09/29/2014 09:21:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Google Update Service (gupdate) service failed to start due to the following error: %%2 Error: (09/29/2014 09:19:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: )Description: The following boot-start or system-start driver(s) failed to load: F06DEFF2-5B9C-490D-910F-35D3A91196222 Error: (09/29/2014 09:19:06 AM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The NETGEARGenieDaemon service hung on starting. Error: (09/29/2014 09:19:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RealtekCU service. Error: (09/29/2014 09:17:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Globe Tattoo Broadband. OUC service failed to start due to the following error: %%1053 Error: (09/29/2014 09:17:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Globe Tattoo Broadband. OUC service to connect. Error: (09/29/2014 09:17:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Datamngr Coordinator service failed to start due to the following error: %%216 Error: (09/29/2014 08:47:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Google Update Service (gupdate) service failed to start due to the following error: %%2 Error: (09/29/2014 08:45:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )Description: The following boot-start or system-start driver(s) failed to load: F06DEFF2-5B9C-490D-910F-35D3A91196222 Error: (09/29/2014 08:45:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Globe Tattoo Broadband. OUC service failed to start due to the following error: %%1053 Microsoft Office Sessions:========================= ==================== Memory info =========================== Processor: Intel® Core2 Quad CPU Q8300 @ 2.50GHzPercentage of memory in use: 57%Total physical RAM: 4061.18 MBAvailable physical RAM: 1731.94 MBTotal Pagefile: 8120.53 MBAvailable Pagefile: 5391.99 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.8 MB ==================== Drives ================================ Drive c: (Gateway) (Fixed) (Total:684.86 GB) (Free:512.14 GB) NTFSDrive d: (Dir Adriano) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 46BC7DF2)Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=684.9 GB) - (Type=07 NTFS) ==================== End Of Log ============================

HI, I need help on my Gateway desktop PC with Intel Quad Core2 (Windows 7 Home premium). All kinds of bad image errors popped up after running Malwarebytes. Below are my FRST and Addition logs. Will appreciate very much your help as I'm having problems performing my job on my PC. Thanks in advance and more power to Malwarebytes. olace88 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02Ran by mel adriano (administrator) on MELADRIANO-PC on 29-09-2014 09:31:36Running from C:\Users\mel adriano\DesktopLoaded Profile: mel adriano (Available profiles: mel adriano & NANCY BINAY for Sena)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe() C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\ouc.exe(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe() C:\ProgramData\DatacardService\HWDeviceService64.exe() C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe() C:\Windows\SysWOW64\PSIService.exe(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe() C:\Program Files (x86)\SMART BRO\AssistantServices.exe(Acer) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe() C:\Program Files (x86)\USB Video Camera\Monitor.exe(TP-LINK TECHNOLOGIES CO., LTD. ) C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe(IOI) C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe(AOL Inc.) C:\Program Files (x86)\Common Files\aol\1274189300\ee\aolsoftware.exe() C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe() C:\Program Files (x86)\SMART BRO\UIExec.exe(RealNetworks, Inc.) C:\Program Files (x86)\Real\realplayer\Update\realsched.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe() C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe() C:\Program Files (x86)\NETGEAR Genie\bin\genie_tray.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Farbar) C:\Users\mel adriano\Desktop\FRST64 (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)HKLM\...\Run: [intelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)HKLM-x32\...\Run: [Gateway Photo Frame] => C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe [124416 2009-07-21] (IOI)HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1274189300\ee\AOLSoftware.exe [41800 2010-02-10] (AOL Inc.)HKLM-x32\...\Run: [Corel File Shell Monitor] => C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe [37888 2008-07-09] ()HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)HKLM-x32\...\Run: [sSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)HKLM-x32\...\Run: [indexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)HKLM-x32\...\Run: [brMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)HKLM-x32\...\Run: [uIExec] => C:\Program Files (x86)\SMART BRO\UIExec.exe [156448 2012-05-11] ()HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2013-12-05] (RealNetworks, Inc.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /backgroundHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [1087264 2011-10-24] ()HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-15] (Google Inc.)HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [backgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\mel adriano\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRunHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [iLivid] => C:\Users\mel adriano\AppData\Local\iLivid\iLivid.exe [7913472 2014-05-25] (Bandoo Media Inc.)HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)HKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: G - G:\LaunchU3.exe -aHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {1b6ca7a9-861c-11e2-8928-0280370b0300} - H:\Autorun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {22a6acdd-83e8-11e2-b402-00038a000015} - E:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {2db1d22b-f02f-11e3-9d73-00038a000015} - E:\iLinker.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {2e14f340-81b6-11e2-b4df-acc0aabb3fe2} - H:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {2e14f34a-81b6-11e2-b4df-acc0aabb3fe2} - H:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {2e14f36b-81b6-11e2-b4df-acc0aabb3fe2} - E:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {36bfbfd3-a7ed-11e2-b178-00038a000015} - E:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {36bfbfdd-a7ed-11e2-b178-00038a000015} - E:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {36bfbfe7-a7ed-11e2-b178-00038a000015} - E:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {36bfbff1-a7ed-11e2-b178-00038a000015} - E:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {36bfc001-a7ed-11e2-b178-00038a000015} - E:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {4366daa6-8467-11e2-888d-8d1cf0fbbceb} - E:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {4c6db05f-a72d-11e2-b4bb-00038a000015} - H:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {56fe42d7-b067-11e2-8889-00038a000015} - H:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {6dd93de1-8406-11e2-8544-00038a000015} - E:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {6dd93ded-8406-11e2-8544-00038a000015} - E:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {807e41cb-aed1-11e2-896a-00038a000015} - E:\AutoRun.exeHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {96eb6279-308b-11df-805c-00262d143345} - E:\LaunchU3.exe -aHKU\S-1-5-21-11511148-282223610-3023385546-1000\...\MountPoints2: {e4badad0-d13f-11df-9219-806e6f6e6963} - E:\start.exeStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor.lnkShortcutTarget: Monitor.lnk -> C:\Program Files (x86)\USB Video Camera\Monitor.exe ()Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Utility.lnkShortcutTarget: TP-LINK Wireless Utility.lnk -> C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe (TP-LINK TECHNOLOGIES CO., LTD. )GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=sx2802&r=173602107807p0338v1h5k4891r286HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ieHKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ieHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1721&v=a13350-400&t=4HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ph.msn.com/?rd=1&ucc=PH&dcc=PH&opt=0HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x45634B90CE7ACF01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-USURLSearchHook: HKLM-x32 - AOL Toolbar Search Class - {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc)URLSearchHook: HKCU - AOL Toolbar Search Class - {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc)URLSearchHook: HKCU - (No Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No FileSearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1721&systemid=406&v=a13350-400&apn_uid=4334061505004623&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}SearchScopes: HKLM-x32 - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-aolTB50CL-chromesbox-en-usSearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGWSearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1721&systemid=406&v=a13350-400&apn_uid=4334061505004623&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552SearchScopes: HKCU - DefaultScope {8A195F58-D67E-4FFA-A4AC-59617E6182E2} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072254SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-aolTB50CL-chromesbox-en-usSearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW_enPH371PH371SearchScopes: HKCU - {8A195F58-D67E-4FFA-A4AC-59617E6182E2} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072254SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={F8AAA2BE-2131-48E3-AA86-03DF63D5B733}&mid=dfe7d6a1a61247d0a2b9d14acce4e9e6-64fcfabea6792deb68870cce2bc0482561f35811〈=en&ds=AVG&pr=pr&d=2012-03-17 21:37:41&v=10.0.0.7&sap=dsp&q={searchTerms}SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1721&systemid=406&v=a13350-400&apn_uid=4334061505004623&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552SearchScopes: HKCU - {c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} URL = http://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No FileBHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No FileBHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)BHO-x32: AOL Toolbar Loader -> {3ef64538-8b54-4573-b48f-4d34b0238ab2} -> C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM-x32 - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL Inc)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKCU - No Name - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - No FileToolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No FileToolbar: HKCU - No Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - No FileDPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://support.gateway.com/support/profiler/PCPitStop.CABDPF: HKLM-x32 {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.google.com/s/v/66.12/uploader2.cabDPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cabDPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocxDPF: HKLM-x32 {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.blackberry.com/devicesoftware/AxLoader.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15112/CTPID.cabHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No FileHandler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No FileFF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No FileFF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgnFF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtensionFF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\ExtFF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-05]FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\ExtFF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension Chrome: =======CHR HomePage: Default -> D720DDF6A6A11BC98D723113FF347189A05FB44D7F37B9A9E9FE292ED2CA665DCHR StartupUrls: Default -> "hxxp://www.google.com/"CHR DefaultSearchKeyword: Default -> ask.comCHR DefaultSearchProvider: Default -> Ask.comCHR DefaultSearchURL: Default -> https://mail.google.com/mail/?extsrc=mailto&url=%sCHR DefaultSuggestURL: Default -> CHR Profile: C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]CHR Extension: (GoSAAveo) - C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic [2014-09-22]CHR Extension: (RealDownloader) - C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-09-22]CHR Extension: (Flash Save) - C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdonfjaemnemdnnpebbcelibeocdmkai [2014-09-22]CHR Extension: (Google Wallet) - C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-26]CHR Extension: (GoSAAveo) - C:\Users\mel adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpelbholhcgccadaggfgmfemdnhjaoic\3.0 [2014-09-22]CHR HKLM-x32\...\Chrome\Extension: [fooihgffjknjfdidhkpgeibbipkjlhpn] - C:\Users\MELADR~1\AppData\Local\Temp\ccex.crx []CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 D-Link Wireless N DWA-130; C:\Program Files (x86)\D-Link\DWA-130 revC\ANIWZCSdS.exe [126976 2010-04-21] (Wireless Service) [File not signed]S2 D-Link Wireless N DWA-130_WPS; C:\Program Files (x86)\D-Link\DWA-130 revC\ANIWConnService.exe [53248 2010-03-03] () [File not signed]S2 DatamngrCoordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3573248 2014-07-10] () [File not signed]S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2010-05-20] (Macrovision Europe Ltd.) [File not signed]S2 Globe Tattoo Broadband. RunOuc; C:\Program Files (x86)\Globe Tattoo Broadband\UpdateDog\ouc.exe [246112 2013-05-11] ()R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed]S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] ()R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()R3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)R2 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14258 2013-03-05] () [File not signed]R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [1370400 2011-10-24] (NETGEAR)R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()R2 RealtekCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [652800 2010-01-26] (Nokia) [File not signed]R2 UI Assistant Service; C:\Program Files (x86)\SMART BRO\AssistantServices.exe [274760 2012-10-24] ()S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2008-05-06] (Alpha Networks Inc.)S3 Ca2001v; C:\Windows\System32\Drivers\Ca2001v.sys [2475648 2008-02-19] (Digital Camera)S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc2.cfg [41848 2014-07-10] () [File not signed]R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [218624 2013-05-11] (Huawei Technologies Co., Ltd.)S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-25] (Malwarebytes Corporation)S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-12-30] (Nokia)S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2010-01-21] (Nokia)R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2012-03-22] (CACE Technologies, Inc.)S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [986728 2012-02-10] (Realtek Semiconductor Corporation )R3 RTL8192U; C:\Windows\System32\DRIVERS\rtl8192U.sys [1631264 2010-04-13] (Realtek Semiconductor Corporation )S3 rtlss; C:\Windows\System32\Drivers\rtlss.sys [27240 2010-06-21] (Realtek Semiconductor Corporation)S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [108296 2007-04-03] (MCCI Corporation)S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [19720 2007-04-03] (MCCI Corporation)S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [144648 2007-04-03] (MCCI Corporation)S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [126216 2007-04-03] (MCCI Corporation)S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [31496 2007-04-03] (MCCI Corporation)S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [123656 2007-04-03] (MCCI Corporation)S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [130824 2007-04-03] (MCCI Corporation)S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2009-12-30] (Nokia)S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-29 09:31 - 2014-09-29 09:32 - 00032566 _____ () C:\Users\mel adriano\Desktop\FRST.txt2014-09-29 09:31 - 2014-09-29 09:31 - 00000000 ____D () C:\FRST2014-09-29 09:30 - 2014-09-29 09:29 - 02108928 _____ (Farbar) C:\Users\mel adriano\Desktop\FRST64 (1).exe2014-09-29 09:29 - 2014-09-29 09:29 - 02108928 _____ (Farbar) C:\Users\mel adriano\Downloads\FRST64 (1).exe2014-09-29 08:50 - 2014-09-29 08:50 - 00027648 _____ () C:\Users\mel adriano\Downloads\015015000726W (20).xls2014-09-29 08:50 - 2014-09-29 08:50 - 00027136 _____ () C:\Users\mel adriano\Downloads\015060001426W (16).xls2014-09-29 08:47 - 2014-09-29 09:20 - 00003362 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-11511148-282223610-3023385546-10002014-09-29 08:47 - 2014-09-29 09:20 - 00003240 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-11511148-282223610-3023385546-10002014-09-29 08:45 - 2014-09-29 09:17 - 00000112 _____ () C:\Windows\setupact.log2014-09-29 08:45 - 2014-09-29 08:45 - 00000000 _____ () C:\Windows\setuperr.log2014-09-26 16:53 - 2014-09-26 16:53 - 07086592 _____ () C:\Users\mel adriano\Downloads\PESSA GMM PRESIDENTS REPORT (3).ppt2014-09-26 09:24 - 2014-09-26 09:24 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC2014-09-26 09:24 - 2014-09-26 09:24 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk2014-09-26 09:24 - 2014-09-26 09:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner2014-09-26 09:24 - 2014-09-26 09:24 - 00000000 ____D () C:\Program Files\CCleaner2014-09-26 09:23 - 2014-09-26 09:22 - 04964488 _____ (Piriform Ltd) C:\Users\mel adriano\Desktop\ccsetup418.exe2014-09-26 09:03 - 2014-09-26 09:03 - 02108928 _____ (Farbar) C:\Users\mel adriano\Downloads\FRST64.exe2014-09-25 15:33 - 2014-09-25 15:33 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-09-25 15:31 - 2014-09-25 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-09-25 15:31 - 2014-09-25 15:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-09-25 15:31 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-09-25 15:31 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-09-24 07:08 - 2014-09-10 06:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2014-09-24 07:08 - 2014-09-10 05:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2014-09-22 21:58 - 2014-09-22 21:58 - 00028672 _____ () C:\Users\mel adriano\Downloads\015015000726W (19).xls2014-09-22 15:47 - 2014-09-25 16:22 - 00000000 ____D () C:\ProgramData\YaoUttuebeeAdBlocke2014-09-22 15:47 - 2014-09-25 16:22 - 00000000 ____D () C:\ProgramData\GoSaavei2014-09-22 15:47 - 2014-09-25 16:22 - 00000000 ____D () C:\Program Files (x86)\YaoUttuebeeAdBlocke2014-09-22 15:47 - 2014-09-25 16:22 - 00000000 ____D () C:\Program Files (x86)\GoSaavei2014-09-22 15:47 - 2014-09-22 15:47 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\NANCY BINAY for Sena\AppData\Local\Torch2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\NANCY BINAY for Sena\AppData\Local\Comodo2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\NANCY BINAY for Sena\AppData\Local\Chromatic Browser2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\Torch2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\Comodo2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\Chromatic Browser2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\HomeGroupUser$2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Guest2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\Users\Administrator2014-09-22 15:47 - 2014-09-22 15:47 - 00000000 ____D () C:\ProgramData\a0770de5fae6af92014-09-22 15:44 - 2014-09-22 15:44 - 00860160 _____ (Kansas Great) C:\Users\mel adriano\Downloads\Plants vs. Zombies.exe2014-09-21 12:37 - 2014-09-29 09:19 - 00000400 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_mel adriano.job2014-09-21 12:37 - 2014-09-27 12:43 - 00003002 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_mel adriano2014-09-21 12:37 - 2014-09-27 12:43 - 00000390 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_mel adriano.job2014-09-21 12:37 - 2014-09-27 09:40 - 00003006 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_mel adriano2014-09-21 12:37 - 2014-09-27 09:40 - 00000394 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_mel adriano.job2014-09-21 12:37 - 2014-09-21 12:37 - 00003646 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_mel adriano2014-09-21 12:37 - 2014-09-21 12:37 - 00002710 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_mel adriano2014-09-15 18:34 - 2014-09-15 18:40 - 07084032 _____ () C:\Users\mel adriano\Downloads\PESSA GMM PRESIDENTS REPORT (2).ppt2014-09-15 18:26 - 2014-09-15 18:31 - 07086592 _____ () C:\Users\mel adriano\Downloads\PESSA GMM PRESIDENTS REPORT (1).ppt2014-09-15 17:00 - 2014-09-15 17:00 - 00095907 _____ () C:\Users\mel adriano\Downloads\KES 2014 Buyer Information (SEIPI).xlsx2014-09-15 15:09 - 2014-09-15 15:09 - 07087104 _____ () C:\Users\mel adriano\Downloads\PESSA GMM PRESIDENTS REPORT.ppt2014-09-15 12:55 - 2014-09-15 13:00 - 11135488 _____ () C:\Users\mel adriano\Downloads\PESSA GMM 2014_PRESENTATION (2).PPT2014-09-15 11:04 - 2014-09-15 11:09 - 11138560 _____ () C:\Users\mel adriano\Downloads\PESSA GMM 2014_PRESENTATION.PPT2014-09-15 10:24 - 2014-09-15 10:24 - 00507904 _____ () C:\Users\mel adriano\Downloads\Revised Dispute Form.xls2014-09-15 10:24 - 2014-09-15 10:24 - 00507904 _____ () C:\Users\mel adriano\Downloads\Revised Dispute Form (1).xls2014-09-15 06:48 - 2014-09-15 06:48 - 00013088 _____ () C:\Users\mel adriano\Downloads\APO Speakers.xlsx2014-09-15 03:00 - 2010-02-23 16:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe2014-09-13 03:10 - 2014-08-20 02:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-09-13 03:10 - 2014-08-20 01:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-09-13 03:10 - 2014-08-19 07:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-09-13 03:10 - 2014-08-19 06:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-09-13 03:10 - 2014-08-19 06:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-09-13 03:10 - 2014-08-19 06:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-09-13 03:10 - 2014-08-19 06:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-09-13 03:10 - 2014-08-19 06:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-09-13 03:10 - 2014-08-19 06:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-09-13 03:10 - 2014-08-19 06:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-09-13 03:10 - 2014-08-19 06:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-09-13 03:10 - 2014-08-19 06:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-09-13 03:10 - 2014-08-19 06:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-09-13 03:10 - 2014-08-19 06:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-09-13 03:10 - 2014-08-19 06:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-09-13 03:10 - 2014-08-19 06:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-09-13 03:10 - 2014-08-19 06:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-09-13 03:10 - 2014-08-19 06:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-09-13 03:10 - 2014-08-19 06:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-09-13 03:10 - 2014-08-19 05:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-09-13 03:10 - 2014-08-19 05:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-09-13 03:10 - 2014-08-19 05:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-09-13 03:10 - 2014-08-19 05:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-09-13 03:10 - 2014-08-19 05:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-09-13 03:10 - 2014-08-19 05:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-09-13 03:10 - 2014-08-19 05:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-09-13 03:10 - 2014-08-19 05:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-09-13 03:10 - 2014-08-19 05:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-09-13 03:10 - 2014-08-19 05:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-09-13 03:10 - 2014-08-19 05:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-09-13 03:10 - 2014-08-19 05:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-09-13 03:10 - 2014-08-19 05:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-09-13 03:10 - 2014-08-19 05:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-09-13 03:10 - 2014-08-19 05:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-09-13 03:10 - 2014-08-19 05:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-09-13 03:10 - 2014-08-19 05:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-09-13 03:10 - 2014-08-19 05:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-09-13 03:10 - 2014-08-19 05:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-09-13 03:10 - 2014-08-19 05:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-09-13 03:10 - 2014-08-19 05:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-09-13 03:10 - 2014-08-19 05:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-09-13 03:10 - 2014-08-19 05:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-09-13 03:10 - 2014-08-19 05:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-09-13 03:10 - 2014-08-19 05:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-09-13 03:10 - 2014-08-19 05:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-09-13 03:10 - 2014-08-19 05:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-09-13 03:10 - 2014-08-19 05:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-09-13 03:10 - 2014-08-19 05:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-09-13 03:10 - 2014-08-19 05:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-09-13 03:10 - 2014-08-19 05:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-09-13 03:10 - 2014-08-19 05:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-09-13 03:10 - 2014-08-19 04:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-09-13 03:10 - 2014-08-19 04:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-09-13 03:10 - 2014-08-19 04:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-09-13 03:10 - 2014-08-19 04:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-09-13 03:10 - 2014-08-19 04:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-09-13 03:00 - 2014-06-27 10:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll2014-09-13 03:00 - 2014-06-27 09:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll2014-09-12 13:08 - 2014-05-17 10:35 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys2014-09-12 13:07 - 2014-09-21 09:30 - 00000000 ____D () C:\ProgramData\Hotspot Shield2014-09-12 13:07 - 2014-09-12 13:08 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield2014-09-12 13:07 - 2014-09-12 13:07 - 00000000 ____D () C:\Users\mel adriano\AppData\Roaming\Hotspot Shield2014-09-12 13:07 - 2014-09-12 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield2014-09-12 12:51 - 2014-09-12 13:02 - 07787136 _____ () C:\Users\mel adriano\Downloads\HSS-3.42-install-e-550-plain.exe2014-09-12 10:23 - 2014-09-12 10:23 - 00027136 _____ () C:\Users\mel adriano\Downloads\g iwanan.npp2014-09-12 10:21 - 2014-09-12 10:21 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\mel adriano\Downloads\CG_5.0.13.17.exe2014-09-12 08:15 - 2014-08-01 19:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll2014-09-12 08:15 - 2014-08-01 19:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll2014-09-12 08:12 - 2014-06-24 11:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2014-09-12 08:12 - 2014-06-24 10:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll2014-09-12 08:10 - 2014-07-07 10:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-09-12 08:10 - 2014-07-07 10:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-09-12 08:10 - 2014-07-07 09:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-09-12 08:10 - 2014-07-07 09:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2014-09-12 08:10 - 2014-07-07 09:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2014-09-12 08:09 - 2014-09-05 10:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-09-12 08:09 - 2014-09-05 10:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-09-11 09:25 - 2014-09-11 09:25 - 00014859 _____ () C:\Users\mel adriano\Downloads\BRODSS 2016 Meeting - Sept10.xlsx2014-09-11 09:16 - 2014-09-11 09:16 - 00023309 _____ () C:\Users\mel adriano\Downloads\INCUMBENT OFFICERS.Sept. 10, 2014 (1).xlsx2014-09-11 09:16 - 2014-09-11 09:16 - 00016215 _____ () C:\Users\mel adriano\Downloads\PROMINENT MEMBER.SEPT. 10, 2014 (1).xlsx2014-09-11 09:12 - 2014-09-11 09:12 - 00023309 _____ () C:\Users\mel adriano\Downloads\INCUMBENT OFFICERS.Sept. 10, 2014.xlsx2014-09-11 09:12 - 2014-09-11 09:12 - 00016215 _____ () C:\Users\mel adriano\Downloads\PROMINENT MEMBER.SEPT. 10, 2014.xlsx2014-09-09 15:10 - 2014-09-15 13:08 - 11103232 _____ () C:\Users\mel adriano\Downloads\PESSA GMM 2014_PRESENTATION (1).PPT2014-09-09 15:07 - 2014-09-09 15:07 - 00137728 _____ () C:\Users\mel adriano\Downloads\PESSA GMM 2014_PROGRAM.ppt2014-09-08 09:37 - 2014-09-08 09:37 - 00027136 _____ () C:\Users\mel adriano\Downloads\015015000726W (18).xls2014-09-04 09:22 - 2014-09-04 09:22 - 00864256 _____ () C:\Users\mel adriano\Downloads\RE Gel Pak VR-76 COVERS- NEW SHIP DATES- Heads up.msg2014-09-03 10:44 - 2014-09-03 10:44 - 00964172 _____ () C:\Users\mel adriano\Downloads\noname (3).eml2014-09-01 13:32 - 2014-09-01 13:33 - 00028672 _____ () C:\Users\mel adriano\Downloads\015015000726W (17).xls2014-09-01 08:46 - 2014-08-23 10:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2014-09-01 08:46 - 2014-08-23 09:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll2014-09-01 08:46 - 2014-08-23 08:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-09-01 08:44 - 2014-09-01 08:44 - 00004578 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log2014-09-01 08:44 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-09-01 08:44 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2014-09-01 08:44 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2014-09-01 08:44 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-29 09:26 - 2009-07-14 12:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-09-29 09:26 - 2009-07-14 12:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-09-29 09:26 - 2007-10-10 16:16 - 01701045 _____ () C:\Windows\WindowsUpdate.log2014-09-29 09:25 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF2014-09-29 09:24 - 2013-12-06 05:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-09-29 09:23 - 2009-07-14 13:13 - 00871046 _____ () C:\Windows\system32\PerfStringBackup.INI2014-09-29 09:19 - 2010-03-18 13:05 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-09-29 09:17 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-09-29 08:54 - 2010-03-18 13:05 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-09-29 08:49 - 2014-01-24 12:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-09-26 14:49 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\rescache2014-09-26 09:29 - 2012-03-17 12:52 - 00000000 ____D () C:\Users\mel adriano\AppData\Roaming\uTorrent2014-09-26 09:29 - 2010-06-01 08:18 - 00000000 ____D () C:\Users\mel adriano\AppData\Roaming\Skype2014-09-26 09:29 - 2010-05-26 21:16 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\CrashDumps2014-09-26 09:29 - 2010-03-18 05:25 - 00000000 ____D () C:\Users\mel adriano\Tracing2014-09-26 09:29 - 2010-03-16 07:31 - 00000000 ____D () C:\Windows\Minidump2014-09-26 09:29 - 2007-07-12 09:49 - 00000000 ____D () C:\Windows\Panther2014-09-25 19:07 - 2014-07-11 08:00 - 00000000 ____D () C:\ProgramData\Datamngr2014-09-25 16:22 - 2012-03-17 12:53 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\Conduit2014-09-25 15:31 - 2013-11-26 16:02 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-09-25 15:31 - 2013-11-26 16:02 - 00000000 ____D () C:\Users\mel adriano\AppData\Roaming\Malwarebytes2014-09-25 15:31 - 2013-11-26 16:02 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-09-25 15:31 - 2013-11-26 16:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-09-24 13:24 - 2013-12-06 05:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-09-24 13:24 - 2013-12-06 05:54 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-09-24 13:24 - 2012-01-01 12:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-09-22 15:47 - 2013-02-27 17:38 - 00000000 ____D () C:\Users\NANCY BINAY for Sena\AppData\Local\Google2014-09-22 15:47 - 2010-03-16 06:47 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\Google2014-09-22 15:47 - 2009-08-15 15:11 - 00000000 ____D () C:\Program Files (x86)\Google2014-09-22 15:47 - 2009-07-14 11:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy2014-09-22 13:39 - 2010-12-17 13:20 - 00002534 ____H () C:\Users\mel adriano\Downloads\.picasa.ini2014-09-22 13:04 - 2014-01-29 05:13 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\B7883261-4EC6-4108-9E22-538451164341.aplzod2014-09-15 12:56 - 2010-04-20 23:48 - 00484352 ___SH () C:\Users\mel adriano\Documents\Thumbs.db2014-09-15 09:06 - 2010-05-16 07:01 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2014-09-13 03:14 - 2009-08-15 15:04 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-09-13 03:09 - 2010-05-20 12:52 - 00863168 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2014-09-13 03:08 - 2013-11-26 17:11 - 00000000 ____D () C:\Windows\system32\MRT2014-09-13 03:01 - 2010-05-05 10:23 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-09-13 03:00 - 2014-05-06 19:10 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-09-12 17:59 - 2010-06-01 08:19 - 00002069 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-09-12 10:37 - 2010-02-22 13:57 - 00000000 ____D () C:\Users\mel adriano\AppData\Local\VirtualStore2014-09-02 03:18 - 2009-07-14 12:45 - 01002512 _____ () C:\Windows\system32\FNTCACHE.DAT2014-09-01 08:45 - 2013-11-26 15:09 - 00000000 ____D () C:\ProgramData\Oracle2014-09-01 08:44 - 2012-03-17 23:11 - 00000000 ____D () C:\Program Files (x86)\Java Files to move or delete:====================C:\ProgramData\hpe5272.dll Some content of TEMP:====================C:\Users\mel adriano\AppData\Local\Temp\g8ju7sn7.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-26 10:30 ==================== End Of Log ============================